Chengyu Song

PhD Student
College of Computing
Georgia Institute of Technology

Member
Systems Software & Security Lab
Georgia Tech Information Security Center (GTISC)
The Honeynet Project

Office:
Room 3110, Klaus Advance Computing Building
Georgia Institute of Technology
266 Ferst Drive
Atlanta, GA 30332-0765

csong84(__at__)gatech.edu

Google Scholar profile
GitHub

About Me

I am a 5th year PhD student at Georgia Tech supervised by professor Wenke Lee and Taesoo Kim.

Before coming to Georgia Tech, I finished my Master degree in Engineering Research Center of Information Security (ERCIS), Institute of Computer Science and Technology (ICST) at Peking University. I did my Bachelor's in Computer Science as a member of Yuanpei Program (now known as Yuanpei College) at Peking University.

Research Interets

System Security, Program Analysis, Operating Systems, Malware Analysis and Detection

Publications

  1. ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks (to appear)
    Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, Wenke Lee
    Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS'15),
    Denver, CO, October 2015.
  2. Cross-checking Semantic Correctness: The Case of Finding File System Bugs (to appear)
    Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, Taesoo Kim
    Proceedings of the 25th ACM Symposium on Operating Systems Principles (SOSP'15),
    Monterey, CA, October 2015.
  3. Type Casting Verification: Stopping an Emerging Attack Vector [Paper]
    Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee
    Proceedings of the 24th USENIX Security Symposium (Security'15),
    Washington, D.C., August 2015. ( 2015 Internet Defense Prize )
  4. JITScope: Protecting Web Users from Control-Flow Hijacking Attacks [Paper]
    Chao Zhang, Mehrdad Niknami, Kevin Zhijie Chen, Chengyu Song, Zhaofeng Chen, and Dawn Song
    Proceedings of the 34th Annual IEEE International Conference on Computer Communications (InfoCom'15),
    Hong Kong, China, April 2015.
  5. Exploiting and Protecting Dynamic Code Generation [Paper]
    Chengyu Song, Chao Zhang, Tielei Wang, Wenke Lee and David Melski
    Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, Feburary 2015.
  6. VTint: Protecting Virtual Function Tables' Integrity [Paper]
    Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaofeng Chen, and Dawn Song
    Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, Feburary 2015.
  7. Preventing Use-after-free with Dangling Pointers Nullification [Paper]
    Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee
    Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS'15),
    San Diego, CA, Feburary 2015.
  8. A11y Attacks: Exploiting Accessibility in Operating Systems [Paper]
    Yeongjin Jang, Chengyu Song, Simon P. Chung, Tielei Wang, and Wenke Lee
    Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS'14),
    Scottsdale, AZ, November 2014.
  9. Mimesis Aegis: A Mimicry Privacy Shield [Paper]
    Billy Lau, Pak Ho Chung, Chengyu Song, Yeongjin Jang, Wenke Lee, and Alexandra Boldyreva
    Proceedings of the 23rd USENIX Security Symposium (Security'14),
    San Diego, CA, August 2014.
  10. Abusing Performance Optimization Weaknesses to Bypass ASLR [Slides]
    Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, Wenke Lee
    BlackHat USA 2014,
    Las Vegas, NV, Auguest 2014.
  11. Diagnosis and Emergency Patch Generation for Integer Overflow Exploits
    Tielei Wang, Chengyu Song, and Wenke Lee
    Proceedings of the 11th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'14),
    Egham, London, UK, July 2014.
  12. Mactans: Injecting Malware Into iOS Devices via Malicious Chargers [Paper | Slides]
    Billy Lau, Yeongjin Jang, Chengyu Song, Tielei Wang, Pak Ho Chung, and Paul Royal
    BlackHat USA 2013,
    Las Vegas, NV, Auguest 2013.
  13. Flowers for Automated Malware Analysis [Paper | Slides]
    Chengyu Song, and Paul Royal
    BloackHat USA 2012,
    Las Vegas, NV, July 2012.
  14. Impeding Automated Malware Analysis with Environment-sensitive Malware [Paper]
    Chengyu Song, Paul Royal and Wenke Lee
    Proceedings of the 7th USENIX conference on Hot topics in Security (HotSec'12),
    Bellevue, WA, USA, August 2012.
  15. Preventing Drive-by Download via Inter-Module Communication Monitoring [Paper]
    Chengyu Song, Jianwei Zhuge, Xinhui Han and Zhiyuan Ye
    Proceedings of the 15th ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2010),
    Beijing, China, April 2010.
  16. Studying Malicious Websites and the Undergrounding Economy on the Chinese Web [Paper]
    Jianwei Zhuge, Thorsen Holz, Chengyu Song, Jinpeng Guo, Xinhui Hand and Wei Zou
    Proceedings of the 7th Workshop on the Economics of Information Security (WEIS 2008),
    Hanover, NH, June, 2008.
  17. Collecting Autonomous Spreading Malware Using High-interaction Honeypot [Paper]
    Jianwei Zhuge, Thorsen Holz, Xinhui Han, Chengyu Song and Wei Zou
    Proceedings of the 9th International Conference on Information and Communications Security (ICICS 2007),
    Zhengzhou, China, Dec 2007.

Professional Experience