Publications

• “PFORTIFIER: Mitigating PHP Object Injection through Automatic Patch Generation”.
  Bo Pang, Yiheng Zhang, Mingzhe Gao, Junzhe Zhang, Ligeng Chen, Mingxue Zhang*, Gang Liang.
  To appear in Proceedings of The 46th IEEE Symposium on Security and Privacy.

• “Sensitive Behavioral Chain-focused Android Malware Detection Fused with AST Semantics”. [PDF]
  Jiacheng Gong, Weina Niu, Song Li, Mingxue Zhang, Xiaosong Zhang.
  In IEEE Transactions on Information Forensics and Security (TIFS).

• “GraphTunnel: Robust DNS Tunnel Detection Based on DNS Recursive Resolution Graph”. [PDF]
  Guangyuan Gao, Weina Niu, Jiacheng Gong, Dujuan Gu, Song Li, Mingxue Zhang, Xiaosong Zhang.
  In IEEE Transactions on Information Forensics and Security (TIFS).

• “FuzzCache: Optimizing Web Application Fuzzing Through Software-Based Data Cache”. [PDF] [Code]
  Penghui Li, Mingxue Zhang*.
  In Proceedings of The 31st ACM Conference on Computer and Communications Security (CCS), October 2024.
  🏆 Distinguished Paper Award

• “Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis”. [PDF] [Code]
  Penghui Li, Wei Meng, Mingxue Zhang, Chenlin Wang, Changhua Luo.
  In Proceedings of The 45th IEEE Symposium on Security and Privacy, May 2024.

• “CSChecker: Revisiting GDPR and CCPA Compliance of Cookie Banners on the Web”. [PDF] [Code]
  Mingxue Zhang, Wei Meng, You Zhou, Kui Ren.
  In Proceedings of 46th International Conference on Software Engineering (ICSE) (research track), April 2024.

• “JSIsolate: Lightweight In-Browser JavaScript Isolation”. [PDF] [Code]
  Mingxue Zhang, Wei Meng.
  In Proceedings of The 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) (research track), August 2021.

• “Revealer: Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities”. [PDF] [Code]
  Yinxi Liu, Mingxue Zhang, Wei Meng.
  In Proceedings of The 42nd IEEE Symposium on Security and Privacy, May 2021.

• “Detecting and Understanding JavaScript Global Identifier Conflicts on the Web”. [PDF] [Code]
  Mingxue Zhang, Wei Meng.
  In Proceedings of The 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) (research track), November 2020.

• “MineThrottle: Defending against Wasm In-Browser Cryptojacking”. [PDF] [Code]
  Weikang Bian, Wei Meng, Mingxue Zhang.
  In Proceedings of The Web Conference 2020 (WWW), April 2020.

• “Finding JavaScript Name Conflicts on the Web” (poster). [PDF]
  Mingxue Zhang, Wei Meng, Yi Wang.
  In Proceedings of The 26th ACM Conference on Computer and Communications Security (CCS), November 2019.

• “All Your Clicks Belong to Me: Investigating Click Interception on the Web”. [PDF] [Code]
  Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, Xinyu Xing.
  In Proceedings of The 28th USENIX Security Symposium, August 2019.

• “InstantCryptoGram: Secure Image Retrieval Service”. [PDF]
  Minghui Li, Mingxue Zhang, Qian Wang, Sherman S. M. Chow, Minxin Du, Yanjiao Chen, and Chenliang Li.
  In proceedings of the IEEE Conference on Computer Communications (INFOCOM), April 2018.