Recent Papers (bibtex entries)

• Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing. B. Zeng, G. Tan, and G. Morrisett. In the 18th ACM Conference on Computer and Communication Security (CCS '11), Oct. 2011. [paper]
• JET: Exception checking in the Java Native Interface. S. Li and G. Tan. In ACM SIGPLAN International conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA '11), Oct 2011. [paper]
• Detection and Classification of Different Botnet C&C Channels. G. Fedynyshyn, M. Chuah, and G. Tan. In the 8th International Conference on Autonomic and Trusted Computing (ATC '11), Sep. 2011. [paper]
• Weak Updates and Separation Logic. G. Tan, Z. Shao, X. Feng and H. Cai. In the Journal of New Generation Computing, 2011. [paper]
• JNI Light: An Operational Model for the Core JNI. G. Tan. In the 8th Asian Symposium on Programming Languages and Systems (APLAS '10) [paper |tech report]
• Robusta: Taming the Native Beast of the JVM. J. Siefers, G. Tan, and G. Morrisett. In the 17th ACM Conference on Computer and Communication Security (CCS '10), Oct. 2010. [paper]
• Semantic Foundations for Typed Assembly Languages. A. Ahmed, A. W. Appel, C. D. Richards, G. Tan, and D. C. Wang. ACM Transactions on Programming Languages and Systems (TOPLAS), 32(3):7.1-7.67, March 2010. [paper]
• Weak updates and separation logic. G. Tan, Z. Shao, X. Feng and H. Cai. In the 7th Asian Symposium on Programming Languages and Systems (APLAS '09), pages 178-193, Dec. 2009. [paper |tech report] (note: superseded by the journal version above)
• Finding bugs in exceptional situations of JNI programs. With S. Li. In the 16th ACM Conference on Computer and Communication Security (CCS '09), pages 442-452, Nov. 2009. [paper]
• The New Jersey Voting-machine Lawsuit and the AVC Advantage DRE Voting Machine. A. W. Appel, M. Ginsburg, H. Hursti, B. W. Kernighan, C. D. Richards, G. Tan, and P. Venetis. In 2009 Electronic Voting Workshop/Workshop on Trustworthy Elections (EVT/WOTE '09), Aug. 2009. [paper | full report | slashdot | video | presentation]
• Document Analysis Support for the Manual Auditing of Elections. D. Lopresti, X. Zhou, X. Huang, and G. Tan. In the Tenth International Conference on Document Analysis and Recognition (ICDAR '09), July 2009 [paper].
• An Empirical Security Study of the Native Code in the JDK. Gang Tan and Jason Croft. In USENIX Security 2008, San Jose, California, USA, July 2008, pages 365-377. [paper | technical report | presentation]
• ILEA: Inter-Language Analysis across Java and C. Gang Tan and Greg Morrisett. In ACM SIGPLAN International conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA), Montreal, Canada, Oct 2007. [paper | presentation]
• Security Analysis of the Native Code in Sun's JDK. Jason Croft and Gang Tan. In 23rd Annual Computer Security Applications Conference (ACSAC), work-in-progress session, Dec 2007. See the USENIX Security paper for a complete description.
• Delayed and Controlled Failures in Tamper-Resistant Systems. Gang Tan, Yuqun Chen, Mariusz H. Jakubowski. In 8th Information Hiding, Alexandria, Virginia, USA, July 2006. LNCS 4437, pages 216-231. [paper | presentation]
• Mechanized Metatheory for User-Defined Type Extensions. Daniel Marino, Brian Chin, Todd Millstein, Gang Tan, Rob Simmons, and David Walker. In ACM SIGPLAN Workshop on Mechanizing Metatheory, Portland, Oregon, USA, 2006. [paper]
• Safe Java Native Interface. Gang Tan, Andrew W. Appel, Srimat Chakradhar, Anand Raghunathan, Srivaths Ravi and Daniel Wang. In IEEE International Symposium on Secure Software Engineering (ISSSE 06), pages 97-106, March 2006. [paper | presentation]
• A Compositional Logic for Control Flow. Gang Tan and Andrew W. Appel. In Seventh International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI 06), LNCS 3855, pages 80-94, Springer, January 2006. [paper | presentation]
• Dynamic Typing with Dependent Types. Xinming Ou, Gang Tan, Yitzhak Mandelbaum and David Walker. In the 3rd IFIP International Conference on Theoretical Computer Science (TCS 04), pages 437-450, Kluwer, August 2004. [paper | technical report]
• Construction of a Semantic Model for a Typed Assembly Language. Gang Tan, Andrew W. Appel, Kedar Swadi and Dinghao Wu. In Fifth International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI 04), LNCS 2937, pages 30-43, Springer, January 2004. [paper | presentation]
• Enforcing Resource Usage Protocols Via Scoped Methods. Gang Tan, Xinming Ou and David Walker. In 10th International Workshop on Foundations of Object-Oriented Languages (FOOL 10), January 2003. [paper]

A complete list is in Tan's CV.

 

Patents

• Y. Chen and G. Tan: Tamper Response Mechanism. Patent pending, filed in May, 2006, U.S. Serial No. 11/420,987.

Other Writings

• A Collection of Well-Known Software Failures. Gang Tan.

The documents contained in these pages are included to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.