W358 Westgate Building
Computer Science & Engineering
Penn State University
University Park, PA 16802

gtan AT psu.edu
Phone: (814) 865-7364
Fax: (814) 865-3176
http://www.cse.psu.edu/~gxt29/

Biographical Information

Education

Professional experience

Research Interests

   Software security, programming languages, formal methods, software engineering.

Honors and Awards

Awards won by my students

Research Funding

Competitively awarded external research grants

University internal research grants

Professional Membership

   ACM member; IEEE senior member.

Publications and Creative Activities

Journal papers and book chapters

1.
Sun, C., Ma, Y., Zeng, D., Tan, G., Ma, S., and Wu, Y. (2022). muDep: Mutation-based dependency generation for precise taint analysis on android native code. IEEE Transactions on Dependable and Secure Computing, page To appear
2.
Singh, A., Dave, S., Zardoshti, P., Brotzman, R., Zhang, C., Guo, X., Shrivastava, A., Tan, G., and Spear, M. F. (2021). SPX64: A scratchpad memory for general-purpose microprocessors. ACM Trans. Archit. Code Optim., 18(1), 14:1–14:26. [paper]
3.
Fan, Y., Bai, J., Lei, X., Lin, W., Hu, Q., Wu, G., Guo, J., and Tan, G. (2021b). PPMCK: Privacy-preserving multi-party computing for k-means clustering. Journal of Parallel and Distributed Computing, 154, 54–63. [paper]
4.
Fan, Y., Liu, S., Lei, X., Li, K.-C., Lin, W., and Tan, G. (2021a). One enhanced secure access scheme for outsourced data. Information Sciences, 561, 230–242
5.
Fan, Y., Bai, J., Lei, X., Zhang, Y., Zhang, B., Li, K.-C., and Tan, G. (2020a). Privacy preserving based logistic regression on big data. Journal of Network and Computer Applications, 171, 102769
6.
Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2020). Using safety properties to generate vulnerability patches. USENIX ;login, 45(4), 23–28. [paper]
7.
Tian, K., Tan, G., Yao, D., and Ryder, B. (2020b). Prioritizing data flows and sinks for app security transformation. Journal of Computers & Security, 92, 101750. [paper]
8.
Tian, K., Yao, D., Rider, B., Tan, G., and Peng, G. (2020a). Detection of repackaged Android malware with code-heterogeneity features. IEEE Transactions on Dependable and Secure Computing, 17(1), 64–77. [paper]
9.
Fan, Y., Zhao, G., Li, K., Zhang, B., Tan, G., Sun, X., and Xia, F. (2020b). SNPL: One scheme of securing nodes in IoT perception layer. Sensors, 20(4), 1090
10.
Celik, Z. B., McDaniel, P., Tan, G., Babun, L., and Uluagac, A. S. (2019c). Verifying internet of things safety and security in physical spaces. IEEE Security and Privacy, 17(5), 30–37. [paper]
11.
Celik, Z. B., Fernandes, E., Pauley, E., Tan, G., and McDaniel, P. (2019b). Program analysis of commodity IoT applications for security and privacy: Opportunities and challenges. ACM Computing Surveys (CSUR), 52, 74:1–74:30. [paper]
12.
Fan, Y., Lin, X., Tan, G., Liang, W., Lei, J., and Lei, X. (2019c). Tracechain: a blockchain-based scheme to protect data confidentiality and traceability. Software: Practice and Experience. [paper]
13.
Fan, Y., Lin, X., Liang, W., Tan, G., and Nanda, P. (2019b). A secure privacy preserving deduplication scheme for cloud computing. Future Generation Computer Systems, 101, 127–135
14.
Fan, Y., Lin, X., Tan, G., Zhang, Y., Dong, W., and Lei, J. (2019a). One secure data integrity verification scheme for cloud storage. Future Generation Computer Systems, 96, 376–385. [paper]
15.
Li, H., Wang, Y., Yin, J., and Tan, G. (2019). SmartShell: Automated shell scripts synthesis from natural language. International Journal of Software Engineering and Knowledge Engineering, 29(2), 197–220. [paper]
16.
Yin, J., Tan, G., Li, H., Bai, X., Wang, Y., and Hu, S. (2019). Debugopt: Debugging fully optimized natively compiled programs using multistage instrumentation. Science of Computer Programming, 169, 18–32. [paper]
17.
Tan, G. and Niu, B. (2018). Protecting dynamic code. In P. Larsen and A.-R. Sadeghi, editors, The Continuing Arms Race, chapter 2, pages 25–60. [paper]
18.
Fan, Y., Liu, S., Tan, G., and Lin, X. (2018a). CSCAC: one constant-size CPABE access control scheme in trusted execution environment. International Journal of Computational Science and Engineering, pages 162–168
19.
Fan, Y., Liu, S., Tan, G., and Qiao, F. (2018b). Fine-grained access control based on trusted execution environment. Future Generation Computer Systems. [paper]
20.
Tan, G. and Morrisett, G. (2018). Bidirectional grammars for machine-code decoding and encoding. Journal of Automated Reasoning, 60(3), 257–277. [paper]
21.
Tan, G. (2017). Principles and implementation techniques of software-based fault isolation. Foundations and Trends in Privacy and Security, 1(3), 137–198. [paper]. [slides]
22.
Yin, J., Tan, G., Bai, X., and Hu, S. (2015). WebC: Toward a portable framework for deploying legacy code in web browsers. Science China Information Sciences, 58(7), 1–15. [paper]
23.
Tan, G. (2015). JNI Light: an operational model for the core JNI. Mathematical Structures in Computer Science, 25(4), 805–840. [paper]
24.
Li, S. and Tan, G. (2014a). Exception analysis in the Java Native Interface. Science of Computer Programming, 89, 273–297. [paper]
25.
Sun, M., Tan, G., Siefers, J., Zeng, B., and Morrisett, G. (2013). Bringing Java’s wild native world under control. ACM Transactions on Information and System Security (TISSEC), 16(3), 9:1–9:28. [paper]
26.
Bai, S., Yin, J., Tan, G., Wang, Y., and Hu, S. (2011). FDTL: a unified flash memory and hard disk translation layer. IEEE Transactions on Consumer Electronics, 57(4), 1719–1727. [paper]
27.
Kim, E., Huang, X., and Tan, G. (2011). Markup SVG: An online content-aware image abstraction and annotation tool. IEEE Transactions on Multimedia, 13(5), 993–1006. [paper]
28.
Tan, G., Shao, Z., Feng, X., and Cai, H. (2011). Weak updates and separation logic. New Generation Compting, 29(1), 3–29. [paper]
29.
Ahmed, A., Appel, A., Richards, C., Swadi, K., Tan, G., and Wang, D. (2010). Semantic foundations for typed-assembly languages. ACM Transactions on Programming Languages and Systems (TOPLAS), 32(3), 1–67. [paper]
30.
Jiang, M., Zhu, X., Gielen, G. G. E., Drábek, E., Xia, Y., Tan, G., and Bao, T. (2002). Braille to print translations for Chinese. Information & Software Technology, 44(2), 91–100. [paper]

Refereed conference and workshop papers

31.
Huang, Y., Narayanan, V., Detweiler, D., Huang, K., Tan, G., Jaeger, T., and Burtsev, A. (2022b). Ksplit: Automating device driver isolation. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI’22), page To appear. [paper]
32.
Tizpaz-Niari, S., Kumar, A., Tan, G., and Trivedi, A. (2022). Fairness-aware configuration of machine learning libraries. In 44th International Conference on Software Engineering (ICSE), page To appear. [paper]
33.
Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2022). Binpointer: Towards precise, sound, and scalable binary-level pointer analysis. In ACM SIGPLAN 2022 International Conference Compiler Construction (CC), page To appear. [paper]
34.
Wang, Y.-P., Hu, X.-Q., Zou, Z.-X., Tan, W., and Tan, G. (2022). ROS-SF: A transparent and efficient ROS middleware using serialization-free message. In 23rd ACM/IFIP Middleware Conference, page To appear
35.
Beugin, Y., Burke, Q., Hoak, B., Sheatsley, R., Pauley, E., Tan, G., Hussain, S. R., and McDaniel, P. (2022). Building a privacy-preserving smart camera system. In Privacy Enhancing Technologies Symposium (PETS), page To appear. [paper]
36.
Huang, K., Huang, Y., Payer, M., Qian, Z., Sampson, J., Tan, G., and Jaeger, T. (2022a). The taming of the stack: Isolating stack data from memory errors. In Network and Distributed System Security Symposium (NDSS). [paper]
37.
Zhang, Y., Liu, X., Sun, C., Zeng, D., Tan, G., Kan, X., and Ma, S. (2021). ReCFA: Resilient control-flow attestation. In Annual Computer Security Applications Conference (ACSAC), pages 311–322. [paper]
38.
Jia, X., Kumar, A., and Tan, G. (2021). A derivative-based parser generator for visibly pushdown grammars. Proceedings of the ACM on Programming Languages, 5(OOPSLA), 1–24. [paper]
39.
Brotzman, R., Zhang, D., Kandemir, M., and Tan, G. (2021b). SpecSafe: Detecting cache side channels in a speculative world. Proceedings of the ACM on Programming Languages, 5(OOPSLA), 1–28. [paper]
40.
Zeng, D., Niu, B., and Tan, G. (2021). MazeRunner: Evaluating the attack surface of control-flow integrity policies. In 20th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom), page To appear
41.
Kan, X., Sun, C., Liu, S., Huang, Y., Tan, G., Ma, S., and Zhang, Y. (2021). Sdft: A PDG-based summarization for efficient dynamic data flow tracking. In 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS)
42.
Muntean, P., Viehoever, R., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2021). iTOP: Automating counterfeit object-oriented programming attacks. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 162–176. [paper]
43.
Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2021). Refining indirect call targets at the binary level. In Network and Distributed System Security Symposium (NDSS). [paper]
44.
Brotzman, R., Zhang, D., Kandemir, M., and Tan, G. (2021a). Ghost thread: Effective user-space cache side channel protection. In 11th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 233–244. [paper]
45.
Huang, Z., Jaeger, T., and Tan, G. (2021). Fine-grained program partitioning for security. In 14th European Workshop on Systems Security (EuroSec), pages 21–26. [paper]
46.
Paranjpe, A. and Tan, G. (2021). Bohemia: A validator for parser frameworks. In 7th Workshop on Language-Theoretic Security (LangSec). [paper]
47.
Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2020). rhoFEM: Efficient backward-edge protection using reversed forward-edge mappings. In Annual Computer Security Applications Conference (ACSAC), pages 466–479. [paper]
48.
Ahmed, M. S., Xiao, Y., Snow, K. Z., Tan, G., Monrose, F., and Yao, D. (2020). Methodologies for quantifying (re-)randomization security and timing under JIT-ROP. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1803–1820. [paper]
49.
Norris, M., Celik, Z. B., Venkatesh, P., Zhao, S., McDaniel, P. D., Sivasubramaniam, A., and Tan, G. (2020). IoTRepair: Systematically addressing device faults in commodity IoT. In 5th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), pages 142–148. [paper]
50.
Narayanan, V., Huang, Y., Tan, G., Jaeger, T., and Burtsev, A. (2020). Lightweight kernel isolation with virtualization and VM functions. 16th ACM International Conference on Virtual Execution Environments (VEE), pages 157–171. [paper]
51.
Liu, S., Zeng, D., Huang, Y., Capobianco, F., McCamant, S., Jaeger, T., and Tan, G. (2019). Program-mandering: Quantitative privilege separation. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1023–1040. [paper]
52.
Wang, Y.-P., Hu, X.-Q., Zou, Z.-X., Tan, W., and Tan, G. (2019). IVT: an efficient method for sharing subtype polymorphic objects. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 130:1–130:22. [paper]
53.
Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., and Eckert, C. (2019). LLVM-CFI: Analyzing static control flow integrity protections. In Annual Computer Security Applications Conference (ACSAC), pages 584–597. [paper]
54.
Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2019). Using safety properties to generate vulnerability patches. In IEEE Symposium on Security and Privacy (S&P), pages 539–554. [paper]
55.
Brotzman, R., Liu, S., Zhang, D., Tan, G., and Kandemir, M. (2019). CaSym: Cache aware symbolic execution for side channel detection and mitigation. In IEEE Symposium on Security and Privacy (S&P), pages 364–380. [paper]
56.
Celik, Z. B., Tan, G., and McDaniel, P. (2019a). IoTGuard: Dynamic enforcement of security and safety policy in commodity IoT. In Network and Distributed System Security Symposium (NDSS). [paper]
57.
Huang, Z. and Tan, G. (2019). Rapidly mitigating vulnerabilities with security workarounds. In Workshop on Binary Analysis Research (BAR). [paper]
58.
Muntean, P., Fischer, M., Tan, G., Lin, Z., Grossklags, J., and Eckert, C. (2018). tauCFI: Type-assisted control flow integrity for x86-64 binaries. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 423–444. [paper]
59.
Celik, Z. B., Babun, L., Sikder, A. K., Aksu, H., Tan, G., McDaniel, P., and Uluagac, A. S. (2018a). Sensitive information tracking in commodity IoT. In 27th Usenix Security Symposium, pages 1687–1704. [paper]
60.
Celik, Z. B., McDaniel, P., and Tan, G. (2018b). Soteria: Automated IoT safety and security analysis. In USENIX Annual Technical Conference (ATC), pages 147–158. [paper]
61.
Fan, Y., Liu, S., Tan, G., Lin, X., Zhao, G., and Bai, J. (2018c). One secure access scheme based on trusted execution environment. In 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom), pages 16–21. [paper]
62.
Zeng, D. and Tan, G. (2018). From debugging-information based binary-level type inference to CFG generation. In 8th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 366–376. Outstanding paper award. [paper]
63.
Liu, S., Tan, G., and Jaeger, T. (2017). PtrSplit: Supporting general pointers in automatic program partitioning. In 24th ACM Conference on Computer and Communications Security (CCS), pages 2359–2371. [paper]
64.
Tan, G. and Jaeger, T. (2017). CFG construction soundness in control-flow integrity. In ACM SIGSAC Workshop on Programming Languages and Analysis for Security (PLAS), pages 3–13. [paper]
65.
Tian, K., Tan, G., Yao, D., and Ryder, B. (2017). ReDroid: Prioritizing data flows and sinks for app security transformation. In ACM Workshop on Forming an Ecosystem Around Software Transformation (FEAST), pages 35–41. [paper]
66.
Tan, G. and Morrisett, G. (2016). Bidirectional grammars for machine-code decoding and encoding. In 8th International Conference on Verified Software: Theories, Tools, and Experiments (VSTTE), pages 73–89. [paper]
67.
Guo, X., Shrivastava, A., Spear, M., and Tan, G. (2016). Languages must expose memory heterogeneity. In Second International Symposium on Memory Systems (MEMSYS), pages 251–256. [paper]
68.
Tian, K., Yao, D., Ryder, B. G., and Tan, G. (2016). Analysis of code heterogeneity for high-precision classification of repackaged malware. In Workshop on Mobile Security Technologies (MoST), pages 262–271. [paper]
69.
Niu, B. and Tan, G. (2015). Per-input control-flow integrity. In 22nd ACM Conference on Computer and Communications Security (CCS), pages 914–926. [paper]. [webpage]
70.
Muthukumaran, D., Talele, N., Jaeger, T., and Tan, G. (2015). Producing hook placements to enforce expected access control policies. In 7th International Symposium on Engineering Secure Software and Systems (ESSoS), pages 178–195. [paper]
71.
Ganapathy, V., Jaeger, T., Skalka, C., and Tan, G. (2014). Assurance for defense-in-depth via retrofitting. In 8th Layered Assurance Workshop (LAW). [paper]
72.
Niu, B. and Tan, G. (2014b). RockJIT: Securing just-in-time compilation using modular control-flow integrity. In 21st ACM Conference on Computer and Communications Security (CCS), pages 1317–1328. [paper]
73.
Li, S. and Tan, G. (2014b). Finding reference-counting errors in Python/C programs with affine analysis. In European Conference on Object-Oriented Programming (ECOOP), pages 80–104. [paper]
74.
Sun, M. and Tan, G. (2014). NativeGuard: Protecting Android applications from third-party native libraries. In 7th ACM Conference on Security & Privacy in Wireless and Mobile Networks (WiSec), pages 165–176. [paper]
75.
Niu, B. and Tan, G. (2014a). Modular control-flow integrity. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 577–587. [paper]. [webpage]
76.
Niu, B. and Tan, G. (2013b). Monitor integrity protection with space efficiency and separate compilation. In 20th ACM Conference on Computer and Communications Security (CCS), pages 199–210. [paper]
77.
Zeng, B., Tan, G., and Erlingsson, Ú. (2013). Strato: A retargetable framework for low-level inlined-reference monitors. In 22nd Usenix Security Symposium, pages 369–382. [paper]
78.
Niu, B. and Tan, G. (2013a). Efficient user-space information flow control. In 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), pages 131–142. [paper]
79.
Su, X., Chuah, M.-C., and Tan, G. (2012). Smartphone dual defense protection framework: Detecting malicious applications in Android markets. In 8th International Conference on Mobile Ad-hoc and Sensor Networks, pages 153–160. [paper]
80.
Li, S., Liu, D. Y., and Tan, G. (2012). JATO: Native code atomicity for Java. In Asian Symposium on Programming Languages and Systems (APLAS), pages 2–17. [paper]
81.
Sun, M. and Tan, G. (2012). JVM-portable sandboxing of Java’s native libraries. In 17th European Symposium on Research in Computer Security (ESORICS), pages 842–858. [paper]. [webpage]
82.
Niu, B. and Tan, G. (2012). Enforcing user-space privilege separation with declarative architectures. In Proceedings of the Sixth ACM Workshop on Scalable Trusted Computing (STC), pages 9–20. [paper]
83.
Morrisett, G., Tan, G., Tassarotti, J., Tristan, J.-B., and Gan, E. (2012). Rocksalt: Better, faster, stronger SFI for the x86. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 395–404. [paper]. [webpage]
84.
Zeng, B., Tan, G., and Morrisett, G. (2011). Combining control-flow integrity and static analysis for efficient and validated data sandboxing. In 18th ACM Conference on Computer and Communications Security (CCS), pages 29–40. [paper]
85.
Li, S. and Tan, G. (2011). JET: Exception checking in the Java Native Interface. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 345–358. [paper]
86.
Fedynyshyn, G., Chuah, M. C., and Tan, G. (2011). Detection and classification of different botnet C&C channels. In 8th International Conference on Autonomic and Trusted Computing (ATC), pages 228–242. [paper]
87.
Tan, G. (2010). JNI Light: An operational model for the core JNI. In Asian Symposium on Programming Languages and Systems (APLAS), pages 114–130. [paper]
88.
Kim, E., Huang, X., Tan, G., Long, L. R., and Antani, S. K. (2010). A hierarchical SVG image abstraction layer for medical imaging. In SPIE Medical Imaging: Advanced PACS-based Imaging Informaticsand Therapeutic Applications, volume 7628. [paper]
89.
Siefers, J., Tan, G., and Morrisett, G. (2010). Robusta: Taming the native beast of the JVM. In 17th ACM Conference on Computer and Communications Security (CCS), pages 201–211. [paper]. [webpage]. [slides]
90.
Tan, G., Shao, Z., Feng, X., and Cai, H. (2009). Weak updates and separation logic. In Asian Symposium on Programming Languages and Systems (APLAS), pages 178–193. [paper]
91.
Lopresti, D. P., Zhou, X., Huang, X., and Tan, G. (2009). Document analysis support for the manual auditing of elections. In 10th International Conference on Document Analysis and Recognition (ICDAR), pages 733–737
92.
Li, S. and Tan, G. (2009). Finding bugs in exceptional situations of JNI programs. In 16th ACM Conference on Computer and Communications Security (CCS), pages 442–452. [paper]
93.
Appel, A. W., Ginsburg, M., Hursti, H., Kernighan, B. W., Richards, C. D., Tan, G., and Venetis, P. (2009). The New Jersey voting-machine lawsuit and the AVC advantage DRE voting machine. In Conference on Electronic Voting Technology/Workshop on Trustworthy Elections (EVT/WOTE). [paper]
94.
Tan, G. and Croft, J. (2008). An empirical security study of the native code in the JDK. In 17th Usenix Security Symposium, pages 365–377. [paper]. [slides]. [tech report]
95.
Tan, G. and Morrisett, G. (2007). ILEA: Inter-language analysis across Java and C. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 39–56. [paper]. [slides]
96.
Tan, G., Chen, Y., and Jakubowski, M. H. (2006a). Delayed and controlled failures in tamper-resistant software. In 8th International Workshop on Information Hiding (IH), pages 216–231. [paper]. [slides]
97.
Tan, G., Appel, A., Chakradhar, S., Raghunathan, A., Ravi, S., and Wang, D. (2006b). Safe Java Native Interface. In IEEE International Symposium on Secure Software Engineering, pages 97–106. [paper]. [slides]
98.
Tan, G. and Appel, A. (2006). A compositional logic for control flow. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 80–94. [paper]. [slides]
99.
Marino, D., Chin, B., Millstein, T., Tan, G., Simmons, R. J., and Walker, D. (2006). Mechanized metatheory for user-defined type extensions. In Workshop on Mechanizing Metatheory
100.
Ou, X., Tan, G., Mandelbaum, Y., and Walker, D. (2004). Dynamic typing with dependent types. In Proceedings of IFIP 3rd International Conference on Theoretical Computer Science, pages 437–450. [paper]
101.
Tan, G., Appel, A., Swadi, K., and Wu, D. (2004). Construction of a semantic model for a typed assembly language. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 30–43. [paper]. [slides]
102.
Tan, G., Ou, X., and Walker, D. (2003). Enforcing resource usage protocols via scoped methods. In Proceedings of 10th International Workshop on Foundations of Object-Oriented Languages (FOOL). [paper]
103.
Jiang, M., Zhu, X., Xia, Y., Tan, G., Yuan, B., and Tang, X. (2000). Segmentation of mandarin braille word and braille translation based on multi-knowledge. In 5th International Conference on Signal Processing (ICSP), pages 2070–2073. [paper]

Other papers

Patents

Publicly released software

Presentations

Invited talks at professional conferences and summer schools

Invited talks at university colloquiums and seminars

Paper presentations at professional conferences

Teaching and Advising

Courses taught (unless noted otherwise, all courses are 3-credit courses)

Current Ph.D. students

Graduated Ph.D. students

Past Postdocs

Graduated Master’s students

Member of Ph.D. thesis committees

Member of M.S. thesis committees

Undergraduate research advising

Services

Service to the professional community

Service to School of EECS and the CSE Department of Penn State

Service to Penn State

Service to Lehigh University