|Sen Chen (陈 森) Ph.D. Student East China Normal University (ECNU), China Nanyang Technological University (NTU), Singapore ecnuchensen AT gmail.com chensen AT ntu.edu.sg|
Sen Chen is a fourth-year Ph.D. student focusing primarily on areas of mobile security, Android malware, Android GUI attack, Android vulnerability, program analysis, and adversarial machine learning. He received an ACM SIGSOFT Distinguished Paper Award at ICSE 2018.
My research focuses on developing effective techniques and tools to improve mobile app security and quality:
- Android Malware Detection: StormDroid (ASIACCS'16), Begonia (CCS'16)
- Adversarial Malware Detection: KuafuDet (Computers & Security'17, MobiCom'16)
- Android Vulnerability Detection: AUSERA (arxiv'18)
- Mobile GUI Attack: ('18)
- Android App Analysis/Testing: Exlocator (ICSE'18), APEChecker (ASE'18)
- Formal Verification: Eunomia (APSEC'16)
I am currently advised by Professor Lihua Xu in SQSLab-East China Normal University and NYU Shanghai. In addition, I owe a big thanks to Professor Haojin Zhu (Shanghai Jiao Tong University) and Dr. Minhui Xue for leading me into the field of security pertinent issues with his profound knowledge, not only has a significant influence on how I think, but also is my mentor. I am working closely with Dr. Minhui Xue on mobile security and adversarial machine learning.
I am also a visiting Ph.D. student (Research Assistant) at Cyber Security Lab of Nanyang Technological University in October 2016 to October 2018. During my visit in NTU, I am advised by Professor Liu Yang. In addition, I am working closely with Lingling Fan, Dr. Guozhu Meng and Ting Su on Android app security and testing.
I would like to thank Pwnzen Infotech Inc. for providing us a copy of industrial mobile malware and helpful industry experience.
Android Malware: I worked on Android malware detection and classification (StormDroid) using machine learning (both static and dynamic features with statistical metrics) (refer to ASIACCS'16). I've developed KuafuDet (refer to MobiCom'16, Elsevier Computers & Security'17) for Android malware detection using machine learning in adversarial environment. We examine how machine-learning classifiers (e.g., DroidAPIMiner, DREBIN, and MaMaDroid) can be misled under different threat models. We also proposed a malware detection system, termed Begonia (refer to CCS'16), through Pareto ensemble learning to trade off classification accuracy and time cost.
Android Vulnerability: I worked on security vulnerability detection (AUSERA) in security-critical FinTech applications (e.g., mobile banking apps and payment apps). We investigated the characteristics of these vulnerabilities, and the changing trend over time.
Android App Analysis/Testing: We conducted a large-scale empirical study to characterize framework-specific exceptions in Android apps, and implemented ExLocator (refer to ICSE'18), an exception localization tool, for Android applications. We proposed APEChecker (refer to ASE'18), a technique to efficiently manifest aysnc programming errors (APEs) in Android apps.
Formal Verification: We have developed a continuous verification system, termed Eunomia (refer to APSEC 2016) to bi-directionally check conformance of model and corresponding source code.
Ph.D. Student, Computer Science and Technology, East China Normal University, September 2016 - June 2019
Research Assistant, Cyber Security Lab, NTU, January 2018 - October 2018
Visiting Ph.D. Student, Cyber Security Lab, NTU, October 2016 - December 2017
M.S. Student, Computer Science and Technology, East China Normal University, September 2014 - June, 2016 B.S. Student, Software Engineering, Harbin Normal University, September 2010 - June 2014
8. Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu and Geguang Pu, "Efficiently Manifesting Asynchronous Programming Errors in Android Apps", In Proceedings of the 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE2018), Montpellier, France, 2018. (acceptance rate: 69/346 = 19.9%) [Download] [BibTex] [Website]
7. Sen Chen, Guozhu Meng, Ting Su, Lingling Fan, Yinxing Xue, Yang Liu, Lihua Xu, Minhui Xue, Bo Li, and Shuang Hao, "AUSERA: Large-Scale Automated Security Risk Assessment of Global Mobile Banking Apps". [Download] [BibTex] [Website]
6. Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu, Geguang Pu and Zhendong Su, "Large-Scale Analysis of Framework-Specific Exceptions in Android Apps", In Proceedings of the 40th International Conference on Software Engineering (ICSE2018), Gothenburg, Sweden, 2018. (acceptance rate: 105/502 = 20.9%) [Download] [BibTex] [Website] ACM SIGSOFT Distinguished Paper Award
5. Sen Chen, Minhui Xue, Lingling Fan, Shuang Hao, Lihua Xu, Haojin Zhu, and Bo Li, "Automated Poisoning Attacks and Defenses in Malware Detection System: An Adversarial Machine Learning Approach", In Proceedings of the Elsevier Computers & Security, 2017. (accepted) [Download] [BibTex] [Website]
4. Lingling Fan, Sen Chen, Lihua Xu, Zongyuan Yang, Huibiao Zhu, Model-Based Continuous Verification, In Proceedings of the IEEE ASIA-Pacific Software Engineering Conference (APSEC2016), Hamilton, New Zealand, 2016. (acceptance rate: 19.7%) [Download] [BibTex]
3. Lingling Fan, Minhui Xue, Sen Chen, Lihua Xu, Haojin Zhu, "POSTER: Accuracy vs. Time Cost: Detecting Android Malware through Pareto Ensemble Pruning", In Proceedings of the ACM Conference on Computer and Communications Security (CCS2016), Vienna, Austria, 2016. [Download] [BibTex] [Website]
2. Sen Chen, Minhui Xue, Lihua Xu, "Poster: Towards Adversarial Detection of Mobile Malware", In Proceedings of the Annual International Conference on Mobile Computing and Networking (MobiCom2016), New York, America, 2016. [Download] [BibTex] [Website]
1. Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, and Haojin Zhu, "StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware", In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIACCS2016), Xi'an, China, 2016. (acceptance rate: 20.9%) [Download] [BibTex] [Website]
ACM SIGSOFT Distinguished Paper Award, May, 2018
University-level Outstanding Student, ECNU, China, December 2017
Graduate Student Visiting Scholarship, Singapore, February 2017
MobiCom Travel Grant Award, ACM/SIGMOBILE, August 2016
Graduate Student Overseas Visiting Scholarship, China, June 2016
University-level Outstanding Student, ECNU, China, December 2015
First Class Excellent Undergraduate Scholarship, October 2013
University-level Outstanding Student, October, 2013
National Scholarship, The Ministry of Education, China, October 2012
Automated Semantic-risk Assessment for Financial Apps, OCBC Bank, Singapore, January 2018
A Semantic-Based Analysis of Android Malware for Detection, SICW GovWare, Singapore, September 2017
Towards Adversarial Detection of Mobile Malware, MobiCom2016, New York, USA, October 2016
Machine Learning-Based Approach for Android Malware Detection, NTU, Singapore, October 2016
A Streaminglized Machine Learning-Based System for Detecting Android Malware, ASIACCS2016, Xi'an, China, June 2016
Android Engineer -SOHU, Beijing, China - February to September, 2014
-Android application development and Android UI analysis
JAVA Engineer -UFIDA, Beijing, China - March to July, 2013
-Software application development and testing