Ruoyu (Fish) Wang

I am an Assistant Professor in the School of Computing, Informatics, and Decision Systems Engineering at Arizona State University. My research focuses on system security, especially on automated binary program analysis and reverse engineering of software. I am the co-founder and a core developer of the binary analysis platform, angr. I am a core member of the CTF team Shellphish. Sometimes I play with Pwndevils, too.

I am a co-director of the Laboratory of Security Engineering For Future Computing (SEFCOM) along with Dr. Gail-Joon Ahn, Dr. Adam Doupé, Dr. Yan Shoshitaishvili, and Dr. Tiffany Bao.

Prior to joining ASU, I received my Ph.D. degree from the Department of Computer Science at the University of California, Santa Barbara, where I worked in the SecLab of UCSB, and was advised by two great professors, Dr. Giovanni Vigna and Dr. Christopher Kruegel. I received my Bachelor's degree in Computer Software at Tsinghua University in 2013. I was a core member of the CGC team Shellphish CGC, with whom I won the third place ~~and a lot of cash~~ in the Final Event of the DARPA Cyber Grand Challenge in 2016.

Education History

A Ph.D. student at the University of California, Santa Barbara. 2013 - 2018
An undergraduate at Tsinghua University, China. 2009 - 2013

Teaching

Fall 2019, CSE 545 Software Security
Fall 2018, CSE 545 Software Security

Publications

BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation

Nilo Redini, Ruoyu Wang, Aravind Machiry, Yan Shoshitaishvili, Giovanni Vigna, Christopher Kruegel

International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). 2019
BootKeeper: Validating Software Integrity Properties on Boot Firmware Images

Ronny Chevalier, Stefano Cristalli, Christophe Hauser, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, Danilo Bruschi, Andrea Lanzi

Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY). 2019
REPT: Reverse Debugging of Failures in Deployed Software

Weidong Cui, Xinyang Ge, Baris Kasikci, Ben Niu, Upamanyu Sharma, Ruoyu Wang, Insu Yun

Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 2018

* Won Jay Lepreau Best Paper Award
HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security

Moritz Eckert, Antonio Bianchi, Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna

Proceedings of the 27th USENIX Conference on Security (USENIX Sec). 2018
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance.

Yan Shoshitaishvili, Michael Weissbacher, Lukas Dresel, Christopher Salls, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna

Proceedings of the ACM Conference on Computer and Communications Security (CCS). 2017
How Shall We Play a Game?: A Game-theoretical Model for Cyber-warfare Games

Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, David Brumley

Proceedings of 2017 IEEE 30th Computer Security Foundations Symposium (CSF). 2017

* Winner of the 6th Annual Best Scientific Cybersecurity Paper Competition
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, David Brumley

Proceedings of 2017 IEEE Symposium on Security and Privacy (Oakland). 2017
Ramblr: Making Reassembly Great Again

Ruoyu Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna

Proceedings of the Network and Distributed System Security Symposium (NDSS). 2017

[slides]

* Won Distinguished Paper Award
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments

Aravind Machiry, Eric Gustafson, Chad Spensky, Chris Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung Ryn Choe, Christopher Kruegel, Giovanni Vigna

Proceedings of the Network and Distributed System Security Symposium (NDSS). 2017
(State of) The Art of War: Offensive Techniques in Binary Analysis

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Audrey Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, Giovanni Vigna

Proceedings of 2016 IEEE Symposium on Security and Privacy (Oakland). 2016
Driller: Augmenting Fuzzing Through Selective Symbolic Execution

Nick Stephens, John Grosen, Christopher Salls, Audrey Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna

Proceedings of the Network and Distributed System Security Symposium (NDSS). 2016
Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware

Yan Shoshitaishvili, Ruoyu Wang, Christophe Hauser, Christopher Kruegel, Giovanni Vigna

Proceedings of the Network and Distributed System Security Symposium (NDSS). 2015
Steal This Movie: Automatically Bypassing DRM Protection in Streaming Media Services

Ruoyu Wang, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna

Proceedings of the 22nd USENIX Conference on Security (USENIX Sec). 2013

* Nominated as a top-10 finalist in CSAW Best Applied Research Paper Award 2013
De-obfuscation and Detection of Malicious PDF Files with High Accuracy

Xun Lu, Jianwei Zhuge, Ruoyu Wang, Yinzhi Cao, Yan Chen

HICSS-46 (HICSS), Hawaii. 2013.

Professional Activities

Organization

Workshop on Binary Analysis Research (BAR), NDSS 2019 [Preprints of accepted papers, artifacts, and updated programme].
Workshop on Binary Analysis Research (BAR), NDSS 2018 [Accepted papers]

Program Committee Member

Security Track, ACM SIGAPP Symposium on Applied Computing (SAC), 2018, 2017, 2016
Workshop on Forming an Ecosystem Around Software Transformation (FEAST), 2018
International Conference on Cyber-Technologies and Cyber-Systems (CYBER), 2018

Contact Info

My email: fishw at asu d0t edu (enable JavaScript for a clickable version)
My PGP Key

Links

My Google Scholar page

Amigos

Tao Du, an awesome guy at MIT working on Computer Graphics and anything he's interested in.