Kangjie Lu

PhD Student | Georgia Institute of Technology

I am a 5th-year PhD student in Computer Science at Georgia Tech, advised by Prof. Wenke Lee and Prof. Taesoo Kim. I am a member of GTISC and SSLab. I previously worked with Prof. Debin Gao at Singapore Management University

My research aims to uncover and address fundamental problems in system and software security

I can be reached at kjlu@gatech.edu


Publications (DBLP)

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages (to appear)
Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke Lee
In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS '16),
Vienna, Austria, October 2016
[Web page]

How to Make ASLR Win the Clone Wars: Runtime Re-Randomization
Kangjie Lu, Stefan Nürnberger, Michael Backes, and Wenke Lee
In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS '16),
San Diego, CA, USA, Feburary 2016
[Source code] [Demo]

Enforcing Kernel Security Invariants with Data Flow Integrity
Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee
In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS '16),
San Diego, CA, USA, Feburary 2016

ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks
Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee
In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS '15),
Denver, Colorado, USA, October 2015
[Source code] [Web page]

SUPOR: Precise and Scalable Sensitive User Input Detection for Android Apps
Jianjun Huang, Zhichun Li, Xusheng Xiao, Zhenyu Wu, Kangjie Lu, Xiangyu Zhang, Guofei Jiang
In Proceedings of the 24th USENIX Security Symposium (USENIX Security '15),
Washington D.C., USA, August 2015

Software Watermarking using Return-Oriented Programming
Haoyu Ma, Kangjie Lu, Xinjie Ma, Haining Zhang, Chunfu Jia and Debin Gao
In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS '15),
Singapore, April 2015

Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting
Kangjie Lu, Zhichun Li, Vasileios Kemerlis, Zhenyu Wu, Long Lu, Cong Zheng, Zhiyun Qian, Wenke Lee, Guofei Jiang
In Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS '15),
San Diego, CA, USA, February 2015

RopSteg: Program Steganography with Return Oriented Programming
Kangjie Lu, Siyang Xiong, Debin Gao
In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy (CODASPY '14),
San Antonio, TX, USA, March 2014

Jekyll on iOS: When Benign Apps Become Evil
Tielei Wang, Kangjie Lu, Long Lu, Simon Chung and Wenke Lee
In Proceedings of the 22nd USENIX Security Symposium (USENIX Security '13),
Washington, DC, USA, August 2013

deRop: Removing Return-Oriented Programming from Malware
Kangjie Lu, Dabi Zou, Weiping Wen and Debin Gao
In Proceedings of the 27th Annual Computer Security Applications Conference(ACSAC '11),
Orlando, Florida, USA, December 2011

Packed, Printable, and Polymorphic Return-Oriented Programming
Kangjie Lu, Dabi Zou, Weiping Wen and Debin Gao
In Proceedings of the 14th International Symposium on Recent Advances in Intrusion Detection (RAID '11),
Menlo Park, California, USA, September 2011


Research Experiences

Visiting Scholar MPI-SWS / CISPA, Saarland University, Saarbrücken, Germany 2016.5 - 2016.8
Visiting Scholar MPI-SWS / Saarland University, Saarbrücken, Germany 2015.5 - 2015.8
Research Intern Samsung Research America, Santa Clara 2014.5 - 2014.8
Research Intern NEC Labs America, Princeton 2013.5 - 2013.8
Research Assistant Georgia Institute of Technology, Atlanta 2012.8 - present
Research Assistant Singapore Management University, Singapore 2010.7 - 2012.6
Research Assistant Peking University, Beijing, China 2009.9 - 2010.7

Reported Vulnerabilities (Selected)

CVE-2016-5243: tipc: stack object link_info in tipc_nl_compat_link_dump() is disclosed without being properly initialized, causing kernel infoleak of up to 60 bytes.
CVE-2016-4569: x25: stack object dte_facilities in x25_negotiate_facilities() is disclosed without being initialized, causing kernel infoleak of up to 8 bytes.
CVE-2016-4578: ASLA: Two Linux kernel information leak vulnerabilities in timer.c; each can leak 8 bytes.
CVE-2016-4569: ASLA: a Linux kernel information leak vulnerability in timer (stack object tread).
CVE-2016-4486: netlink: an uninitialized data leak in linux kernel (stack object map in net/core/rtnetlink.c).
CVE-2016-4482: usb: an uninitialized data leak in linux kernel (stack object ci in drivers/usb/core/devio.c).
CVE-2016-4485: llc: an uninitialized data leak in linux kernel (stack object info in file net/llc/af_llc.c).
CVE-2016-5244: rds: stack object minfo in net/rds/recv.c is disclosed without being fully initialized, causing 1 byte kernel infoleak.
Link: wireless: the whole array mac_addr may be sent out without initialization. This can cause a kernel infoleak of 6 bytes.

Contact Info

Kangjie Lu
Room 3108, Klaus Advanced Computing Building
266 Ferst Drive
Atlanta, GA 30332