Chen Cao, Ph.D.

Chen Cao, Ph.D.
Assistant Professor, Computer Science and Software Engineering
166 Burke

Mailing Address:
PENN STATE BEHREND
242 BURKE CENTER
ERIE PA 16563

I like to find novel and previously unknown ways to "white-hat"ly hack the system. WIth in-depth knowledge learned during the hacking, I also delve into securing systems that I hacked.

Systems security, mainly on Linux/Android/IoT systems.

Reviewing IoT Security via Logic Bugs in IoT Platforms and Systems, IEEE Internet of Things Journal - July 15, 2021
Collaborators: Wei Zhou, Co-Author; Dongdong Huo, Co-Author; Kai Cheng, Co-Author; Lan Zhang, Co-Author; Le Guan, Co-Author; Tao Liu, Co-Author; Yan Jia, Co-Author; Yaowen Zheng, Co-Author; Yuqing Zhang, Co-Author; Limin Sun, Co-Author; Yazhe Wang, Co-Author; Peng Liu, Co-Author

Commercial hypervisor-based task sandboxing mechanisms are unsecured? But we can fix it!, Journal of Systems Architecture - June, 2021
Collaborators: Dongdong Huo, Co-Author; Peng Liu, Co-Author; Yazhe Wang, Co-Author; Mingxuan Li, Co-Author; Zhen Xu, Co-Author

Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation, Proceedings of the 36th Annual Computer Security Applications Conference - December, 2020
Collaborators: Le Guan, Co-Author; Jiang Ming, Co-Author; Peng Liu, Co-Author

Protecting mobile devices from physical memory attacks with targeted encryption, Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks - 2019
Collaborators: Le Guan, Co-Author; Sencun Zhu, Co-Author; Jingqiang Lin, Co-Author; Peng Liu, Co-Author; Yubin Xia, Co-Author; Bo Luo, Co-Author

Tainting-Assisted and Context-Migrated Symbolic Execution of Android Framework for Vulnerability Discovery and Exploit Generation, IEEE Transactions on Mobile Computing - 2019
Collaborators: Lannan Luo, Co-Author; Qiang Zeng, Co-Author; Kai Chen, Co-Author; Jian Liu, Co-Author; Limin Liu, Co-Author; Neng Gao, Co-Author; Min Yang, Co-Author; Xinyu Xing, Co-Author; Peng Liu, Co-Author

Assessing the Impact on Business Processes by Interconnecting Attack Graphs and Entity Dependency Graphs, IFIP International Conference on Database and Application Security and Privacy (DBSEC 2018) - 2018
Collaborators: Lunpin Yuan, Co-Author; Anoop Singhal, Co-Author; Peng Liu, Co-Author; Xiaoyan Sun, Co-Author; Sencun Zhu, Co-Author

CryptMe: Data Leakage Prevention for Unmodified Programs on ARM Devices, International Symposium on Research in Attacks, Intrusions, and Defenses - 2018
Collaborators: Le Guan, Co-Author; Ning Zhang, Co-Author; Neng Gao, Co-Author; Jingqiang Lin, Co-Author; Bo Luo, Co-Author; Peng Liu, Co-Author; Ji Xiang, Co-Author; Wenjing Lou, Co-Author

Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM, IEEE Transactions on Dependable and Secure Computing - 2018
Collaborators: Le Guan, Co-Author; Peng Liu, Co-Author; Xinyu Xing, Co-Author; Xinyang Ge, Co-Author; Shengzhi Zhang, Co-Author; Meng Yu, Co-Author; Trent Jaeger, Co-Author

System service call-oriented symbolic execution of android framework with applications to vulnerability discovery and exploit generation, Proceedings of the 15th Annual International Conference on Mobile Systems, Applications, and Services - 2017
Collaborators: Lannan Luo, Co-Author; Qiang Zeng, Co-Author; Kai Chen, Co-Author; Jian Liu, Co-Author; Limin Liu, Co-Author; Neng Gao, Co-Author; Min Yang, Co-Author; Xinyu Xing, Co-Author; Peng Liu, Co-Author

Hey, you, keep away from my device: remotely implanting a virus expeller to defeat Mirai on IoT devices, arXiv preprint arXiv:1706.05779 - 2017
Collaborators: Le Guan, Co-Author; Peng Liu, Co-Author; Neng Gao, Co-Author; Jingqiang Lin, Co-Author; Ji Xiang, Co-Author

Context-aware System Service Call-oriented Symbolic Execution of Android Framework with Application to Exploit Generation, arXiv preprint arXiv:1611.00837 - 2016
Collaborators: Lannan Luo, Co-Author; Qiang Zeng, Co-Author; Kai Chen, Co-Author; Jian Liu, Co-Author; Limin Liu, Co-Author; Neng Gao, Co-Author; Min Yang, Co-Author; Xinyu Xing, Co-Author; Peng Liu, Co-Author

Towards analyzing the input validation vulnerabilities associated with android system services, Proceedings of the 31st Annual Computer Security Applications Conference - 2015
Collaborators: Neng Gao, Co-Author; Peng Liu, Co-Author; Ji Xiang, Co-Author

Function escalation attack, International Conference on Security and Privacy in Communication Networks - 2014
Collaborators: Yuqing Zhang, Co-Author; Qixu Liu, Co-Author; Kai Wang, Co-Author

Design of the password-authenticated protocol based on mosaic image test, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010) - 2010
Collaborators: Tao He, Co-Author; Tianjie Cao, Co-Author

Improved three-party password-authenticated key exchange protocol, Jisuanji Gongcheng yu Yingyong(Computer Engineering and Applications) - 2010
Collaborator: Yu-Hang Gao, Co-Author

Ph D, Computer Science and Technology Information Security, University of Chinese Academy of Sciences

BE, Information Security, China University of Mining and Technology