|

I am a Ph.D. candidate in Computer Science at Virginia Tech. My advisor is Dr. Danfeng (Daphne) Yao. Before I came to VT, I completed my Bachelor's Degree in Information Security from University of Science and Technology of China in 2013.

My research interests focus mainly on leveraging Program Analysis and Machine Learning techniques to address Cyber Security challenges. My work focuses on detecting Android malware with machine learning and app prioritization/rewriting. Additional research interests consist of anomaly detection, malware detection and intrusion detection.

Here is my Github, GoogleScholar, LinkedIn, Resume and CV

**Looking for a full-time position job in security and machine-learning engineering!**

News

[11/2017] I present our rewriting work for Mobile Apps at CCS FEAST Dallas TX.

[8/2017] We plan to file a patent for our internship work in RSA laboratories!

[5/2017] I passed my prelim exam in May-12-2017. A milestone!

[1/2016-6/2016] A visiting student in UCSD, San Deigo, CA. A wonderful place for tourism!

[10/2015] Check our current achievement on rewriting a malware behavior! [YouTube]


Peer-reviewed Publications

  • 2017

  • Prioritizing Data Flows and Sinks for App Security Transformation. Ke Tian, Gang Tan, Danfeng Yao, and Barbara Ryder. In submission to ACM Transactions on Privacy and Security (TOPS). Sep, 2017.

    PDF | Code

  • Detection of Repackaged Android Malware with Code-Heterogeneity Features Ke Tian, Danfeng Yao, Barbara Ryder, Gang Tan, and Guojun Peng. In IEEE Transactions on Dependable and Secure Computing (TDSC). Jul. 2017.

    PDF | Slides | Code (Project)

  • Enforcing Cyber-Physical Execution Semantics to Defend Against Data-Oriented Attacks. Long Cheng, Ke Tian, and Danfeng Yao. In Proceedings of Annual Computer Security Applications Conference (ACSAC). Puerto Rico, US. Dec. 2017.

    PDF

  • ReDroid: Prioritizing Data Flows and Sinks for App Security Transformation. Ke Tian, Gang Tan, Danfeng Yao, and Barbara Ryder. In Proceedings of workshop on Forming an Ecosystem Around Software Transformation (FEAST). Collocated with the ACM Computer and Communications Security (CCS). Dallas, TX. Nov. 2017.

    PDF | Code (Project)

  • Breaking the Target: An Analysis of Target Data Breach and Lessons Learned Shu, Xiaokui, Ke Tian, Andrew Ciambrone and Danfeng Yao. In arXiv preprint arXiv:1701.04940. Jan, 2017.

    PDF

  • 2016

  • Analysis of Code Heterogeneity for High-Precision Classification of Repackaged Malware. Ke Tian, Danfeng Yao, Barbara Ryder, and Gang Tan. In Proceedings of Mobile Security Technologies (MoST), in conjunction with the IEEE Symposium on Security and Privacy. San Jose, CA. May 2016.

    PDF

  • A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection Kui Xu, Ke Tian, Danfeng Yao, and Barbara Ryder. In Proceedings of the 46th IEEE/IFIP International Conference on Dependable System and Networks (DSN). Toulouse, France. 2016.

    PDF | Code (Project)

  • Poster: Android-Application Rewriting with Quantitative Information Flow Analysis. Ke Tian, Danfeng(Daphne) Yao, Gang Tan. In Proceedings of The Network and Distributed System Security Symposium (NDSS). San Diego, CA. 2016.

    PDF

  • Before-2015

  • Probabilistic Program Modeling for High-Precision Anomaly Classification. Kui Xu, Danfeng Yao, Barbara Ryder, and Ke Tian. In Proceedings of the 2015 IEEE Computer Security Foundations Symposium (CSF). Verona, Italy. Jul. 2015.

    PDF

  • An Efficient Multi-keyword Ranked Retrieval Scheme with Johnson-Lindenstrauss Transform over Encrypted Cloud Data. Ke Li, Weiming Zhang, Ke Tian, Rundong Liu, and Nenghai Yu. In Cloud Computing and Big Data (CloudCom-Asia), 2013 International Conference on, pp. 320-327. IEEE, 2013.

    PDF


Other Posters

Collusion Attack Implementation by Retrofitting Android Apps, Lance Chao, Ke Tian, Danfeng (Daphne) Yao, VTURCS Spring Symposium 2015. [PDF]

IntrospectDroid: Scalable, Efficient Detection of Repackaged Malware in Android with Call Graph Analysis, Zack Morris, Ke Tian, and Danfeng (Daphne) Yao, VTURCS Spring Symposium 2014. [PDF]


Employment

[RSA Security]
May. 2017 - Aug 2017: Research and Development Intern at RSA Laboratories, A security devision of DELL EMC, Bedford, MA.

  • - Working with Mr Kevin Bowers and Dr Zhou Li.
  • - Patent Filed: filing a patent on malicious website detection for classifying malicious iframes!

[Qualcomm]
June. 2016 - Aug 2016: Research and Development Intern at Qualcomm Research, Silicon Valley (QRSV), San Clara, CA.

  • - Working with Dr. Joel Galenson and Dr. Sudha Anil Gathala.
  • - Static Code Analysis: decompiling Android bytecode for control/data flow analysis to detect communication channels. Reverse engineering applications into Intermediate representations.
  • - Dynamic Instrumentation: instrumenting Android Open Source Project (AOSP) to monitoring dynamic inter-app communications (i.e., Intents). Extracting communication features for machine learning models.

[Virginia Tech(VT)]
Sep. 2013 - Now: Graduate Research Assistant at Dept. of Computer Science, Virginia Tech, Blacksburg, VA.

Sep. 2013 - Now: Graduate Teaching Assistant at Dept. of Computer Science, Virginia Tech, Blacksburg, VA.

  • Fall 2014: Principle of Computer Security, CS4264
  • Fall 2013, Spring 2014: Introduction to C Programming, CS1044

OpenSource

DR-Droid: Android malware detection tool with graph mining and machine learning. [Python] [github]

CS-STILO: Statically initialized Hidden Markov Model (HMM) for program anonaly detection. [Java/C] [github]

AutoRun: Automatic running Apps with events on Android. [Python] [github]

VT-Api: VirusTotal API for Android applications and for a set of URLs.[Python] [github-1] and [github-2]


Courses

Security: Advanced Security(A), Crypotography, Network Security, DataBase Security, etc.
Math: Random Process(A), Discrete Math(A), Graph Theory(A), Comp. Number Theory, Information Theory, etc.
Others: Machine Learning, Data Analytics(A), Program Analysis(A), Software Engineering(A), Algorithms, etc

*(A) means the A grade for the course


Service

Journal reviewer: TDSC, TIFS, Computer Security etc.

Conference reviewer: CCS, ACSAC, AsiaCCS, CNS, CloudCom, etc.


Contact

Email: ketian at vt.edu | ketian at cs.vt.edu

Affiliation: Department of Computer Science, Virginia Tech

Address: B41, 2202 Kraft Drive, KnowledgeWork II, Blacksburg, VA 24060


Tentative Thesis Committee

Prof Gang Tan, School of Electrical and Computer Engineering, PSU

Prof Barbara G. Ryder, Department of Computer Science, Virginia Tech

Prof Naren Ramakrishnan, Department of Computer Science, Virginia Tech

Prof Na Meng, Department of Computer Science, Virginia Tech


Acknowledgement