Sen Chen's Homepage  [Publications] [Google Scholar] [Research Group] [Activity] [中文主页]

Sen Chen
Tenured associate professor
Tianjin University, China
College of Intelligence and Computing
School of Cybersecurity
Office: Room B331/B401, Building #55, Beiyangyuan Campus
senchen@tju.edu.cn

I am a tenured associate professor at School of Cybersecurity, College of Intelligence and Computing in Tianjin University. I am focusing on Software Security and Analysis including mobile security, open-source security, and intelligent software security. Before that, I was a research assistant professor@Nanyang Technological University, Singapore and working in the research group of Prof. Liu Yang. I received my Ph.D. degree in East China Normal University, Shanghai, China (2014-2019), under the superivsion of Prof. Lihua Xu (NYU Shanghai). I had been a research fellow (2019-2020) and research assistant (2016-2019) at NTU.
I received 3 ACM SIGSOFT Distinguished Paper Awards (ICSE 2018, ICSE 2021, and ASE 2022) and 1 ACM China Rising Star Award (ACM Tianjin Council) 2022.

 Our group (Software Security and Analysis) has several Ph.D. and Master positions. If you are interested in the research directions below, please send me your CV (senchen@tju.edu.cn).
 My official homepage: http://cic.tju.edu.cn/info/1076/3139.htm

 We developed and maintained several open-source tools for security analysis and testing of Android apps such as AUSERA for vulnerability detection, StoryDroid for GUI exploration and app abstract, and XBot for non-crashing bug (i.e., Accessibility issue) detection.

Mobile Security and Privacy [Vulnerability, Privacy, Malware, Bug] (2015-):
Android/iOS vulnerability and privacy: AUSERA (ASE 2022, ICSE 2020, FSE 2018), SiOS (USENIX Security 2020), ATVHunter (ASE 2020, ICSE 2021, TSE 2021), HPDroid (ISSRE 2020)
Android malware: MLPDroid (TDSC 2022), MobiTive (TIFS 2020), XMal (TOSEM 2020, ICSE 2021), GUI-Squatting Attack (TDSC 2019), FakeApp (ICSE 2019), ArgusDroid (SCIS 2022), Grayware (ISSRE 2021), VenomAttack (FCS 2021), SeqDroid (ICECCS 2020), MobiDroid (ICECCS 2019), KuafuDet (COSE 2017), Begonia (CCS 2016), StormDroid (AsiaCCS 2016)
App bug: Xbot (TSE 2021), DroidDefects (TSE 2020), APEChecker (ASE 2018), Exlocator (ICSE 2018)
App abstract and GUI exploration: StoryDroid (ICSE 2019), StoryDistiller (TSE 2022)
Open-Source Software Security [OSS, SCA, CVE, Ecosystem] (2020-):
OSS vulnerability impact analysis: DVGraph in NPM ecosystem (ICSE 2022, TOSEM 2022)
SCA and SAST for Java vulnerability: Empirical study (2022)
CVE and CWE data augmentation: PMA (TOSEM 2021)
Benchmarking non-termination bugs: Bugs in OSS projects (FSE 2022)
Performance regression in SMT string solvers: SPRFinder (TSE 2022, ASE 2022)
Semantic breaking issue detection for Java: Sembid (ASE 2022)
Intelligent Software Security [Model Robustness, DL Framework, DL Platform] (2016-):
Speaker recognition system (SRS): FakeBob (IEEE S&P 2021), AS2T (TDSC 2022), SpeakerGuard (TDSC 2022)
Adversarial mobile malware attack: KuafuDet (COSE 2017)
Adversarial web phishing attack: Pelican (IJIS 2021)
DL framework and platform study: Study on the DL frameworks and platforms (ASE 2019)
Faults in DL systems: Study on the faults of JavaScript-based DL systems (ASE 2022)


News

  October 2022: Our paper "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing" won ACM SIGSOFT Distinguished Paper Award at ASE 2022 (CCF-A).

  Sept 2022: Sen has received ACM China Rising Star Award (ACM Tianjin Council) for his previous achievements in the area of software security and analysis.

  Sept 2022: Two papers accepted by TDSC (CCF-A) and one paper accepted by TOSEM (CCF-A).

  July 2022: Three papers "AUSERA: Automated Security Vulnerability Detection for Android Apps", "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing", and "Towards Understanding the Faults of JavaScript-Based Deep Learning Systems" accepted by ASE 2022 (CCF-A).

  July 2022: Our paper "AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems" accepted by TDSC 2022 (CCF-A).

  June 2022: Our paper "Large-Scale Analysis of Non-Termination Bugs in Real-World OSS Projects" accepted by FSE 2022 (CCF-A).

  April 2022: Our paper "Demystifying Performance Regressions in String Solvers" accepted by TSE (CCF-A).

  February 2022: Our paper "Automatically Distilling Storyboard with Rich Features for Android Apps" accepted by TSE (CCF-A).

  Jan 2022: Our paper "ArgusDroid: Detecting Android Malware Variants by Mining Permission-API Knowledge Graph" accepted by the SCIENCE CHINA Information Sciences (SCIS, CCF-A).

  December 2021: Our paper "Demystifying the Vulnerability Propagation and Its Evolution via Dependency Trees in the NPM Ecosystem" accepted by ICSE 2022 (CCF-A).

  November 2021: Our paper "Detecting and Augmenting Missing Key Aspects in Vulnerability Descriptions" accepted by TOSEM (CCF-A).

  September 2021: Our paper "Research on Third-Party Libraries in Android Apps: A Taxonomy and Systematic Literature Review" accepted by TSE (CCF-A).

  August 2021: Our paper "Accessible or Not? An Empirical Investigation of Android App Accessibility" accepted by TSE (CCF-A)!

  13 August 2021: Give invited talk "Towards security and privacy of Android apps" at State Grid Customer Service Center.

  July 2021: Our paper "Peeking into the Gray Area of Mobile World: An Empirical Study of Unlabeled Android Apps" accepted by ISSRE 2021 (CCF-B, Core Rank A).

  July 2021: Our paper "VenomAttack: Automated and Adaptive Activity Hijacking in Android" accepted by FCS.

  June 2021: Our paper "Towards Characterizing Bug Fixes through Dependency-Level Changes" accepted by the SCIENCE CHINA Information Sciences (SCIS, CCF-A).

  May 2021: Our paper "Advanced Evasion Attacks and Mitigations on Practical ML-Based Phishing Website Classifiers" accepted by International Journal of Intelligent Systems (SCI-Q1).

  April 2021: Our paper "ATVHunter: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications" won ACM SIGSOFT Distinguished Paper Award at ICSE 2021 (CCF-A).

  April 2021: Our two papers "Predicting Entity Relations across Different Security Databases by Using Graph Attention Network" and "Key Aspects Augmentation of Vulnerability Description based on Multiple Security Databases" accepted by COMPSAC 2021.

  Feb 2021: Our TOSEM paper (CCF-A) "Why an Android App is Classified as Malware? Towards Malware Classification Interpretation" (XMal) will be presented at ICSE'21 Journal First Track.

  December 2020: Our paper "ATVHunter: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Apps" accepted by ICSE 2021 (CCF-A).

  November 2020: Our paper "ATOM: Commit Message Generation Based on Abstract Syntax Tree and Hybrid Ranking" accepted by TSE (CCF-A).

  September 2020: Our two papers accepted by TIFS (CCF-A) and TOSEM (CCF-A): "A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices" (MobiTive) and "Why an Android App is Classified as Malware? Towards Malware Classification Interpretation" (XMal).

  August 2020: Our three papers accepted by ASE 2020 (CCF-A), ISSRE 2020, and ICECCS 2020: automated third-party library detection, GDPR compliance violations in Android apps (HPDroid), and sequence-based Android malware detection (SeqDroid).

  July 2020: Our paper "Why My App Crashes? Understanding and Benchmarking Framework-specific Exceptions of Android apps" accepted by TSE (CCF-A).

  April 2020: Our paper "Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems" accepted by IEEE Security & Privacy (Oakland 2021) (CCF-A).

  March 2020: Our paper "iOS, Your OS, Everybody's OS: Vetting and Analyzing Network Services of iOS Applications" accepted by USENIX Security 2020 (CCF-A).

  December 2019: Our paper "An Empirical Assessment of Security Risks of Global Android Banking Apps" accepted by ICSE 2020 (CCF-A).

 November 2019: Our paper "GUI-Squatting Attack: Automated Generation of Android Phishing Apps" accepted by TDSC (CCF-A).

 August 2019: Our paper "An Empirical Study towards Characterizing Deep Learning Development and Deployment across Different Frameworks and Platforms" accepted by ASE 2019 (CCF-A).

 December 2018: One paper "A Large-Scale Empirical Study on Industrial Fake Apps" accepted by ICSE 2019 (CCF-A).

 December 2018: One paper "StoryDroid: Automated Generation of Storyboard for Android Apps" accepted by ICSE 2019 (CCF-A).

 July 2018: One paper "Are Mobile Banking Apps Secure? What Can be Improved?" accepted by ESEC/FSE 2018 (CCF-A).

 July 2018: One paper "Efficiently Manifesting Asynchronous Programming Errors in Android Apps" accepted by ASE 2018 (CCF-A).

 May 2018: Our paper "Large-Scale Analysis of Framework-Specific Exceptions in Android Apps" won ACM SIGSOFT Distinguished Paper Award at ICSE 2018.


Selected Publications [Full list] [Google Scholar] [DBLP]

Highlights: My publications appear in top-tier conferences and journals including
ICSE, ASE, FSE, IEEE Security & Privacy, USENIX Security, ACM CCS, IEEE TSE, ACM TOSEM, IEEE TDSC, IEEE TIFS.

Mobile Security and Privacy:

(ASE 2022) Sen Chen, et al., AUSERA: Automated Security Vulnerability Detection for Android Apps

(ICSE 2020) Sen Chen, et al., An Empirical Assessment of Security Risks of Global Android Banking Apps

(FSE 2018) Sen Chen, et al., Are Mobile Banking Apps Secure? What Can be Improved?

(TDSC 2019) Sen Chen, et al., GUI-Squatting Attack: Automated Generation of Android Phishing Apps

(COSE 2017) Sen Chen, et al., Automated Poisoning Attacks and Defenses in Malware Detection Systems: An Adversarial Machine Learning Approach

(ICSE 2019)Tang, Sen Chen#, et al., A Large-Scale Empirical Study on Industrial Fake Apps

(TIFS 2020) Feng, Sen Chen*, et al., A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices

(TOSEM 2020) Wu, Sen Chen*, et al., Why an Android App is Classified as Malware? Towards Malware Classification Interpretation

(TDSC 2022) Qiao, Feng, Sen Chen*, et al., Multi-label Classification for Android Malware Based on Active Learning

(ICSE 2021) Zhan, Fan, Sen Chen, et al., ATVHunter: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications ACM SIGSOFT Distinguished Paper Award

(ICSE 2019) Sen Chen, et al., StoryDroid: Automated Generation of Storyboard for Android Apps

(TSE 2021) Sen Chen, et al., Automatically Distilling Storyboard with Rich Features for Android Apps

(TSE 2021) Sen Chen, et al., Accessible or Not? An Empirical Investigation of Android App Accessibility

(ICSE 2018) Fan, Su, Sen Chen, et al., Large-Scale Analysis of Framework-Specific Exceptions in Android Apps ACM SIGSOFT Distinguished Paper Award

Open-Source Software Security:

(ICSE 2022) Liu, Sen Chen*, et al., Demystifying the Vulnerability Propagation and Its Evolution via Dependency Trees in the NPM Ecosystem

(TOSEM 2022) Liu, Sen Chen*, et al., Demystifying the Impact of Vulnerabilities in the NPM Ecosystem via Static Call Graph

(TOSEM 2021) Guo, Sen Chen*, et al., Detecting and Augmenting Missing Key Aspects in Vulnerability Descriptions

(FSE 2022) Shi, Xie, Sen Chen*, et al., Large-Scale Analysis of Non-Termination Bugs in Real-World OSS Projects

(TSE 2022) Zhang, Xie, Sen Chen*, et al., Demystifying Performance Regressions in String Solvers

Intelligent Software Security:

(IEEE S&P 2021) Chen, Sen Chen#, et al. Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems

(IJIS 2021) Lei, Sen Chen#, et al., Advanced Evasion Attacks and Mitigations on Practical ML-Based Phishing Website Classifiers

(ASE 2019) Guo, Sen Chen*, et al., An Empirical Study towards Characterizing Deep Learning Development and Deployment across Different Frameworks and Platforms

(ASE 2022) Quan, Guo, Sen Chen*, et al., Towards Understanding the Faults of JavaScript-Based Deep Learning Systems


Awards

 Prototype Research Tool Award 2nd Place (Freestyle) in CCF ChinaSoft 2022
 First Place of The 8th China International College Students' 'Internet+' Innovation and Entrepreneurship Competition
 ACM SIGSOFT Distinguished Paper Award (ASE 2022), October 2022
 ACM China Rising Star Award (ACM Tianjin Council), September 2022
 ACM SIGSOFT Distinguished Paper Award (ICSE 2021), May 2021
 First Class of Progress of Science and Technology Prize of Tianjin, 2020, May 2021
 Prototype Research Tool Award 3rd Place (Fixed topic) in CCF ChinaSoft 2020
 Outstanding Graduates of Shanghai, June 2019
 Prototype Research Tool Award 3rd Place (Freestyle) in CCF NASAC 2018
 ACM/SIGSOFT GAPS Award (ESEC/FSE 2018), September 2018
 ACM SIGSOFT Distinguished Paper Award (ICSE 2018), May 2018
 Graduate Student Overseas Visiting Scholarship, November 2017
 ACM/SIGSOFT GAPS Award (MobiCom 2016), August 2016
 Graduate Student Overseas Visiting Scholarship, June 2016


Services

Program Committee member of ASE 2023
Program Committee member of FSE 2023
Program Committee member of ASE 2022
Program Committee member of FSE 2022
Program Committee member of ASE 2020
Reviewer of TDSC, TIFS, TSE, TOSEM