4th year undergraduate student
Dept. of Electrical Engineering and Computer Science
University of California, Berkeley
Email: edwardxwu_at_berkeley.edu
Chinese Name: 邬雪骏
About Me: (Resume)
My research interest is in Network, OS, mobile and Application Security. I was born and grew up in Shanghai, China before I moved to the U.S. with my family in 2004. My favorite TV shows are Dr. Who, Life on Mars, Star Trek, Top Gear and House MD. I am also a big fan of documentaries ranging from Theology to Quantum Physics.
Publications:
FreeMarket: Shopping for free in Android applications
Daniel Reynaud, Richard Shin, Tom Magrino, Edward Wu and Dawn Song. NDSS 2012 (extended abstract). [pdf]
MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery
Chia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Edward XueJun Wu and Dawn Song. In Proceedings of the 20th USENIX Security Symposium (USENIX Security ’11), San Francisco, California. [pdf]
Research Experience:
• Research Assistant, PI: Prof. Dawn Song (Sep. 2009 – Present)
- Served as a member of BitBlaze and DroidBlaze research project groups.
- Collaborated in the development of new program analysis and machine learning platforms to enhance, verify and analyze the security of Android apps.
- Worked in combining model-inference techniques with symbolic execution tool to analyze and infer the model of network-interfaced programs, at the same time exploring code paths to find vulnerabilities.
- Contributed to the discovery or analysis of 7 novel vulnerabilities.
Bug Findings:
A list of bug findings that I have worked on:
OSVDB-66497: Cutwail Bot C&C Parsing Remote Overflow
OSVDB-66501: Zbot Trojan C&C Decompression Remote Overflow
CVE-2011-0904: Vino Wild Write
CVE-2011-0905: Vino Out-of-bounds Read
CVE-2011-0906: Vino Infinite Loop
CVE-2011-0907: Realvnc Out-of-bounds Write
CVE-2011-1909: Null Pointer Dereference in Windows kernel-mode driver
Upper Div / Grad Lvl Technical Courses Taken:
Fall 2009:
- EE122 Computer Networking (Prof. Ion Stoica)
- CS186 Introduction to Database Systems (Prof. Michael Franklin)
Spring 2010:
- CS161 Computer Security (Prof. David Wagner & Prof. Vern Paxson)
Fall 2010:
- CS294-28(CS261N) Internet/Network Security (Prof. Vern Paxson)
- CS162 Operating Systems and System Programming (Prof. John Kubiatowicz)
Spring 2011:
- CS261 Computer Security (Prof. Dawn Song)
Fall 2011:
- CS188 Artificial Intelligence (Prof. Dan Klein)
- CS294-42 Cloud Computing: Networking, Systems and Applications (Prof. Ion Stoica)
- CS294-70 Automated Bug Finding and Debugging (Prof. Koushik Shen)
Misc:
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
mQENBE3L6YQBCAC0lJy1LpPRYSkC7AVwvLdNVAmadAha3QOqPRO01bdPZbjKES53
W2uC2pm4IUKKwBJHpHTtXp6P9FedUxi4ipAag5URTqb9+XoZ5Z/avUDPI12qRlhv
ZYlnIp4R1ICxmxq5Davg11lzAFFCN4Zcs0StLPg3vuaq3B8fHn6nI1AafyYcQ95E
8ZKuw0wovCFaY8N5+SMGSXDkW1l3TfzxbtT5QWNJ7YcyhEOw/+nhvhYqnajjK4ZT
7sexfjBaH+tjLKceWMrz44W14dE7wTmX6F08leQFrtRLmgQwEqgWbktSv9f3UjcV
3sc43y0pRa2Dl1/bu4yLlXupSqC6ilYMaHnfABEBAAG0IEVkd2FyZCBXdSA8ZWR3
YXJkZ3R4eUBnbWFpbC5jb20+iQE+BBMBAgAoBQJNy+mEAhsjBQkJZgGABgsJCAcD
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBbgayXxAbRYGscB/9SKh21Q81GlvF8CDvz
AQzPdOH+Qhx9Eh8x/4qubLiwV0W+7NRE97vxQaKLaUdeHLeccvSSX+Y6lQKt6WcR
1MEa0v4RS3VpoxFUUaFJPcgGMhKvDong/cFVMcknZ+DXy6KEfISmDIMf41Cvn5T8
YE4ppooCAVh5eDjLx6lQbFjH6knrjqcJr7WBAzytuqHQbCri7T7uIF0eDcJZaW0A
v6TJVt5mbPfLFXvRcUlqz1u/oS7uEt7IPr3ZWrJ88ooCEMyrkr0EylmQU9yqVBxg
oYXML/HN6o3ACnR11Bcp+3XJQf2IaNwamYelKyBwyb+f1CGYzCS1COfGT/YIBPbE
8SOPuQENBE3L6YQBCACeOOOQP0h/+PjcpPVImBuwJqGpv0dzK+kvuF+9qLAPzoQt
xCPWn1RhUrO7m66s1uK8hAMJP0bJGTr0MeyuGGShwK8uhKhR7KIFh3kSICQWGUSe
JRGOkmwFXHRsOqoCDcq4dZ5KHTrsl2NBLiIDl3lpjOovaw6Lv9aUrKMKmyhgOW9S
zpfod1IeES7jCSGIVmuYRa50ck6jyMFd3QA5XnplJYZgI/V/idYFxoaDdEPHBN5Z
QfBq9L1N0dodcmir7PuNCNgCLC2/uuD3vWBEVgv0w9/6njsmTN6ndr03cZS+mE0t
ivTNrqgzTsVgXm342SH2SJEBtxdg+ryO+mZRbLQrABEBAAGJASUEGAECAA8FAk3L
6YQCGwwFCQlmAYAACgkQW4Gsl8QG0WDu0Af+Pxl88VKLWlYSRl+yHYKaxzxt/R9A
psj7tlhFVbacG83Beci1cFKXgFb30eIBCKyPXWJVnG2Zv8kY+mRRciTysXI1z/Zk
uTxaKqNO5wF8LfsTjnTFH4beECgLW1inM6CDJBttqoe+1Ajr4JrQ542j8ixeUnv1
f9phEHHzXSQtpTqPo2WUiKYGNUjO9VclYPz/bX7aFQU5+vKqW23SgghiatElMSAS
Lg9f7i3FrwRD0UEzZp3CmZvVrnEyYPCFjIE+Xg1tF9pCx98UVleB04A3rdOFyrJl
ekuew8Ae7VV1ajDM9GPof9lQYOVrAX8fTuDDIo4zWRLfplPk9lvdktrxzg==
=yhXM
—–END PGP PUBLIC KEY BLOCK—–
