Recruitement
We have Ph.D. opennings for self-motivated and talented students [link].
Please share your thoughts on my recent papers before sending an email.
News
Oct 2024: Serve CCS 25 program committee. Please submit your best work.
Sep 2024: Research on blockchain security is accepted to IEEE S&P 25. Congrats to Wanning and Yibo!
Aug 2024: Blockchain security research is funded by Ethereum Foundation. Thank you, EF!
Aug 2024: My student Yibo receives USENIX Security’24 Travel grant. Congrats to Yibo!
July 2024: Serve NDSS 25 program committee. Please submit your best work.
June 2024: Invited to talk about our blockchain research at NTU Blockhain Symposium in Singapore [website].
June 2024: Invited to talk about our blockchain research at SBC 2024 in NYC [website].
May 2024: Serve Euro S&P 25 program committee. Please submit your best work.
May 2024: Research on blockchain mempool fuzzing accepted to USENIX Security 24. Congrats to Yibo!
May 2024: Serve IEEE S&P 25 program committee. Please submit your best work.
May 2024: Host an educational workshop for using our [BADD labs] in CS, FinTech courses: [workshop webpage]
March 2024: Research on Ethereum key leakage and misuse accepted to WWW 24 (short paper). Congrats to Yuxuan and Jiaqi!
Feb 2024: Serve ACSAC 24 program committee. Please submit your best work.
Feb 2024: Serve RAID 24 program committee. Please submit your best work [CFP].
Jan 2024: Joint research on upgradable smart contracts accepted to WWW 24. Congrats to Xiaofan and Jin!
[More news]
Research Interests
My research mission aims to understand, enable and verify the systems security of digital infrastructures used in high-impact or emerging application domains.
Toward the goal, I am interested in cybersecurity, systems, and interdisciplinary research in decentralized systems (like blockchains and smart contracts), open-source software ecosystems, and other emerging domains. My research often addresses technical challenges as follows:
Security analysis and vulnerability discovery: [USENIX Security 24], [CCS 21]
Provable security and economics of security: IEEE S&P 25
Security-oriented measurement and cyber-crimes: [Euro S&P 23], [IMC 21], [NDSS 21]
Perf. optimization & workload analysis: [TSE 23], [FSE 21], [Middleware 20], [ICDE 19]
Secure data storage: [ACSAC 14], [EDBT 14], [TPDS 13], [ICDCS 08]
Data privacy: [TKDE 15], [ICDCS 14], [CIKM 11]
Security/systems education: [BADD labs], [FuSSIL labs]
My projects are generously supported by National Science Foundation, Ethereum Foundation, Intel, etc.
My research results in patches in popular open-source software, such as Ethereum Go client [Geth 1.11.4].
Recent Publications
Underline: students advised by me.
S&P'25: “Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure Designs”, AR=14.2%, Wanning Ding, Yuzhe Tang, Yibo Wang
USENIX Security'24: “Understanding Ethereum Mempool Security under Asymmetric DoS by Symbolized Stateful Fuzzing”, AR=14.5%, Yibo Wang, Yuzhe Tang, Kai Li, Wanning Ding, Zhihua Yang. [pdf], [slides]
WWW'24: “Characterizing Ethereum Upgradable Smart Contracts and Their Security Implications”, AR=20.2%, Xiaofan Li, Jin Yang, Jiaqi Chen, Yuzhe Tang, Xing Gao. [preprint], [slides]
Euro S&P'23: “Understanding the Security Risks of Decentralized Exchanges by Uncovering Unfair Trades in the Wild”, AR=35.7%, Jiaqi Chen, Yibo Wang, Yuxuan Zhou, Wanning Ding , Yuzhe Tang, X. Wang, Kai Li. [preprint], [slides], [2-page slides]
CCS'21: “DETER: Denial of Ethereum Txpool sERvices”, AR=22%, Kai Li, Yibo Wang, Yuzhe Tang. [pdf], [slides], [talk], [poster], [Patch@Geth-1.11.4], [CVE-2022-23327], [CVE-2022-23328]
NDSS'21: “As Strong As Its Weakest Link: How to Break (and Fix) Blockchain DApps at RPC Service”, AR=15.2%, Kai Li, Jiaqi Chen, Xianghong Liu, Yuzhe Tang, X. Wang, X. Luo. [pdf], [slides], [demo1], [demo2]
IMC'21: “TopoShot: Uncovering Ethereum's Network Topology Leveraging Replacement Transactions”, AR=28%, Kai Li, Yuzhe Tang, Jiaqi Chen, Yibo Wang, Xianghong Liu. [pdf], [slides], [poster], [open dataset], [talk@IMC’21]
FSE'21: “iBatch: Saving Ethereum Fees via Secure and Cost-Effective Batching of Smart-Contract Invocations”, AR=24.5%, Yibo Wang, Qi Zhang, Kai Li, Yuzhe Tang, Jiaqi Chen, X. Luo, T. Chen. [pdf], [extended version], [html], [slides]
Middleware'21 (Industrial track): “Authenticated Key-Value Stores with Hardware Enclaves”, Yuzhe Tang, Kai Li, Q. Zhang, J. Xu, J. Chen. [pdf], [extended version] [slides]
Middleware'20: “Cost-Effective Data Feeds to Blockchains via Workload-Adaptive Data Replication”, AR=25.2%, Kai Li, Yuzhe Tang, Jiaqi Chen, Zhehu Yuan, C. Xu, J. Xu. [pdf], [extended version], [slides], [talk@Middleware’20], [code]
ICDE'19: “GEM^2-Tree: A Gas-Efficient Structure for Authenticated Range Queries in Blockchain”, Full Paper, AR=26.8%, C. Zhang, C. Xu, J. Xu, Yuzhe Tang, B. Choi. [pdf]
Full list of publications: [link], [DBLP].
Open-source Software
Advising
I am fortunate and grateful to work with the following bright Ph.D. students.
Yibo Wang [link]: Security'24, FSE'21, TSE'23; S&P'25, IMC'21, CCS'21
Jiaqi Chen [link]: WWW'24, WWW'24 (short), Euro S&P'23; NDSS'21, IMC'21, FSE'21, Middleware'20
Wanning Ding [link]: S&P'25, Ethereum Protocol Fellowship’22; Security’24
Zhihua Yang [link]: Security’24
Jin Yang [link]: WWW'24
Yuxuan Zhou [link]: WWW’24 (short);
Alumni:
[Link] to our FullStack Security Lab (FSSL).
Teaching
|