You are here

Zhiqiang Lin

  • Associate Professor, Computer Science & Engineering
  • 2015 Neil Ave
    787 Dreese Labs
    Columbus, OH 43210
  • 614-292-0055


  • NSF Faculty Early Career Development (CAREER) Award.

  • AFOSR Young Investigator Program (YIP) Award.

Journal Articles


  • Chen, G.; Chen, S.; Xiao, Y.; Zhang, Y. et al., 2019, "SgxPectre: Stealing intel secrets from SGX enclaves via speculative execution." Proceedings - 4th IEEE European Symposium on Security and Privacy, EURO S and P 2019 142-157 - 142-157.


  • Caballero, J.; Lin, Z., 2016, "Type Inference on Executables." ACM Computing Surveys 48, 65:1-65:35 - 65:1-65:35.


  • Prakash, A.; Venkataramani, E.; Yin, H.; Lin, Z., 2015, "On the Trustworthiness of Memory Analysis-An Empirical Study from the Perspective of Binary Execution." IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING 12, no. 5, 557-570 - 557-570.
  • Bauman, E.; Ayoade, G.; Lin, Z., 2015, "A Survey on Hypervisor Based Monitoring: Approaches, Applications, and Evolutions." ACM Computing Surveys 48, 10:1-10:33 - 10:1-10:33.


  • Gu, Y.; Fu, Y.; Prakash, A.; Lin, Z. et al., 2014, "Multi-Aspect, Robust, and Memory Exclusive Guest OS Fingerprinting." IEEE Transactions on Cloud Computing
  • Rhee, J.; Riley, R.; Lin, Z.; Jiang, X. et al., 2014, "Data-Centric OS Kernel Malware Characterization." Information Forensics and Security, IEEE Transactions on 9, 72-87 - 72-87.


  • Fu, Y.; Lin, Z., 2013, "Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection." ACM Trans. Inf. Syst. Secur. 16,
  • Lin, Z., 2013, "Toward Guest OS Writable Virtual Machine Introspection." VMware Technical Journal 2,


  • Lin, Z.; Zhang, X.; Xu, D., 2010, "Reverse Engineering Input Syntactic Structure from Program Execution and Its Applications." IEEE Transactions on Software Engineering 36, 688-703 - 688-703.


  • Lin, Z.; Wang, C.; Mao, B.; Xie, L., 2005, "A policy flexible architecture for secure operating system." SIGOPS Oper. Syst. Rev. 39, 24-33 - 24-33.


  • Tu, Y.; Lin, Z.; Lee, I.; Hei, X., "Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors." 27th USENIX Security Symposium, 2018

Papers in Proceedings


  • Wen, H.; Zhao, Q.; Chen, Q.A.; Lin, Z. "Automated Cross-Platform Reverse Engineering of CAN Bus Commands from Mobile Apps." (2 2020).


  • Muntean, P.; Neumayer, M.; Lin, Z.; Tan, G. et al. "Analyzing Control Flow Integrity with LLVM-CFI." (1 2019).
  • Chen, G.; Chen, S.; Xiao, Y.; Zhang, Y. et al. "Stealing Intel Secrets from SGX Enclaves via Speculative Execution." (6 2019).
  • Wang, H.; Bauman, E.; Karande, V.; Lin, Z. et al. "Running language interpreters inside SGX: A lightweight, legacy-compatible script code hardening approach." (7 2019).
  • Zuo, C.; Lin, Z.; Zhang, Y. "Why does your data leak? uncovering the data leakage in cloud from mobile apps." (5 2019).
  • Zuo, C.; Lin, Z.; Wen, H.; Zhang, Y. "Automatic fingerprinting of vulnerable BLE IoT devices with static uuids from mobile apps." (11 2019).
  • Wang, H.; Wang, P.; Ding, Y.; Sun, M. et al. "Towards memory safe enclave programming with Rust-SGX." (11 2019).
  • Wang, W.; Zhang, Y.; Lin, Z. "Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries." (1 2019).
  • Alrawi, O.; Zuo, C.; Duan, R.; Kasturi, R. et al. "The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends." (1 2019).
  • Li, M.; Zhang, Y.; Solihin, Y.; Lin, Z. "Exploiting unprotected I/O operations in AMD's secure encrypted virtualization." (1 2019).
  • Zhao, Q.; Zuo, C.; Pellegrino, G.; Lin, Z. "Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services." (2 2019).
  • Xu, X.; Ghaffarinia, M.; Wang, W.; Hamlen, K.W. et al. "CONFIRM: Evaluating Compatibility and Relevance of Control-flow Integrity Protections for Modern Software." (1 2019).
  • Miller, K.; Kwon, Y.; Sun, Y.; Zhang, Z. et al. "Probabilistic Disassembly." (1 2019).
  • Chen, J.; Zuo, C.; Diao, W.; Dong, S. et al. "Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users." (1 2019).


  • Muntean, P.; Fischer, M.; Tan, G.; Lin, Z. et al. "$\tao$CFI: Type-Assisted Control Flow Integrity for x86-64 Binaries." (1 2018).
  • Chen, J.; Diao, W.; Zhao, Q.; Zuo, C. et al. "IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing." (2 2018).
  • Bauman, E.; Lin, Z.; Hamlen, K. "Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics." (2 2018).
  • Bhatt, M.; Ahmed, I.; Lin, Z. "Using Virtual Machine Introspection for Kernel Security Education." in ACM Technical Symposium on Computer Science Education. (2 2018).
  • Bauman, E.; Wang, H.; Zhang, M.; Lin, Z. "SGX-Elide: Enabling Enclave Code Secrecy via Self-Modification." (2 2018).
  • Li, J.; Lin, Z.; Caballero, J.; Zhang, Y. et al. "K-Hunt: Pinpointing insecure cryptographic keys from execution traces." (10 2018).
  • Lu, B.; Zhang, X.; Ling, Z.; Zhang, Y. et al. "A measurement study of authentication rate-limiting mechanisms of modern websites." (12 2018).
  • Karande, V.; Chandra, S.; Lin, Z.; Caballero, J. et al. "BCD: Decomposing Binary Code Into Components Using Graph-Based Clustering." (6 2018).
  • Silvestro, S.; Liu, H.; Liu, T.; Lin, Z. et al. "Guarder: a tunable secure allocator." (1 2018).
  • Xu, X.; Wang, W.; Hamlen, K.W.; Lin, Z. "Towards Interface-Driven COTS Binary Hardening." (10 2018).


  • Zuo, C.; Lin, Z. "SmartGen: Exposing Server URLs of Mobile Apps With Selective Symbolic Execution." (4 2017).
  • Krandle, V.; Bauman, E.; Lin, Z.; Khan, L. "Securing System Logs with SGX." (4 2017).
  • Gu, Y.; Zhao, Q.; Zhang, Y.; Lin, Z. "PT-CFI: Transparent backward-edge control flow violation detection using intel processor trace." (3 2017).
  • Shaon, F.; Kantarcioglu, M.; Lin, Z.; Khan, L. "A Practical Encrypted Data Analytic Framework With Trusted Processors." (11 2017).
  • Fu, Y.; Bauman, E.; Quinonez, R.; Lin, Z. "SGX-LAPD: Thwarting Controlled Side Channel Attacks via Enclave Verifiable Page Faults." (9 2017).
  • Chandra, S.; Karande, V.; Lin, Z.; Khan, L. et al. "Securing Data Analytics on SGX With Randomization." (9 2017).
  • Gu, G.; Hu, H.; Keller, E.; Lin, Z. et al. "Building a Security OS With Software Defined Infrastructure." (9 2017).
  • Zuo, C.; Zhao, Q.; Lin, Z. "AuthScope: Towards Automatic Discovery of Vulnerable Authorizations in Online Services." (11 2017).
  • Silvestro, S.; Liu, H.; Crosser, C.; Lin, Z. et al. "FreeGuard: A Faster Secure Heap Allocator." in ACM Conference on Computer and Communication Security. (11 2017).


  • Zeng, J.; Fu, Y.; Lin, Z. "Automatic Uncovering of Tap Points From Kernel Executions." (9 2016).
  • Zuo, C.; Wang, W.; Wang, R.; Lin, Z. "Automatic Forgery of Cryptographically Consistent Messages to Identify Security Vulnerabilities in Mobile Services." (2 2016).
  • Bauman, E.; Lin, Z. "A Case for Protecting Computer Games With SGX." (12 2016).
  • Gu, Y.; Lin, Z. "Derandomizing Kernel Address Space Layout for Introspection and Forensics." (1 2016).
  • Naami, K.A.; Chandra, S.; Mustafa, A.; Khan, L. et al. "Adaptive Encrypted Traffic Fingerprinting With Bi-Directional Dependence." (12 2016).
  • Fu, Y.; Rhee, J.; Lin, Z.; Li, Z. et al. "Detecting Stack Layout Corruptions with Robust Stack Unwinding." (9 2016).


  • Fu, Y.; Lin, Z.; Brumley, D. "Automatically Deriving Pointer Reference Expressions From Executions For Memory Dump Analysis." (9 2015).
  • Zeng, J.; Fu, Y.; Lin, Z. "PEMU: A Pin Highly Compatible Out-of-VM Dynamic Binary Instrumentation Framework." (3 2015).
  • Kim, S.H.; Xu, L.; Liu, Z.; Lin, Z. et al. "Enhancing Software Dependability and Security with Hardware Supported Instruction Address Space Randomization." (6 2015).
  • Zeng, J.; Lin, Z. "Towards Automatic Inference of Kernel Object Semantics from Binary Code." (11 2015).
  • Bauman, E.; Lu, Y.; Lin, Z. "Half a Century of Practice: Who Is Still Storing Plaintext Passwords?." (5 2015).


  • Peng, F.; Deng, Z.; Zhang, X.; Xu, D. et al. "X-Force: Force-Executing Binary Programs for Security Applications." (8 2014).
  • Pattuk, E.; Kantarcioglu, M.; Lin, Z.; Ulusoy, H. "Preventing Cryptographic Key Leakage in Cloud Virtual Machines." (8 2014).
  • Sounthiraraj, D.; Sahs, J.; Greenwood, G.; Lin, Z. et al. "SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps." (2 2014).
  • Xu, Z.; Zhang, J.; Gu, G.; Lin, Z. "GoldenEye: Efficiently and Effectively Unveiling Malware’s Targeted Environment." (9 2014).
  • Feng, Q.; Prakash, A.; Yin, H.; Lin, Z. "MACE: High-Coverage and Robust Memory Analysis For Commodity Operating Systems." (12 2014).
  • Saberi, A.; Fu, Y.; Lin, Z. "Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization." (2 2014).
  • Fu, Y.; Zeng, J.; Lin, Z. "HyperShell: A Practical Hypervisor Layer Guest OS Shell for Automated In-VM Management." (6 2014).
  • Urbina, D.; Gu, Y.; Caballero, J.; Lin, Z. "SigPath: A Memory Graph Based Approach for Program Data Introspection and Modification." (9 2014).


  • Liu, Z.; Lee, J.; Zeng, J.; Wen, Y. et al. "CPU Transparent Protection of OS Kernel and Hypervisor Integrity with Programmable DRAM." (6 2013).
  • Fu, Y.; Lin, Z.; Hamlen, K. "Subverting Systems Authentication with Context-aware, Reactive Virtual Machine Introspection." (12 2013).
  • Zhaoyan Xu, G.G.; Lin, Z. "AUTOVAC: Towards Automatically Extracting System Resource Constraints and Generating Vaccines for Malware Immunization." (7 2013).
  • Zeng, J.; Fu, Y.; Miller, K.A.; Lin, Z. et al. "Obfuscation resilient binary code reuse through trace-oriented programming." (12 2013).
  • Prakash, A.; Venkataramani, E.; Yin, H.; Lin, Z. "Manipulating Semantic Values in Kernel Data Structures: Attack Assessments and Implications." in 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). (1 2013).
  • Fu, Y.; Lin, Z. "Exterior: Using a Dual-VM Based External Shell for Guest-OS Introspection, Configuration, and Recovery." (3 2013).


  • Wartell, R.; Mohan, V.; Hamlen, K.; Lin, Z. "Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code." (10 2012).
  • Wartell, R.; Mohan, V.; Hamlen, K.; Lin, Z. "Securing Untrusted Code via Compiler-Agnostic Binary Rewriting." (12 2012).
  • Gu, Y.; Fu, Y.; Prakash, A.; Lin, Z. et al. "OS-Sommelier: Memory-Only Operating System Fingerprinting in the Cloud." (10 2012).
  • Fu, Y.; Lin, Z. "Space Traveling across VM: Automatically Bridging the Semantic-Gap in Virtual Machine Introspection via Online Kernel Data Redirection." (5 2012).
  • Lin, Z.; Rhee, J.; Wu, C.; Zhang, X. et al. "DIMSUM: Discovering Semantic Data of Interest from Un-mappable with Confidence." (2 2012).


  • Lin, Z.; Rhee, J.; Zhang, X.; Xu, D. "SigGraph: Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures." (2 2011).
  • Junghwan Rhee, Z.L.; Xu, D. "Characterizing Kernel Malware Behavior with Kernel Data Access Patterns." (3 2011).


  • Lin, Z.; Zhang, X.; Xu, D. "Automatic Reverse Engineering of Data Structures from Binary Execution." (2 2010).
  • Lin, Z.; Zhang, X.; Xu, D. "Reuse-Oriented Camouflaging Trojan: Vulnerability Detection and Attack Construction." (6 2010).
  • Tao Bao, X.Z.; Xu, D. "Strict Control Dependence and its Effect on Dynamic Information Flow Analyses." (7 2010).


  • Wang, T.; Wei, T.; Lin, Z.; Zou, W. "IntScope: Automatically Detecting Integer Overflow Vulnerability In X86 Binary Using Symbolic Execution." (2 2009).


  • Lin, Z.; Zhang, X.; Xu, D. "Convicting Exploitable Software Vulnerabilities: An Efficient Input Provenance Based Approach." (6 2008).
  • Lin, Z.; Zhang, X. "Deriving Input Syntactic Structure From Execution." (11 2008).
  • Lin, Z.; Jiang, X.; Xu, D.; Zhang, X. "Automatic Protocol Format Reverse Engineering Through Context-Aware Monitored Execution." (2 2008).


  • Lin, Z.; Jiang, X.; Xu, D.; Mao, B. et al. "AutoPaG: Towards Automated Software Patch Generation with Source Code Root Cause Identification and Repair." (3 2007).


  • Lin, Z.; Mao, B.; Xie, L. "LibsafeXP: A Practical and Transparent Tool for Run-time Buffer Overflow Preventions." (6 2006).
  • Lin, Z.; Xia, N.; Li, G.; Mao, B. et al. "Transparent Run-Time Prevention of Format-String Attacks via Dynamic Taint and Flexible Validation." (9 2006).