Represenative publications (See all publications by year or by topic)

  • Huang, Y., Narayanan, V., Detweiler, D., Huang, K., Tan, G., Jaeger, T., and Burtsev, A. (2022). Ksplit: Automating device driver isolation. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI), [paper]

  • Tizpaz-Niari, S., Kumar, A., Tan, G., and Trivedi, A. (2022). Fairness-aware configuration of machine learning libraries. In 44th International Conference on Software Engineering (ICSE). [paper]

  • Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2022). Binpointer: Towards precise, sound, and scalable binary-level pointer analysis. In ACM SIGPLAN 2022 International Conference Compiler Construction (CC). [paper]

  • Beugin, Y., Burke, Q., Hoak, B., Sheatsley, R., Pauley, E., Tan, G., Hussain, S. R., and McDaniel, P. (2022). Building a privacy-preserving smart camera system. In Privacy Enhancing Technologies Symposium (PETS). [paper]

  • Huang, K., Huang, Y., Payer, M., Qian, Z., Sampson, J., Tan, G., and Jaeger, T. (2022). The taming of the stack: Isolating stack data from memory errors. In Network and Distributed System Security Symposium (NDSS). [paper]

  • Jia, X., Kumar, A., and Tan, G. (2021). A derivative-based parser generator for visibly pushdown grammars. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA). [paper]

  • Brotzman, R., Zhang, D., Kandemir, M., and Tan, G. (2021b). SpecSafe: Detecting cache side channels in a speculative world. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA). [paper]

  • Zhang, Y., Liu, X., Sun, C., Zeng, D., Tan, G., Kan, X., and Ma, S. (2021). ReCFA: Resilient control-flow attestation. In Annual Computer Security Applications Conference (ACSAC), To appear.

  • Kim, S. H., Sun, C., Zeng, D., and Tan, G. (2021). Refining indirect call targets at the binary level. In Network and Distributed System Security Symposium (NDSS). [paper].

  • Ahmed, M. S., Xiao, Y., Snow, K. Z., Tan, G., Monrose, F., and Yao, D. (2020). Methodologies for quantifying (re-)randomization security and timing under JIT-ROP. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1803–1820. [paper]

  • Norris, M., Celik, Z. B., Venkatesh, P., Zhao, S., McDaniel, P. D., Sivasubramaniam, A., and Tan, G. (2020). IoTRepair: Systematically addressing device faults in commodity IoT. In 5th ACM/IEEE Conference on Internet of Things Design and Implementation (IoTDI), pages 142–148. [paper]

  • Narayanan, V., Huang, Y., Tan, G., Jaeger, T., and Burtsev, A. (2020). Lightweight kernel isolation with virtualization and VM functions. 16th ACM International Conference on Virtual Execution Environments (VEE), pages 157–171. Best paper award. [paper]

  • Liu, S., Zeng, D., Huang, Y., Capobianco, F., McCamant, S., Jaeger, T., and Tan, G. (2019). Program-mandering: Quantitative privilege separation. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1023–1040. [paper]

  • Wang, Y.-P., Hu, X.-Q., Zou, Z.-X., Tan, W., and Tan, G. (2019). IVT: an efficient method for sharing subtype polymorphic objects. In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pages 130:1–130:22. [paper]

  • Huang, Z., Lie, D., Tan, G., and Jaeger, T. (2019). Using safety properties to generate vulnerability patches. In IEEE Symposium on Security and Privacy (S&P). [paper]

  • Brotzman, R., Liu, S., Zhang, D., Tan, G., and Kandemir, M. (2019). CaSym: Cache aware symbolic execution for side channel detection and mitigation. In IEEE Symposium on Security and Privacy (S&P), pages 364–380. [paper]

  • Celik, Z. B., Tan, G., and McDaniel, P. (2019). IoTGuard: Dynamic enforcement of security and safety policy in commodity IoT. In Network and Distributed System Security Symposium (NDSS). [paper]

  • Celik, Z. B., Babun, L., Sikder, A. K., Aksu, H., Tan, G., McDaniel, P., and Uluagac, A. S.(2018). Sensitive information tracking in commodity IoT. In 27th Usenix Security Symposium, pages 1687–1704. [paper]

  • Celik, Z. B., McDaniel, P., and Tan, G. (2018). Soteria: Automated IoT safety and security analysis. In USENIX Annual Technical Conference (ATC), pages 147–158. [paper]

  • P. Muntean, M. Fischer, G. Tan, Z. Lin, J. Grossklags, and C. Eckert. tauCFI: Type-assisted control flow integrity for x86-64 binaries. In International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pages 423–444, 2018 [paper]

  • Zeng, D. and Tan, G. (2018). From debugging-information based binary-level type inference to CFG generation. In 8th ACM Conference on Data and Application Security and Privacy (CODASPY), pages 366–376. Outstanding paper award. [paper]

  • Tan, G. and Morrisett, G. (2018). Bidirectional grammars for machine-code decoding and encoding. Journal of Automated Reasoning, 60(3), 257–277. [paper]

  • Tan, G. (2017). Principles and implementation techniques of software-based fault isolation. Foundations and Trends in Privacy and Security, 1(3), 137–198. [paper]. [slides]

  • Liu, S., Tan, G., and Jaeger, T. (2017). PtrSplit: Supporting general pointers in automatic program partitioning. In 24th ACM Conference on Computer and Communications Security (CCS), pages 2359–2371. [paper]

  • Niu, B. and Tan, G. (2015). Per-input control-flow integrity. In 22nd ACM Conference on Computer and Communications Security (CCS), pages 914–926. [paper]. [Code repo]

  • Niu, B. and Tan, G. (2014). RockJIT: Securing just-in-time compilation using modular control-flow integrity. In 21st ACM Conference on Computer and Communications Security (CCS), pages 1317–1. [paper]

  • Li, S. and Tan, G. (2014). Finding reference-counting errors in Python/C programs with affine analysis. In European Conference on Object-Oriented Programming (ECOOP). [paper]

  • Niu, B. and Tan, G. (2014a). Modular control-flow integrity. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 577–587. [paper]. [Code repo]

  • Niu, B. and Tan, G. (2013b). Monitor integrity protection with space efficiency and separate compilation. In 20th ACM Conference on Computer and Communications Security (CCS). [paper]

  • Zeng, B., Tan, G., and Erlingsson, Ú. (2013). Strato: A retargetable framework for low-level inlined-reference monitors. In 22nd Usenix Security Symposium, pages 369–382. [paper]

  • Morrisett, G., Tan, G., Tassarotti, J., Tristan, J.-B., and Gan, E. (2012). Rocksalt: Better, faster, stronger SFI for the x86. In ACM Conference on Programming Language Design and Implementation (PLDI), pages 395–404. [paper]. [Code repo]

  • Zeng, B., Tan, G., and Morrisett, G. (2011). Combining control-flow integrity and static analysis for efficient and validated data sandboxing. In 18th ACM Conference on Computer and Communications Security (CCS), pages 29–40. [paper]

  • Tan, G. and Appel, A. (2006). A compositional logic for control flow. In International Conference on Verification, Model Checking, and Abstract Interpretation (VMCAI), pages 80–94. [paper]. [slides]

  • Ou, X., Tan, G., Mandelbaum, Y., and Walker, D. (2004). Dynamic typing with dependent types. In Proceedings of IFIP 3rd International Conference on Theoretical Computer Science, pages 437–450. [paper]