Computer Security Laboratory @ OSU

TaintMini

Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis

SelectiveTaint

TxSpector

FirmXRay

vSGX

The implementation of the 'vSGX: Virtualizing SGX Enclaves on AMD SEV' paper

SymLM

Implementation of CCS'2022 paper "SymLM: Predicting Function Names in Stripped Binaries via Context-Sensitive Execution-Aware Code Embeddings"

InputScope

A tool that automatically detects both the execution context of user input validation and also the content involved in the validation, to automatically expose the secrets of interest.

MiniCrawler

A keyword based crawler for WeChat Mini-apps

LeakScope

Value set analysis(VSA) for revealing the possible values (strings) of the keys from mobile app

QtRE

A Ghidra headless analyzer tailored for Qt binary analysis

CANHunter

DongleScope

CMRFScanner

This is the repository for the paper "Cross Miniapp Request Forgery"

Reusable-Enclaves

Implementation of the Reusable Enclaves paper

RILDefender

RILDefender: An Android Mobile Privacy Protection Service Against SMS Exploits

PaymentScope

AutoMap

SGX-Enclave-Formal-Verification

Tamarin models for state continuity of SGX enclave programs

SGXRacer

IoTSpotter

Code and data release for CCS'2022 paper "Understanding IoT Security from a Market-Scale Perspective"

bluetooth-pairing-formal-verification

Tamarin models for Bluetooth secure pairing protocols: Passkey Entry (PE) and Numeric comparison (NC)

APIDiff

APIDiff is an automatic tool that generates test cases for each API and identifies execution discrepancies.

CheatFighter

Extract threat intelligence from memory modifying game cheats through static binary analysis

3DScan

GAENPlus

v2v-sgx-prelim

Preliminary V2V SGX vs PKI code performance comparison

5G-Spector

An O-RAN compliant runtime IDS for L3 celluar attack Detection

BaseMirror

BLEScope

PWRLEAK