Kangjie Lu

Ph.D. Student
School of Computer Science
Georgia Institute of Technology

kjlu@gatech.edu


I am a 5th-year Ph.D. student in Computer Science at Georgia Tech, advised by Professors Wenke Lee and Taesoo Kim. I am a member of GTISC and SSLab. For the last two summers, I worked as a visiting scholar with Professor Michael Backes at MPI-SWS & CISPA, Saarland University, Germany. Prior to joining Georgia Tech, while I was a master's student of Peking University, China, I visited Singapore Management University, working with Professor Debin Gao.

My research strives to help users automatically uncover and address security problems, and to harden widely used systems while preserving their reliability and efficiency. I have developed multiple systems and tools that prevent advanced attacks, eliminate vulnerabilities, and detect privacy leaks. My work has resulted in many updates in popular systems such as the Linux kernel, the Android OS, and Apple’s iOS.

I am currently looking for an academic position starting in Fall 2017. Here is my CV.


Selected Publications (Full list: Google Scholar)

Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying (to appear)
Kangjie Lu, Marie-Therese Walter, David Pfaff, Stefan Nürnberger, Wenke Lee, and Michael Backes
In Proceedings of the 2017 Network and Distributed System Security Symposium (NDSS'17)

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages
Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke Lee
In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS'16)
[Web page] [Source code]

How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
Kangjie Lu, Stefan Nürnberger, Michael Backes, and Wenke Lee
In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS'16)
[Source code] [Demo]

Enforcing Kernel Security Invariants with Data Flow Integrity
Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee
In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS'16)

ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks
Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee
In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS'15)
[Web page] [Source code]

Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting
Kangjie Lu, Zhichun Li, Vasileios Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, Guofei Jiang
In Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15)

RopSteg: Program Steganography with Return Oriented Programming
Kangjie Lu, Siyang Xiong, Debin Gao
In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY'14)

Jekyll on iOS: When Benign Apps Become Evil
Tielei Wang, Kangjie Lu, Long Lu, Simon Chung and Wenke Lee
In Proceedings of the 22nd USENIX Security Symposium (USENIX Security'13)

deRop: Removing Return-Oriented Programming from Malware
Kangjie Lu, Dabi Zou, Weiping Wen and Debin Gao
In Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC'11)

Packed, Printable, and Polymorphic Return-Oriented Programming
Kangjie Lu, Dabi Zou, Weiping Wen and Debin Gao
In Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID'11)


Research Experience

Visiting Scholar MPI-SWS & CISPA, Saarland University, Saarbrücken, Germany 2016.5 - 2016.8
Visiting Scholar MPI-SWS & CISPA, Saarland University, Saarbrücken, Germany 2015.5 - 2015.8
Research Intern Samsung Research America, Santa Clara 2014.5 - 2014.8
Research Intern NEC Labs America, Princeton 2013.5 - 2013.8
Research Assistant Georgia Institute of Technology, Atlanta 2012.8 - Present
Research Engineer Singapore Management University, Singapore 2011.11 - 2012.6
Research Assistant Singapore Management University, Singapore 2010.7 - 2011.8
Research Assistant Peking University, Beijing, China 2009.9 - 2010.7

Reported Vulnerabilities (Selected)

CVE-2016-5243: tipc: stack object link_info in tipc_nl_compat_link_dump() is disclosed without being properly initialized, causing kernel infoleak of up to 60 bytes.
CVE-2016-4569: x25: stack object dte_facilities in x25_negotiate_facilities() is disclosed without being initialized, causing kernel infoleak of up to 8 bytes.
CVE-2016-4578: ASLA: Two Linux kernel information leak vulnerabilities in timer.c; each can leak 8 bytes.
CVE-2016-4569: ASLA: a Linux kernel information leak vulnerability in timer (stack object tread).
CVE-2016-4486: netlink: an uninitialized data leak in linux kernel (stack object map in net/core/rtnetlink.c).
CVE-2016-4482: usb: an uninitialized data leak in linux kernel (stack object ci in drivers/usb/core/devio.c).
CVE-2016-4485: llc: an uninitialized data leak in linux kernel (stack object info in file net/llc/af_llc.c).
CVE-2016-5244: rds: stack object minfo in net/rds/recv.c is disclosed without being fully initialized, causing 1 byte kernel infoleak.
Link: wireless: the whole array mac_addr may be sent out without initialization. This can cause a kernel infoleak of 6 bytes.


Contact

Kangjie Lu
Room 3108, Klaus Advanced Computing Building
266 Ferst Drive
Atlanta, GA 30332