Welcome! My name is Hang Zhang, I am a postdoc researcher in SSLab at GaTech, working with Prof. Taesoo Kim. I obtained my Ph.D degree from UC Riverside, under the supervision of Prof. Zhiyun Qian.

My research area is Computer System Security, with a focus on vulnerability discovery and analysis in complex software systems like OS Kernels. I am especially interested in bringing sophiscated program analysis techniques to the system security research. My past research apply different approaches (e.g., manual reverse engineering, automatic static and dynamic program analysis) to analyze different code layers (e.g., binary, IR, and source code), revealing multiple kernel security vulnerabilities and resulting in open-source security tools.

Selected Publications

ICSE 22
Demystifying the Dependency Challenge in Kernel Fuzzing
Yu Hao, Hang Zhang, Guoren Li, Xingyun Du, Zhiyun Qian, Ardalan Amiri Sani
In Proceedings of IEEE/ACM International Conference on Software Engineering (ICSE) 2022.
CCS 21
Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels [paper] [code]
Hang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, and Zhiyun Qian
In Proceedings of ACM CCS 2021.
USENIX Security 21
An Investigation of the Android Kernel Patch Ecosystem [paper] [code]
Zheng Zhang, Hang Zhang, Zhiyun Qian, and Billy Lau
In Proceedings of USENIX Security 2021.
USENIX Security 18
Precise and Accurate Patch Presence Test for Binaries [paper] [code]
Hang Zhang and Zhiyun Qian
In Proceedings of USENIX Security 2018, Baltimore, MD.
CCS 16
Android ION Hazard: the Curse of Customizable Memory Management System [paper] [website]
Hang Zhang, Dongdong She, Zhiyun Qian
In Proceedings of ACM Conference on Computer and Communications Security (CCS) 2016, Vienna, Austria.
[CVE-2015-8950] [CVE-2016-8756] [CVE-2016-8757] [CVE-2016-8758] [CVE-2017-8164] [CVE-2017-8165]
CCS 15
Android Root and its Providers: A Double-Edged Sword [paper]
Hang Zhang, Dongdong She, Zhiyun Qian
In Proceedings of ACM Conference on Computer and Communications Security (CCS) 2015, Denver, CO.
Media coverage: [ARS Technica] [Trustlook] [Marketwired]