Skip to content

Contact

David Lie | 李云峰
Sandford Fleming 2001C
10 King’s College Road
Toronto, ON M5S 3G4
Phone: (416) 946-0251
Fax: (416) 978-1145
Admin: Simone RodrigueShania Dela Paz
david.lie@utoronto.ca(PGP key)

Recent News

Michelle’s paper on deobfuscating Android malware accepted to Usenix Security 2018 — Paper now posted!

Michelle Wong has been working on a finding a way to defeat a new kind of Android malware obfuscation, which we call run-time based obfuscation.   Run-time based obfuscation subverts the Java runtime environment of Android itself, bending the rules that normally govern code execution to allow malware to hide itself.  It is currently used by many of the most advanced Android packers and code obfuscators, including aliprotect, qihoo, tencent and ijiami.  Michelle devised a novel technique that uses iterative rounds of static analysis, symbolic execution and dynamic instrumentation to defeat these obfuscation technqiues.  The paper, titled “Tackling runtime-based obfuscation in Android with TIRO” has been accepted at Usenix Security.  Congratulations Michelle!