Gang Tan (\gäng tan\) [Vita pdf][Vita html][Contact] Associate Professor James F. Will Career Development Professorship Dept. of Computer Science & Engineering School of Electrical Engineering & Computer Science Penn State University, University Park Affiliated with Institute for Networking and Security Research (video about INSR) and Institute for CyberScience

Research Interests

I lead the Security of Software (SOS) lab at Penn State. In general, I am interested in methodologies that help create reliable and secure software systems:

• Software security
• Programming languages, software engineering

My research group has a postdoc opening: description

Research Projects

• User-space privilege separation
• Binary-level reverse engineering
• GoNative

Some past projects

• Modular Control-Flow Integrity
• Interface Safety in Multilingual Software

News

• (9/2017) NSF/Intel project "CAPA: Lightweight abstract memory features" funded; in collaboration with Lehigh and Arizona State. [Penn State news release]
• (8/2017) Paper "PtrSplit: Supporting General Pointers in Automatic Program Partitioning" accepted at CCS 2017.
• (5/2017) ONR project on Semantics-Directed Binary Reverse Engineering and Transformation Validation funded. Thanks to ONR!
• (10/2016) Congratulations to Ben, whose dissertation won ACM SIGSAC Dissertation Award Runner-Up.
• (3/2016) Keynote talk at MASS 2016 about MCFI/RockJIT/PICFI; Title: "Protecting Dynamic Code by Modular Control-Flow Integrity" [slides].
• (12/2015) Congratulations to Ben, who finished his Ph.D. with thesis "Practical Control-Flow Integrity".
• (7/2015) Paper "Per-Input Control-Flow Integrity" accepted at CCS 2015.
• (6/2015) We are glad to release the source code of MCFI and RockJIT and PiCFI . Please see this GitHub page.
• (12/2014) The RockSalt repository has moved to GitHub. The latest version can be found at here.
• (11/2014) Paper "Producing Hook Placements To Enforce Expected Access Control Policies" accepted at ESSOS 15.
• (8/2014) NSF medium project "Retrofitting software for defense-in-depth" funded; in collaboration with Penn State, Rutgers, and U. of Vermont. [Lehigh news release | local WFMZ news release]
• (7/2014) Paper "RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity" accepted at CCS 2014.
• (5/2014) Congratulations to Siliang, who finished his Ph.D. with thesis "Improving quality of software with foreign function interfaces using static analysis".
• (5/2014) Paper "NativeGuard: Protecting Android Applications from Third-Party Native Libraries" accepted at WiSec 2014.
• (3/2014) Paper "Finding Reference-Counting Errors in Python/C Programs with Affine Analysis" accepted at ECOOP 2014.
• (2/2014) Paper "Modular Control Flow Integrity" accepted at PLDI 2014.
• (1/2014) Invited talk at PiP 2014 [slides].
• (7/2013) A paper about Monitor Integrity Protection (MIP) accepted by CCS 2013.
• (4/2013) Strato paper accepted by Usenix Security 2013.
• (2/2013) We are glad to release the source code of the second version of Robusta (now dubbed Arabica). Please see this page.
• (1/2013) DuPro paper accepted by AsiaCCS 2013.
• Older news...

Events Involved

• Program committee members: Oakland 2018; ECOOP 2018; Oakland 2017; CloudCom 2017; Wisa 2017; ISC 2017; SecDev 2017; Feast 2017; LangSec 2017; CCS 2016; Oakland 2016; ACNS 2016; LangSec 2016; SECURWARE 2016; CCS 2015; APLAS 2015; ASIACCS 2015; CloudCom 2015; SECURWARE 2015; MCS 2015; CCS 2014; ASIACCS 2014; NDSS 2014; SECURWARE 2014; OOPSLA 2013; APLAS 2013; CPP 2013; SPIot 2012; Open 64; WWW 2011 (abuse, security and privacy track); SPIoT 2011; CHINACOM 2010, CHINACOM 2009 (network and information security symposium);
• CPSS 2012: joint summer schools on cryptography and principles of software security
• Security and Programming Language (SePL) seminars at Penn State.

Teaching

• CMPSC 461, Programming Language Concepts, Spring 17
• CSE 597, Special topics on theorem proving and static analysis, Fall 16
• CMPSC 443, Introduction to Computer and Network Security, Spring 16
• CSE 262, Programming Languages, Fall 15, Fall 14, Spring 14, Fall 13, Spring 13, Fall 12, Spring 12, Fall 11, Fall 10
• CSE 411, Advanced Programming Techniques, Fall 15, Fall 14, Fall 13
• CSE 334/434, Software System Security, Fall 12, Fall 10, Fall 08
• CSE 497, Advanced Programming Languages, Fall 11
• CSE 216, Software Engineering, Spring 10, Spring 09
• CSE 397/497, Programming Languages Design & Analysis Fall 09

Representative and Recent Publications (complete list, bibtex entries)

• PtrSplit: Supporting General Pointers in Automatic Program Partitioning. S. Liu, G. Tan, and T. Jaeger. In 24th ACM Conference on Computer and Communications Security (CCS), To appear, 2017. [paper]
• CFG Construction Soundness in Control-Flow Integrity. G. Tan and T. Jaeger. In ACM SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS) , To appear, 2017. [paper]
• ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation. K. Tian, G. Tan, D. Yao, and B. Ryder. In ACM Workshop on Forming an Ecosystem Around Software Transformation (FEAST), To appear, 2017
• Bidirectional Grammars for Machine-Code Decoding and Encoding. G. Tan and G. Morrisett. Journal of Automated Reasoning, To appear, 2017. [paper]
• Detection of Repackaged Android Malware with Code-Heterogeneity Features. K. Tian, D. Yao, B. Rider, G. Tan, and G. Peng. IEEE Transactions on Dependable and Secure Computing, To appear, 2017
• Bidirectional Grammars for Machine-Code Decoding and Encoding. G. Tan and G. Morrisett. In 8th International Conference on Verified Software: Theories, Tools, and Experiments (VSTTE), pages 73–89, 2016. [paper]
• Languages Must Expose Memory Heterogeneity. X. Guo, A. Shrivastava, M. Spear, and G. Tan. In Second International Symposium on Memory Systems (MEMSYS), pages 251–256, 2016. [paper]
• Analysis of Code Heterogeneity for High-Precision Classification of Repackaged Malware. K. Tian, D. Yao, B. G. Ryder, and G. Tan. In Workshop on Mobile Security Technologies (MoST), pages 262–271, 2016. [paper]
• Per-Input Control-Flow Integrity. B. Niu and G. Tan. In 22nd ACM Conference on Computer and Communications Security (CCS), pages 914–926, 2015. [paper]
• Producing Hook Placements to Enforce Expected Access Control Policies. D. Muthukumaran, N. Talele, T. Jaeger, and G. Tan. In 7th International Symposium on Engineering Secure Software and Systems (ESSoS), pages 178–195, 2015. [paper]
• WebC: toward a portable framework for deploying legacy code in web browsers. J. Yin, G. Tan, X. Bai, and S. Hu. Science China Information Sciences, 58(7):1–15, 2015
• JNI Light: an operational model for the core JNI. G. Tan. Mathematical Structures in Computer Science, 25(4):805–840, 2015. [paper]
• RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity. B. Niu and G. Tan. In 21st ACM Conference on Computer and Communications Security (CCS), pages 1317–1328, 2014. [paper]
• Finding Reference-Counting Errors in Python/C Programs with Affine Analysis. S. Li and G. Tan. In European Conference on Object-Oriented Programming (ECOOP), 2014. [paper]
• Modular Control Flow Integrity. B. Niu and G. Tan. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 577–587, 2014. [paper]
• Monitor Integrity Protection with Space Efficiency and Separate Compilation. B. Niu and G. Tan. In 20th ACM Conference on Computer and Communications Security (CCS), 2013. [paper]
• Strato: A Retargetable Framework for Low-Level Inlined-Reference Monitors. B. Zeng, G. Tan, and Ú. Erlingsson. In 22nd Usenix Security Symposium, pages 369–382, 2013. [paper]
• Bringing Java’s wild native world under control. M. Sun, G. Tan, J. Siefers, B. Zeng, and G. Morrisett. ACM Transactions on Information and System Security (TISSEC), 16(3):9:1–9:28, 2013. [paper]
• RockSalt: Better, Faster, Stronger SFI for the x86. G. Morrisett, G. Tan, J. Tassarotti, J.-B. Tristan, and E. Gan. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 395–404, 2012. [paper]
• Combining control-flow integrity and static analysis for efficient and validated data sandboxing. B. Zeng, G. Tan, and G. Morrisett. In 18th ACM Conference on Computer and Communications Security (CCS), pages 29–40, 2011. [paper]
• JET: Exception checking in the Java Native Interface. S. Li and G. Tan. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 345–358, 2011. [paper]
• Semantic Foundations for Typed-Assembly Languages. A. Ahmed, A. Appel, C. Richards, K. Swadi, G. Tan, and D. Wang. ACM Transactions on Programming Languages and Systems, 32(3):1–67, Mar. 2010. [paper]
• Finding bugs in exceptional situations of JNI programs. S. Li and G. Tan. In 16th ACM Conference on Computer and Communications Security (CCS), pages 442–452, 2009. [paper]
• An empirical security study of the native code in the JDK. G. Tan and J. Croft. In 17th Usenix Security Symposium, pages 365–377, 2008. [paper|tech report|presentation]
• ILEA: Inter-Language Analysis across Java and C. G. Tan and G. Morrisett. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 39–56, 2007. [paper|presentation]
• A Compositional Logic for Control Flow. G. Tan and A. Appel. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 80–94, 2006. [paper|presentation]
• Dynamic Typing with Dependent Types. X. Ou, G. Tan, Y. Mandelbaum, and D. Walker. In Proceedings of IFIP 3rd International Conference on Theoretical Computer Science, pages 437–450, 2004. [paper]