Ruoyu (Fish) Wang
I am an Assistant Professor in the School of Computing, Informatics, and Decision Systems Engineering at Arizona State University. My research focuses on system security, especially on automated binary program analysis and reverse engineering of software. I am the co-founder and a core developer of the binary analysis platform, angr. I am a core member of the CTF team Shellphish. Sometimes I play with Pwndevils, too.
I am a co-director of the Laboratory of Security Engineering For Future Computing (SEFCOM) along with Dr. Gail-Joon Ahn, Dr. Adam Doupé, Dr. Yan Shoshitaishvili, and Dr. Tiffany Bao.
Prior to joining ASU, I received my Ph.D. degree from the Department of Computer Science at the University of California, Santa Barbara, where I worked in the SecLab of UCSB, and was advised by two great professors, Dr. Giovanni Vigna and Dr. Christopher Kruegel. I received my Bachelor's degree in Computer Software at Tsinghua University in 2013. I was a core member of the CGC team Shellphish CGC, with whom I won the third place and a lot of cash in the Final Event of the DARPA Cyber Grand Challenge in 2016.
A Ph.D. student at the University of California, Santa Barbara. 2013 - 2018
An undergraduate at Tsinghua University, China. 2009 - 2013
BinTrimmer: Towards Static Binary Debloating Through Abstract Interpretation
International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). 2019
BootKeeper: Validating Software Integrity Properties on Boot Firmware Images
Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY). 2019
REPT: Reverse Debugging of Failures in Deployed Software
Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI). 2018
* Won Jay Lepreau Best Paper Award
HeapHopper: Bringing Bounded Model Checking to Heap Implementation Security
Proceedings of the 27th USENIX Conference on Security (USENIX Sec). 2018
Rise of the HaCRS: Augmenting Autonomous Cyber Reasoning Systems with Human Assistance.
Proceedings of the ACM Conference on Computer and Communications Security (CCS). 2017
How Shall We Play a Game?: A Game-theoretical Model for Cyber-warfare Games
Proceedings of 2017 IEEE 30th Computer Security Foundations Symposium (CSF). 2017
* Winner of the 6th Annual Best Scientific Cybersecurity Paper Competition
Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits
Proceedings of 2017 IEEE Symposium on Security and Privacy (Oakland). 2017
Ramblr: Making Reassembly Great Again
Proceedings of the Network and Distributed System Security Symposium (NDSS). 2017
[slides]
* Won Distinguished Paper Award
BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments
Proceedings of the Network and Distributed System Security Symposium (NDSS). 2017
(State of) The Art of War: Offensive Techniques in Binary Analysis
Proceedings of 2016 IEEE Symposium on Security and Privacy (Oakland). 2016
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
Proceedings of the Network and Distributed System Security Symposium (NDSS). 2016
Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware
Proceedings of the Network and Distributed System Security Symposium (NDSS). 2015
Steal This Movie: Automatically Bypassing DRM Protection in Streaming Media Services
Proceedings of the 22nd USENIX Conference on Security (USENIX Sec). 2013
* Nominated as a top-10 finalist in CSAW Best Applied Research Paper Award 2013
De-obfuscation and Detection of Malicious PDF Files with High Accuracy
HICSS-46 (HICSS), Hawaii. 2013.
My email: fishw at asu d0t edu (enable JavaScript for a clickable version)
My PGP Key