< >

Human-centric Security Research Lab

Human-centric Research Lab led by Dr. Danfeng (Daphne) Yao prides itself in building tools, software, and systems for deployable security and quantitative security assurance measurement. Current projects range from secure coding, anomaly detection in networked systems and programs, malware program analysis to cyber-physical system security, and data loss prevention.

Current Research


Software vulnerabilities are costly. NIST estimates that cost to be $60 billion each year, which includes the costs for developing and distributing software patches and reinstalling infected systems and the lost productivity due to malware and errors.

The problem of software vulnerabilities is not new. What is new and promising is the increasing adoption of cryptography and security mechanisms in common software applications. However, it is difficult to write crypto code correctly.

Surprisingly, the practical task of securing cryptographic implementation is still in its infancy. This status is in sharp contrast with the multi-decade advancement of modern cryptography.

This gap became particularly alarming, after multiple high-profile discoveries of cryptography-related vulnerable code in widely used network libraries and tools (e.g., the lack of authenticated encryption in iMessage, Diffie-Hellman key exchange downgrade vulnerability in TLS, and the exposure of random seeds in Juniper Network).

Our ongoing effort is on cryptographic program analysis (CPA), where we design rigorous static program analysis to detect crypto vulnerabilities in code C programs (IEEE SecDev 2017) and Java programs.

Our ICSE '18 work on empirical findings from the Stack Overflow forum are interesting. They motivate the need for effective crypto coding assistance.


Context is a key for security analysts to reason about the legitimacy of observed system and network events.

Finding out why things occur and why they occur in a specific order are like telling stories about the computers and users.

We coined the phrase storytelling security to refer to a general causal reasoning approach for security.

Our group has successfully demonstrated several concrete embodiments for network security (C&S 2016, ASIACCS 2014), web security (TDSC 2012, NSS 2011), and Android security (C&S 2016, AISec 2016).

We hold two U.S. patents on the causality for security technologies.


The conventional attack model assuming a stand-alone malware app may be inadequate for mobile security. Multiple apps can collude to leak sensitive information or abuse system resources.

Existing methods are not designed to defend against such sophisticated collusion attacks on Android. New program analysis and classification techniques on pairs or chains of apps are needed.

Scalability and false alarms are two foremost research challenges. Our new AsiaCCS '17 work computes the collusion threats of more than 100,000 Android apps.