W358 Westgate Building
Computer Science & Engineering
Penn State University
University Park, PA 16802

gtan AT psu.edu
Phone: (814) 865-7364
Fax: (814) 865-3176
http://www.cse.psu.edu/~gxt29/

Biographical Information

Education

Professional experience

Research Interests

   Software security, programming languages, formal methods, software engineering.

Honors and Awards

Awards won by my students

Research Funding

Competitively awarded external research grants

University internal research grants

Professional Membership

   ACM member; IEEE senior member.

Publications and Creative Activities

Journal papers and book chapters

1.
Jia, X., Kumar, A., and Tan, G. (2023). A derivative-based parser generator for visibly pushdown grammars. ACM Transactions on Programming Languages and Systems (TOPLAS), 45(9), 1–68. [paper]
2.
Sun, C., Xu, X., Wu, Y., Zeng, D., Tan, G., Ma, S., and Wang, P. (2023a). CryptoEval: Evaluating the risk of cryptographic misuses in Android apps with data-flow analysis. IET Information Security, 17(4), 582–597. [paper]
3.
Liang, K., Tan, J., Zeng, D., Huang, Y., Huang, X., and Tan, G. (2023). ABSLearn: a GNN-based framework for aliasing and buffer-size information retrieval. Pattern Analysis and Application, 26(3), 1171–1189. [paper]
4.
Sun, C., Ma, Y., Zeng, D., Tan, G., Ma, S., and Wu, Y. (2023b). muDep: Mutation-based dependency generation for precise taint analysis on Android native code. IEEE Transactions on Dependable and Secure Computing, pages 1461–1475. [paper]
5.
Norris, M., Celik, Z. B., Rengasamy, P. V., Zhao, S., McDaniel, P. D., Sivasubramaniam, A., and Tan, G. (2022). IoTRepair: Flexible fault handling in diverse IoT deployments. ACM Transactions on Internet of Things, 3(3), 22:1–22:33. [paper]
6.
Huang, Z., Tan, G., and Yu, X. (2022c). Mitigating vulnerabilities in closed source software. EAI Endorsed Transactions on Security and Safety, 8(30), 4. [paper]
7.
Fan, Y., Lin, X., Liang, W., Wang, J., Tan, G., Lei, X., and Lei, J. (2022). TraceChain: a blockchain-based scheme to protect data confidentiality and traceability. Software: Practice and Experience, 52(1), 115–129. [paper]
8.
Singh, A., Dave, S., Zardoshti, P., Brotzman, R., Zhang, C., Guo, X., Shrivastava, A., Tan, G., and Spear, M. F. (2021). SPX64: A scratchpad memory for general-purpose microprocessors. ACM Trans. Archit. Code Optim., 18(1), 14:1–14:26. [paper]
9.
Fan, Y., Bai, J., Lei, X., Lin, W., Hu, Q., Wu, G., Guo, J., and Tan, G. (2021b). PPMCK: Privacy-preserving multi-party computing for k-means clustering. Journal of Parallel and Distributed Computing, 154, 54–63. [paper]
10.
Fan, Y., Liu, S., Lei, X., Li, K.-C., Lin, W., and Tan, G. (2021a). One enhanced secure access scheme for outsourced data. Information Sciences, 561, 230–242
11.
Fan, Y., Bai, J., Lei, X., Zhang, Y., Zhang, B., Li, K.-C., and Tan, G. (2020a). Privacy preserving based logistic regression on big data. Journal of Network and Computer Applications, 171, 102769
12.
Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2020). Using safety properties to generate vulnerability patches. USENIX ;login, 45(4), 23–28. [paper]
13.
Tian, K., Tan, G., Yao, D., and Ryder, B. (2020b). Prioritizing data flows and sinks for app security transformation. Journal of Computers & Security, 92, 101750. [paper]
14.
Tian, K., Yao, D., Rider, B., Tan, G., and Peng, G. (2020a). Detection of repackaged Android malware with code-heterogeneity features. IEEE Transactions on Dependable and Secure Computing, 17(1), 64–77. [paper]
15.
Fan, Y., Zhao, G., Li, K., Zhang, B., Tan, G., Sun, X., and Xia, F. (2020b). SNPL: One scheme of securing nodes in IoT perception layer. Sensors, 20(4), 1090
16.
Celik, Z. B., McDaniel, P., Tan, G., Babun, L., and Uluagac, A. S. (2019c). Verifying internet of things safety and security in physical spaces. IEEE Security and Privacy, 17(5), 30–37. [paper]
17.
Celik, Z. B., Fernandes, E., Pauley, E., Tan, G., and McDaniel, P. (2019b). Program analysis of commodity IoT applications for security and privacy: Opportunities and challenges. ACM Computing Surveys (CSUR), 52, 74:1–74:30. [paper]
18.
Fan, Y., Lin, X., Liang, W., Tan, G., and Nanda, P. (2019b). A secure privacy preserving deduplication scheme for cloud computing. Future Generation Computer Systems, 101, 127–135
19.
Fan, Y., Lin, X., Tan, G., Zhang, Y., Dong, W., and Lei, J. (2019a). One secure data integrity verification scheme for cloud storage. Future Generation Computer Systems, 96, 376–385. [paper]
20.
Li, H., Wang, Y., Yin, J., and Tan, G. (2019). SmartShell: Automated shell scripts synthesis from natural language. International Journal of Software Engineering and Knowledge Engineering, 29(2), 197–220. [paper]
21.
Yin, J., Tan, G., Li, H., Bai, X., Wang, Y., and Hu, S. (2019). Debugopt: Debugging fully optimized natively compiled programs using multistage instrumentation. Science of Computer Programming, 169, 18–32. [paper]
22.
Tan, G. and Niu, B. (2018). Protecting dynamic code. In P. Larsen and A.-R. Sadeghi, editors, The Continuing Arms Race, chapter 2, pages 25–60. [paper]
23.
Fan, Y., Liu, S., Tan, G., and Lin, X. (2018a). CSCAC: one constant-size CPABE access control scheme in trusted execution environment. International Journal of Computational Science and Engineering, pages 162–168
24.
Fan, Y., Liu, S., Tan, G., and Qiao, F. (2018b). Fine-grained access control based on trusted execution environment. Future Generation Computer Systems. [paper]
25.
Tan, G. and Morrisett, G. (2018). Bidirectional grammars for machine-code decoding and encoding. Journal of Automated Reasoning, 60(3), 257–277. [paper]
26.
Tan, G. (2017). Principles and implementation techniques of software-based fault isolation. Foundations and Trends in Privacy and Security, 1(3), 137–198. [paper]. [slides]
27.
Yin, J., Tan, G., Bai, X., and Hu, S. (2015). WebC: Toward a portable framework for deploying legacy code in web browsers. Science China Information Sciences, 58(7), 1–15. [paper]
28.
Tan, G. (2015). JNI Light: an operational model for the core JNI. Mathematical Structures in Computer Science, 25(4), 805–840. [paper]
29.
Li, S. and Tan, G. (2014a). Exception analysis in the Java Native Interface. Science of Computer Programming, 89, 273–297. [paper]
30.
Sun, M., Tan, G., Siefers, J., Zeng, B., and Morrisett, G. (2013). Bringing Java’s wild native world under control. ACM Transactions on Information and System Security (TISSEC), 16(3), 9:1–9:28. [paper]
31.
Bai, S., Yin, J., Tan, G., Wang, Y., and Hu, S. (2011). FDTL: a unified flash memory and hard disk translation layer. IEEE Transactions on Consumer Electronics, 57(4), 1719–1727. [paper]
32.
Kim, E., Huang, X., and Tan, G. (2011). Markup SVG: An online content-aware image abstraction and annotation tool. IEEE Transactions on Multimedia, 13(5), 993–1006. [paper]
33.
Tan, G., Shao, Z., Feng, X., and Cai, H. (2011). Weak updates and separation logic. New Generation Compting, 29(1), 3–29. [paper]
34.
Ahmed, A., Appel, A., Richards, C., Swadi, K., Tan, G., and Wang, D. (2010). Semantic foundations for typed-assembly languages. ACM Transactions on Programming Languages and Systems (TOPLAS), 32(3), 1–67. [paper]
35.
Jiang, M., Zhu, X., Gielen, G. G. E., Drábek, E., Xia, Y., Tan, G., and Bao, T. (2002). Braille to print translations for Chinese. Information & Software Technology, 44(2), 91–100. [paper]

Refereed conference and workshop papers

36.
Ma, C., Wu, D., Tan, G., Kandemir, M., and Zhang, D. (2023). Quantifying and mitigating cache side channel leakage with differential set. Proceedings of the ACM on Programming Languages, (OOPSLA), To appear
37.
Zhang, J., Morrisett, G., and Tan, G. (2023). Interval parsing grammars for file format parsing. Proceedings of the ACM on Programming Languages, 7(PLDI), 1073–1095. [paper]
38.
Wu, Y., Sun, C., Zeng, D., Tan, G., Ma, S., and Wang, P. (2023). LibScan: Towards more precise Third-Party library identification for Android applications. In 32nd USENIX Security Symposium (USENIX Security), pages 3385–3402. [paper]
39.
Monjezi, V., Trivedi, A., Tan, G., and Tizpaz-Niari, S. (2023). Information-theoretic testing and debugging of fairness defects in deep neural networks. In 45th International Conference on Software Engineering (ICSE), pages 1571–1582. [paper]
40.
Kumar, A., Harris, B., and Tan, G. (2023). DISV: Domain independent semantic validation of data files. In 9th Workshop on Language-Theoretic Security (LangSec). Best paper award. [paper]
41.
Tian, Z., Sun, C., Zeng, D., and Tan, G. (2023). podft: On accelerating dynamic taint analysis with precise path optimization. In Workshop on Binary Analysis Research (BAR). [paper]
42.
Huang, Y., Narayanan, V., Detweiler, D., Huang, K., Tan, G., Jaeger, T., and Burtsev, A. (2022b). Ksplit: Automating device driver isolation. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI’22), pages 613–631. [paper]
43.
Tizpaz-Niari, S., Kumar, A., Tan, G., and Trivedi, A. (2022). Fairness-aware configuration of machine learning libraries. In 44th International Conference on Software Engineering (ICSE), pages 909–920. [paper]
44.
Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2022). Binpointer: Towards precise, sound, and scalable binary-level pointer analysis. In ACM SIGPLAN 2022 International Conference Compiler Construction (CC), pages 169–180. [paper]
45.
Pauley, E., Tan, G., Zhang, D., and McDaniel, P. D. (2022). Performant binary fuzzing without source code using static instrumentation. In 10th IEEE Conference on Communications and Network Security (CNS), pages 226–235. [paper]
46.
Wang, Y.-P., Hu, X.-Q., Zou, Z.-X., Tan, W., and Tan, G. (2022). ROS-SF: A transparent and efficient ROS middleware using serialization-free message. In 23rd ACM/IFIP Middleware Conference, pages 82–93
47.
Beugin, Y., Burke, Q., Hoak, B., Sheatsley, R., Pauley, E., Tan, G., Hussain, S. R., and McDaniel, P. (2022). Building a privacy-preserving smart camera system. In Privacy Enhancing Technologies Symposium (PETS), pages 25–46. [paper]
48.
Huang, K., Huang, Y., Payer, M., Qian, Z., Sampson, J., Tan, G., and Jaeger, T. (2022a). The taming of the stack: Isolating stack data from memory errors. In Network and Distributed System Security Symposium (NDSS). [paper]
49.
Sarracino, J., Tan, G., and Morrisett, G. (2022). Certified parsing of dependent grammars. In 8th Workshop on Language-Theoretic Security (LangSec). [paper]
50.
Zhang, Y., Liu, X., Sun, C., Zeng, D., Tan, G., Kan, X., and Ma, S. (2021). ReCFA: Resilient control-flow attestation. In Annual Computer Security Applications Conference (ACSAC), pages 311–322. [paper]
51.
Jia, X., Kumar, A., and Tan, G. (2021). A derivative-based parser generator for visibly pushdown grammars. Proceedings of the ACM on Programming Languages, 5(OOPSLA), 1–24. [paper]
52.
Brotzman, R., Zhang, D., Kandemir, M., and Tan, G. (2021b). SpecSafe: Detecting cache side channels in a speculative world. Proceedings of the ACM on Programming Languages, 5(OOPSLA), 1–28. [paper]
53.
Zeng, D., Niu, B., and Tan, G. (2021). MazeRunner: Evaluating the attack surface of control-flow integrity policies. In 20th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom), pages 810–821
54.
Kan, X., Sun, C., Liu, S., Huang, Y., Tan, G., Ma, S., and Zhang, Y. (2021). Sdft: A PDG-based summarization for efficient dynamic data flow tracking. In 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS)
55.
Muntean, P., Viehoever, R., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2021). iTOP: Automating counterfeit object-oriented programming attacks. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 162–176. [paper]
56.
Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2021). Refining indirect call targets at the binary level. In Network and Distributed System Security Symposium (NDSS). [paper]
57.
Brotzman, R., Zhang, D., Kandemir, M., and Tan, G. (2021a). Ghost thread: Effective user-space cache side channel protection. In 11th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 233–244. [paper]
58.
Huang, Z., Jaeger, T., and Tan, G. (2021). Fine-grained program partitioning for security. In 14th European Workshop on Systems Security (EuroSec), pages 21–26. [paper]
59.
Paranjpe, A. and Tan, G. (2021). Bohemia: A validator for parser frameworks. In 7th Workshop on Language-Theoretic Security (LangSec). [paper]
60.
Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2020). rhoFEM: Efficient backward-edge protection using reversed forward-edge mappings. In Annual Computer Security Applications Conference (ACSAC), pages 466–479. [paper]
61.
Ahmed, M. S., Xiao, Y., Snow, K. Z., Tan, G., Monrose, F., and Yao, D. (2020). Methodologies for quantifying (re-)randomization security and timing under JIT-ROP. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1803–1820. [paper]
62.
Norris, M., Celik, Z. B., Venkatesh, P., Zhao, S., McDaniel, P. D., Sivasubramaniam, A., and Tan, G. (2020). IoTRepair: Systematically addressing device faults in commodity IoT. In 5th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), pages 142–148. [paper]
63.
Narayanan, V., Huang, Y., Tan, G., Jaeger, T., and Burtsev, A. (2020). Lightweight kernel isolation with virtualization and VM functions. 16th ACM International Conference on Virtual Execution Environments (VEE), pages 157–171. Best paper award. [paper]
64.
Liu, S., Zeng, D., Huang, Y., Capobianco, F., McCamant, S., Jaeger, T., and Tan, G. (2019). Program-mandering: Quantitative privilege separation. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1023–1040. [paper]
65.
Wang, Y.-P., Hu, X.-Q., Zou, Z.-X., Tan, W., and Tan, G. (2019). IVT: an efficient method for sharing subtype polymorphic objects. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 130:1–130:22. [paper]
66.
Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2019). LLVM-CFI: Analyzing static control flow integrity protections. In Annual Computer Security Applications Conference (ACSAC), pages 584–597. [paper]
67.
Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2019). Using safety properties to generate vulnerability patches. In IEEE Symposium on Security and Privacy (S&P), pages 539–554. [paper]
68.
Brotzman, R., Liu, S., Zhang, D., Tan, G., and Kandemir, M. (2019). CaSym: Cache aware symbolic execution for side channel detection and mitigation. In IEEE Symposium on Security and Privacy (S&P), pages 364–380. [paper]
69.
Celik, Z. B., Tan, G., and McDaniel, P. (2019a). IoTGuard: Dynamic enforcement of security and safety policy in commodity IoT. In Network and Distributed System Security Symposium (NDSS). [paper]
70.
Huang, Z. and Tan, G. (2019). Rapidly mitigating vulnerabilities with security workarounds. In Workshop on Binary Analysis Research (BAR). [paper]
71.
Muntean, P., Fischer, M., Tan, G., Lin, Z., Grossklags, J., and Eckert, C. (2018). tauCFI: Type-assisted control flow integrity for x86-64 binaries. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 423–444. [paper]
72.
Celik, Z. B., Babun, L., Sikder, A. K., Aksu, H., Tan, G., McDaniel, P., and Uluagac, A. S. (2018a). Sensitive information tracking in commodity IoT. In 27th Usenix Security Symposium, pages 1687–1704. [paper]
73.
Celik, Z. B., McDaniel, P., and Tan, G. (2018b). Soteria: Automated IoT safety and security analysis. In USENIX Annual Technical Conference (ATC), pages 147–158. [paper]
74.
Fan, Y., Liu, S., Tan, G., Lin, X., Zhao, G., and Bai, J. (2018c). One secure access scheme based on trusted execution environment. In 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom), pages 16–21. [paper]
75.
Zeng, D. and Tan, G. (2018). From debugging-information based binary-level type inference to CFG generation. In 8th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 366–376. Outstanding paper award. [paper]
76.
Liu, S., Tan, G., and Jaeger, T. (2017). PtrSplit: Supporting general pointers in automatic program partitioning. In 24th ACM Conference on Computer and Communications Security (CCS), pages 2359–2371. [paper]
77.
Tan, G. and Jaeger, T. (2017). CFG construction soundness in control-flow integrity. In ACM SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS), pages 3–13. [paper]
78.
Tian, K., Tan, G., Yao, D., and Ryder, B. (2017). ReDroid: Prioritizing data flows and sinks for app security transformation. In ACM Workshop on Forming an Ecosystem Around Software Transformation (FEAST), pages 35–41. [paper]
79.
Tan, G. and Morrisett, G. (2016). Bidirectional grammars for machine-code decoding and encoding. In 8th International Conference on Verified Software: Theories, Tools, and Experiments (VSTTE), pages 73–89. [paper]
80.
Guo, X., Shrivastava, A., Spear, M., and Tan, G. (2016). Languages must expose memory heterogeneity. In Second International Symposium on Memory Systems (MEMSYS), pages 251–256. [paper]
81.
Tian, K., Yao, D., Ryder, B. G., and Tan, G. (2016). Analysis of code heterogeneity for high-precision classification of repackaged malware. In Workshop on Mobile Security Technologies (MoST), pages 262–271. [paper]
82.
Niu, B. and Tan, G. (2015). Per-input control-flow integrity. In 22nd ACM Conference on Computer and Communications Security (CCS), pages 914–926. [paper]. [webpage]
83.
Muthukumaran, D., Talele, N., Jaeger, T., and Tan, G. (2015). Producing hook placements to enforce expected access control policies. In 7th International Symposium on Engineering Secure Software and Systems (ESSoS), pages 178–195. [paper]
84.
Ganapathy, V., Jaeger, T., Skalka, C., and Tan, G. (2014). Assurance for defense-in-depth via retrofitting. In 8th Layered Assurance Workshop (LAW). [paper]
85.
Niu, B. and Tan, G. (2014b). RockJIT: Securing just-in-time compilation using modular control-flow integrity. In 21st ACM Conference on Computer and Communications Security (CCS), pages 1317–1328. [paper]
86.
Li, S. and Tan, G. (2014b). Finding reference-counting errors in Python/C programs with affine analysis. In European Conference on Object-Oriented Programming (ECOOP), pages 80–104. [paper]
87.
Sun, M. and Tan, G. (2014). NativeGuard: Protecting Android applications from third-party native libraries. In 7th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec), pages 165–176. [paper]
88.
Niu, B. and Tan, G. (2014a). Modular control-flow integrity. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 577–587. [paper]. [webpage]
89.
Niu, B. and Tan, G. (2013b). Monitor integrity protection with space efficiency and separate compilation. In 20th ACM Conference on Computer and Communications Security (CCS), pages 199–210. [paper]
90.
Zeng, B., Tan, G., and Erlingsson, Ú. (2013). Strato: A retargetable framework for low-level inlined-reference monitors. In 22nd Usenix Security Symposium, pages 369–382. [paper]
91.
Niu, B. and Tan, G. (2013a). Efficient user-space information flow control. In 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), pages 131–142. [paper]
92.
Su, X., Chuah, M.-C., and Tan, G. (2012). Smartphone dual defense protection framework: Detecting malicious applications in Android markets. In 8th International Conference on Mobile Ad-hoc and Sensor Networks, pages 153–160. [paper]
93.
Li, S., Liu, D. Y., and Tan, G. (2012). JATO: Native code atomicity for Java. In Asian Symposium on Programming Languages and Systems (APLAS), pages 2–17. [paper]
94.
Sun, M. and Tan, G. (2012). JVM-portable sandboxing of Java’s native libraries. In 17th European Symposium on Research in Computer Security (ESORICS), pages 842–858. [paper]. [webpage]
95.
Niu, B. and Tan, G. (2012). Enforcing user-space privilege separation with declarative architectures. In Proceedings of the Sixth ACM Workshop on Scalable Trusted Computing (STC), pages 9–20. [paper]
96.
Morrisett, G., Tan, G., Tassarotti, J., Tristan, J.-B., and Gan, E. (2012). Rocksalt: Better, faster, stronger SFI for the x86. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 395–404. [paper]. [webpage]
97.
Zeng, B., Tan, G., and Morrisett, G. (2011). Combining control-flow integrity and static analysis for efficient and validated data sandboxing. In 18th ACM Conference on Computer and Communications Security (CCS), pages 29–40. [paper]
98.
Li, S. and Tan, G. (2011). JET: Exception checking in the Java Native Interface. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 345–358. [paper]
99.
Fedynyshyn, G., Chuah, M. C., and Tan, G. (2011). Detection and classification of different botnet C&C channels. In 8th International Conference on Autonomic and Trusted Computing (ATC), pages 228–242. [paper]
100.
Tan, G. (2010). JNI Light: An operational model for the core JNI. In Asian Symposium on Programming Languages and Systems (APLAS), pages 114–130. [paper]
101.
Kim, E., Huang, X., Tan, G., Long, L. R., and Antani, S. K. (2010). A hierarchical SVG image abstraction layer for medical imaging. In SPIE Medical Imaging: Advanced PACS-based Imaging Informaticsand Therapeutic Applications, volume 7628. [paper]
102.
Siefers, J., Tan, G., and Morrisett, G. (2010). Robusta: Taming the native beast of the JVM. In 17th ACM Conference on Computer and Communications Security (CCS), pages 201–211. [paper]. [webpage]. [slides]
103.
Tan, G., Shao, Z., Feng, X., and Cai, H. (2009). Weak updates and separation logic. In Asian Symposium on Programming Languages and Systems (APLAS), pages 178–193. [paper]
104.
Lopresti, D. P., Zhou, X., Huang, X., and Tan, G. (2009). Document analysis support for the manual auditing of elections. In 10th International Conference on Document Analysis and Recognition (ICDAR), pages 733–737
105.
Li, S. and Tan, G. (2009). Finding bugs in exceptional situations of JNI programs. In 16th ACM Conference on Computer and Communications Security (CCS), pages 442–452. [paper]
106.
Appel, A. W., Ginsburg, M., Hursti, H., Kernighan, B. W., Richards, C. D., Tan, G., and Venetis, P. (2009). The New Jersey voting-machine lawsuit and the AVC advantage DRE voting machine. In Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (EVT/WOTE). [paper]
107.
Tan, G. and Croft, J. (2008). An empirical security study of the native code in the JDK. In 17th Usenix Security Symposium, pages 365–377. [paper]. [slides]. [tech report]
108.
Tan, G. and Morrisett, G. (2007). ILEA: Inter-language analysis across Java and C. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 39–56. [paper]. [slides]
109.
Tan, G., Chen, Y., and Jakubowski, M. H. (2006a). Delayed and controlled failures in tamper-resistant software. In 8th International Workshop on Information Hiding (IH), pages 216–231. [paper]. [slides]
110.
Tan, G., Appel, A., Chakradhar, S., Raghunathan, A., Ravi, S., and Wang, D. (2006b). Safe Java Native Interface. In IEEE International Symposium on Secure Software Engineering, pages 97–106. [paper]. [slides]
111.
Tan, G. and Appel, A. (2006). A compositional logic for control flow. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 80–94. [paper]. [slides]
112.
Marino, D., Chin, B., Millstein, T., Tan, G., Simmons, R. J., and Walker, D. (2006). Mechanized metatheory for user-defined type extensions. In Workshop on Mechanizing Metatheory
113.
Ou, X., Tan, G., Mandelbaum, Y., and Walker, D. (2004). Dynamic typing with dependent types. In Proceedings of IFIP 3rd International Conference on Theoretical Computer Science, pages 437–450. [paper]
114.
Tan, G., Appel, A., Swadi, K., and Wu, D. (2004). Construction of a semantic model for a typed assembly language. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 30–43. [paper]. [slides]
115.
Tan, G., Ou, X., and Walker, D. (2003). Enforcing resource usage protocols via scoped methods. In Proceedings of 10th International Workshop on Foundations of Object-Oriented Languages (FOOL). [paper]
116.
Jiang, M., Zhu, X., Xia, Y., Tan, G., Yuan, B., and Tang, X. (2000). Segmentation of mandarin braille word and braille translation based on multi-knowledge. In 5th International Conference on Signal Processing (ICSP), pages 2070–2073. [paper]

Other papers

Patents

Publicly released software

Presentations

Invited talks at professional conferences and summer schools

Invited talks at university colloquiums and seminars

Paper presentations at professional conferences

Teaching and Advising

Courses taught (unless noted otherwise, all courses are 3-credit courses)

Current Ph.D. students

Graduated Ph.D. students

Past Postdocs

Graduated Master’s Students

Member of Ph.D. thesis committees

Member of M.S. thesis committees

Undergraduate research advising

Services

Service to the professional community

Service to the School of EECS and the CSE Department of Penn State

Service to Penn State

Service to Lehigh University