Are You Spying on Me? Large‑Scale Analysis on IoT Data Exposure through Companion Apps
Yuhong Nan, Xueqiang Wang, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang, and XiaoFeng Wang. In Proceedings of the 32nd USENIX Security Symposium (Security), 2023 [BibTex][PDF]

Formal Model-Driven Discovery of Bluetooth Protocol Design Vulnerabilities
Jianliang Wu, Ruoyu Wu, Dongyan Xu, Dave (Jing) Tian, and Antonio Bianchi. In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P), 2022 [BibTex][PDF][Teaser Talk][Full Talk][Code][Attack Demo]

ProFactory: Improving IoT Security via Formalized Protocol Customization
Fei Wang, Jianliang Wu, Yuhong Nan, Yousra Aafer, Xiangyu Zhang, Dongyan Xu, and Mathias Payer. In Proceedings of the 31st USENIX Security Symposium (Security), 2022 [BibTex][PDF]

LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks
Jianliang Wu, Ruoyu Wu, Daniele Antonioli, Mathias Payer, Nils Ole Tippenhauer, Dongyan Xu, Dave (Jing) Tian, and Antonio Bianchi. In Proceedings of the 30th USENIX Security Symposium (Security), 2021 [BibTex][PDF][Talk][Code][Poster]

BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Dave (Jing) Tian, Antonio Bianchi, Mathias Payer, and Dongyan Xu. In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT), 2020. (12/36) [BibTex][PDF][Attack Demo][Talk]
Best Paper Award             CSAW’20 Applied Research Competition Finalist
Media Coverage: [ZDNet] [Security Boulevard] [Threatpost] [AppleInsider] [ITSecurityWire] [Digital Information World] [Bitdefender] [Dazeinfo] [Tom’s Guide] [] and many more.

BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy (BLE) Networks
Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Mathias Payer, and Dongyan Xu. In Proceedings of 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2020. (31/121) [BibTex][PDF][Talk][Code]

All your sessions are belong to us: Investigating authenticator leakage through backup channels on android
Guangdong Bai, Jun Sun, Jianliang Wu, Quanqi Ye, Li Li, Jin Song Dong, and Shanqing Guo. In 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS), 2015. [BibTex][PDF]
Best Paper Award

PaddyFrog: systematically detecting confused deputy vulnerability in Android applications
Jianliang Wu, Tingting Cui, Tao Ban, Shanqing Guo, and Lizhen Cui. Security and Communication Networks (SCN), vol. 8 no. 13 (2015): 2338-2349. [BibTex][PDF]

Automatically Detecting Ssl Error-Handling Vulnerabilities in Hybrid Mobile Web Apps
Chaoshun Zuo, Jianliang Wu, and Shanqing Guo. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2015. [BibTex][PDF]

TrustFound: Towards a Formal Foundation for Model Checking Trusted Computing Platforms
Guangdong Bai, Jianan Hao, Jianliang Wu, Yang Liu, Zhenkai Liang, and Andrew Martin. In International Symposium on Formal Methods (FM), 2014. [BibTex][PDF]