Binbin Zhao

Binbin Zhao

Research Engineer II

Georgia Institute of Technology

About Me

Hi there. I am a research faculty with the School of Electrical and Computer Engineering at Georgia Institute of Technology. I earned my Ph.D. in Electrical and Computer Engineering from Georgia Institute of Technology, where I was advised by Prof. Raheem Beyah and Prof. Shouling Ji. Prior to that, I obtained my Bachelor’s degree in Computer Science from Zhejiang University in 2018.

Recent News

  • [09/10/2024] Our paper was accepted by IEEE S&P 2025!
  • [08/07/2023] Our paper was accepted by NDSS 2024!
  • [07/10/2023] Our paper was accepted by IEEE S&P 2024!
Interests
  • IoT
  • Fuzzing
  • Blockchain
Education
  • Ph.D. in Electrical and Computer Engineering, 2023

    Georgia Institute of Technology

  • M.S. in Electrical and Computer Engineering, 2022

    Georgia Institute of Technology

  • B.Eng. in Computer Science, 2018

    Zhejiang University

Publications

(2024). FirmRCA: Towards Post-Fuzzing Analysis on ARM Embedded Firmware with Efficient Event-based Fault Localization. IEEE S&P 2025, CCF-A.

(2023). MOCK: Optimizing Kernel Fuzzing Mutation with Context-aware Dependency. NDSS 2024, CCF-A.

PDF

(2023). SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices. IEEE S&P 2024, CCF-A.

PDF Code

(2022). One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware. IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A.

PDF Dataset Slides

(2022). UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware. USENIX Security 2023, CCF-A.

PDF

(2022). MINER: A Hybrid Data-Driven Approach for REST API Fuzzing. USENIX Security 2023, CCF-A.

PDF Code

(2022). A Large-Scale Empirical Analysis of the Vulnerabilities Introduced by Third-Party Components in IoT Firmware. ISSTA 2022, CCF-A.

PDF Dataset Slides

(2022). SLIME: Program-sensitive Energy Allocation for Fuzzing. ISSTA 2022, CCF-A.

PDF Code

(2021). EMS: History-Driven Mutation for Coverage-based Fuzzing. NDSS 2022, CCF-A.

PDF Cite Code

(2021). MPInspector: A Systematic and Automatic Approach for Evaluating the Security of IoT Messaging Protocols. USENIX Security 2021, CCF-A.

PDF Cite Code

(2020). A Large-scale Empirical Study on the Vulnerability of Deployed IoT Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A.

PDF Cite

(2019). Towards Understanding the Security of Modern Image Captchas and Underground Captcha-solving Services. Big Data Mining and Analytics, CCF-T2.

PDF Cite

(2018). Towards Evaluating the Security of Real-world Deployed Image CAPTCHAs. Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security (AISec 2018), co-located with CCS.

PDF Cite

Experience

 
 
 
 
 
Research Engineer II
CAP Lab, Georgia Institute of Technology
Aug 2023 – Present Atlanta
 
 
 
 
 
Research Assistant
CAP Lab, Georgia Institute of Technology
Aug 2019 – Aug 2023 Atlanta

Contact