Skip to content. Skip to main navigation.

avatar

Jiang Ming

Name

[Ming, Jiang]
  • Assistant Professor, Department of Computer Science & Engineering

Biography

Jiang Ming is an Assistant Professor in the Computer Science and Engineering Department at the University of Texas at Arlington. He received the B.S. degree in Information Security from Wuhan University in 2006, the M.Eng. degree in Software Engineering from Peking University in 2009, and the Ph.D. degree in Information Sciences and Technology at Pennsylvania State University. His research focuses on security, especially software security and malware analysis, including secure data flow analysis, software plagiarism detection, malicious binary code analysis, and software analysis for other security issues. Jiang Ming has extensive academic and industry experience in computer security. His work has been published in prestigious security and software engineering conferences (IEEE S&P, USENIX Security, ACM CCS, Euro S&P, FSE, and ASE).

Professional Preparation

    • 2016 Ph.D. in Information Sciences and TechnologyThe Pennsylvania State University
    • 2009 M.Eng. in Software Engineering (Information Security),  Peking University
    • 2006 B.S. in Information SecurityWuhan University

Appointments

    • Aug 2016 to Present Assistant Professor
      The University of Texas at Arlington
    • Mar 2009 to May 2011 Research Engineer
      Singapore Management University

Memberships

  • Membership
    • Oct 2016 to Present Institute of Electrical and Electronics Engineers (IEEE)
    • Aug 2016 to Present Association for Computing Machinery (ACM)

Awards and Honors

    • Aug  2016 The University of Texas System STARS Award sponsored by The University of Texas System
    • Aug  2011 Jordan H. Rednor Graduate Fellowship sponsored by The Pennsylvania State University

Research and Expertise

  • Software Security, Malware Defense, Program Analysis and Verification for Security Issues

    My research connects the area of software testing, software verification with software security. In particular, I build efficient and obfuscation-resilient binary code analysis techniques. I try to automize the tedious reverse engineering work and help people find software vulnerabilities and defeat malicious software.

Publications

      Conference Proceeding 2017
      • [USENIX Security17] BinSim: Trace-based Semantic Binary Diffing via System Call Sliced Segment Equivalence Checking. Jiang Ming, Dongpeng Xu, Yufei Jiang, Dinghao Wu. In Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, Canada, August 16-18, 2017. (Acceptance ratio 16.3%= 85/522)

        {Conference Proceeding }
      2017
      • [S&P17] Cryptographic Function Detection in Obfuscated Binaries via Bit-precise Symbolic Loop Mapping. Dongpeng Xu, Jiang Ming, Dinghao Wu. In Proceedings of the 38th IEEE Symposium on Security and Privacy, San Jose, CA, May 22-24, 2017. (Acceptance ratio 13.3%=60/450)

        {Conference Proceeding }

      Conference Paper 2017
      • [ConPro17] Countering Double-Spend Attacks on Bitcoin Fast-Pay Transactions. John P. Podolanko, Jiang Ming, Matthew K. Wright. In Workshop on Technology and Consumer Protection, San Jose, CA, May 25, 2017. (Co-located with the 38th IEEE Symposium on Security and Privacy)

        {Peer Reviewed }

      Journal Article 2017
      • [TSE] Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software and Algorithm Plagiarism Detection. Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, Sencun Zhu. IEEE Transactions on Software Engineering, 2017

        {Peer Reviewed }

      Conference Proceeding 2016
      • [SCAM'16]  Jiang Ming and Dinghao Wu. BinCFP: Efficient Multi-threaded Binary Code Control Flow Profiling. In Proceedings of the 16th IEEE International Working Conference on Source Code Analysis and Manipulation, Engineering Track, Raleigh, NC, October 2-3, 2016.

        {Peer Reviewed }
      2016
      • [ASE'16]  Jiang Ming, Dinghao Wu, Jun Wang, Gaoyao Xiao, and Peng Liu. StraightTaint: Decoupled Offline Symbolic Taint Analysis.  In Proceedings of the31st IEEE/ACM International Conference on Automated Software Engineering, Technical Research Paper, Singapore, Singapore, September 3-7, 2016. (Acceptance ratio 19.1%=57/298)

        {Peer Reviewed }
      2016
      • [ISC'16]  Dongpeng Xu, Jiang Ming, and Dinghao Wu. Generalized Dynamic Opaque Predicates: A New Control Flow Obfuscation Method. In Proceedings of the 19th Information Security Conference, Honolulu, Hawaii, September 7-9, 2016.

        {Peer Reviewed }
      2016
      • [Euro S&P'16] Pei Wang, Shuai Wang, Jiang Ming,Yufei Jiang, and Dinghao Wu. Translingual Obfuscation. In Proceedings of the 1st IEEE European Symposium on Security and Privacy, Saarbrücken, GERMANY, March 21-24, 2016. (Acceptance ratio 17.3%=29/168)  

        {Peer Reviewed }
      2016
      • [CODASPY'16] Gaoyao Xiao, Jun Wang, Peng Liu, Jiang Ming, and Dinghao Wu. Program-object Level Data Flow Analysis with Applications to Data Leakage and Contamination Forensics. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, New Orleans, LA, March 9-11, 2016. (Apcceptance rate 19.1%=22/115)

        {Peer Reviewed }

      Journal Article 2016
      • [JICV] Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. Impeding Behavior-based Malware Analysis via Replacement Attacks to Malware Specifications.  Journal of Computer Virology and Hacking Techniques, 2016, DOI: 10.1007/s11416-016-0281-3.

        {Peer Reviewed }
      2016
      • [JICV] Jiang Ming, Dongpeng Xu, and Dinghao Wu. MalwareHunt: Semantics-Based Malware Diffing Speedup by Normalized Basic Block Memoization. Journal of Computer Virology and Hacking Techniques, 2016, DOI: 10.1007/s11416-016-0279-x.

        {Peer Reviewed }
      2016
      • [IEEE TRE] Jiang Ming, Fangfang Zhang, Dinghao Wu, Peng Liu, and Sencun Zhu. Deviation-Based Obfuscation-Resilient Program Equivalence Checking with Application to Software Plagiarism DetectionIEEE Transactions on Reliability, Volume 65 , Issue 4, 2016.

        {Peer Reviewed }

      Journal Article 2015
      • [ITCon] Yufei Jiang, Nan Yu, Jiang Ming, Sanghoon Lee, Jason DeGraw, John Yen, John I. Messner, and Dinghao Wu. Automatic Building Information Model Query GenerationJournal of Information Technology in Construction (ITCon), Vol. 20, pp. 518-535, 2015.

        {Peer Reviewed }

      Conference Proceeding 2015
      • [ACM CCS'15] Jiang Ming, Dongpeng Xu, Li Wang, Dinghao Wu. LOOP: Logic-Oriented Opaque Predicate Detection in Obfuscated Binary Code.  In Proceedings of the 22nd ACM Conference on Computer and Communications Security, Denver, Colorado, October 12-16, 2015. (Acceptance ratio 19.3%=128/660)

        {Peer Reviewed }
      2015
      • [ACNS'15] Jiang Ming, Zhi Xin, Pengwei Lan, Dinghao Wu, Peng Liu, and Bing Mao. Replacement Attacks: Automatically Impeding Behavior-based Malware Specifications. In Proceedings of the 13th International Conference on Applied Cryptography and Network Security, New York, June 2-5, 2015. (Acceptance ratio 21.0%=33/157)

        {Peer Reviewed }
      2015
      • [IFIP SEC'15] Jiang Ming, Dongpeng Xu, and Dinghao Wu. Memoized Semantics-Based Binary Diffing with Application to Malware Lineage Inference. In Proceedings of the 30th IFIP TC-11 SEC International Information Security and Privacy Conference, Hamburg, Germany, May 26-28, 2015. (Acceptance ratio 19.8%=42/212)

        {Peer Reviewed }
      2015
      • [USENIX Security'15] Jiang Ming, DinghaoWu, Gaoyao Xiao, Jun Wang, and Peng Liu. TaintPipe: Pipelined Symbolic Taint Analysis. InProceedings of the 24th USENIX Security Symposium, Washington, D.C., August 12-14, 2015. (Acceptance ratio 15.7%=67/426)

        {Peer Reviewed }

      Conference Proceeding 2014
      • [FSE'14] Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, and Sencun Zhu. Semantics-Based Obfuscation-Resilient Binary Code Similarity Comparison with Applications to Software Plagiarism Detection. In Proceedings of the 22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering, Hong Kong, China, November 16-22, 2014. (Acceptance ratio 21.8%=61/280) (Distinguished Paper Award Nomination)

        {Peer Reviewed }

      Conference Proceeding 2012
      • [ASCE’12 ] Yufei Jiang, Jiang Ming, Dinghao Wu, John Yen, Prasenjit Mitra, John I. Messner, and Robert Leicht. BIM Server Requirements to Support the Energy Efficient Building Lifecycle. In Proceedings of the 2012 ASCE International Conference on Computing in Civil Engineering, Clearwater Beach, FL, June 17-20, 2012.

        {Peer Reviewed }
      2012
      • [ICISC'12] Jiang Ming, Meng Pan, and Debin Gao. iBinHunt: Binary Hunting with Inter-Procedural Control Flow. In Proceedings of the 15th Annual International Conference on Information Security and Cryptology, Seoul, Korea, November 28-30, 2012. (Acceptance ratio 25.4%=32/126)

        {Peer Reviewed }

      Conference Proceeding 2011
      • [ESORICS'11] Zhi Wang, Jiang Ming, Chunfu Jia, and Debin Gao. Linear Obfuscation to Combat Symbolic Execution. In Proceedings of the 16th European Symposium on Research in Computer Security, Leuven, Belgium, September 12-14, 2011. (Acceptance ratio 23.2%=36/155)

        {Peer Reviewed }
      2011
      • [NSS'11] Jiang Ming, Haibin Zhang, and Debin Gao. Towards Ground Truthing Observations in Gray-Box Anomaly Detection. InProceedings of the 5th International Conference on Network and System Security, Milan, Italy, September 6-8, 2011. (Acceptance ratio 22.0%=28/127)

        {Peer Reviewed }

      Conference Proceeding 2009
      • [ICICS'09] Limin Liu, Jiang Ming, Zhi Wang, Debin Gao, and Chunfu Jia. Denial-of-Service Attacks on Host-Based Generic Unpackers. InProceedings of the 11th International Conference on Information and Communications Security, Beijing, China, December 14-17, 2009. (Acceptance ratio 19.1%=31/162)

        {Peer Reviewed }

Courses

      • CSE 5380-001 INFORMATION SECURITY 1

        This is a hands-on introductory security course for upper-level undergraduate students and graduate students. Students will learn the basics of cryptography and methods for protecting systems from attack. We will cover malicious software and other attacks that occur over the network, as well as the perimeter defenses used to stop these attacks. Students will then learn about program vulnerabilities that lead to most of the security problems in computing today. We will conclude with the other administrative issues that security professionals must consider in their jobs.

        Fall - Regular Academic Session - 2018 Download Syllabus Contact info & Office Hours
      • CSE 5380-001 INFORMATION SECURITY 1

        This is a hands-on introductory security course for upper-level undergraduate students and graduate students. Students will learn the basics of cryptography and methods for protecting systems from attack. We will cover malicious software and other attacks that occur over the network, as well as the perimeter defenses used to stop these attacks. Students will then learn about program vulnerabilities that lead to most of the security problems in computing today. We will conclude with the other administrative issues that security professionals must consider in their jobs.

        Spring - Regular Academic Session - 2018 Download Syllabus Contact info & Office Hours
      • CSE 6388-001 SPECIAL TOPICS IN ADVANCED INFORMATION SECURITY

        This is a hands-on advanced course on Practical Malware Analysis that will cover several key topics critical to understanding malware as well as how to reverse engineer and analyze it.  These topics include, static analysis, dynamic analysis, sandboxing, binary disassembly, debugging, and malicious Windows programs.  This course will also dive into malware functionality and behavior on computers and over the network to include techniques used to evade detection.  Students will learn how to analyze, break, and prevent malware by studying live samples up close in a sandbox environment.

        Spring - Regular Academic Session - 2018 Download Syllabus Contact info & Office Hours
      • CSE 5380-001 INFORMATION SECURITY 1

        This is a hands-on introductory security course for upper-level undergraduate students and graduate students. Students will learn the basics of cryptography and methods for protecting systems from attack. We will cover malicious software and other attacks that occur over the network, as well as the perimeter defenses used to stop these attacks. Students will then learn about program vulnerabilities that lead to most of the security problems in computing today. We will conclude with the other administrative issues that security professionals must consider in their jobs.

        Fall - Regular Academic Session - 2017 Download Syllabus Contact info & Office Hours
      • CSE 5380-001 INFORMATION SECURITY 1

        This is a hands-on introductory security course for upper-level undergraduate students and graduate students. Students will learn the basics of cryptography and methods for protecting systems from attack. We will cover malicious software and other attacks that occur over the network, as well as the perimeter defenses used to stop these attacks. Students will then learn about program vulnerabilities that lead to most of the security problems in computing today. We will conclude with the other administrative issues that security professionals must consider in their jobs.

        Spring - Regular Academic Session - 2017 Download Syllabus Contact info & Office Hours
      • CSE 5380-001 INFORMATION SECURITY 1

        This is a hands-on introductory security course for upper-level undergraduate students and graduate students. Students will learn the basics of cryptography and methods for protecting systems from attack. We will cover malicious software and other attacks that occur over the network, as well as the perimeter defenses used to stop these attacks. Students will then learn about program vulnerabilities that lead to most of the security problems in computing today. We will conclude with the other administrative issues that security professionals must consider in their jobs.

        Fall - Regular Academic Session - 2016 Download Syllabus Contact info & Office Hours1 Document