My LinkedIn page is usually more up-to-date than this page.
I am a Software Development Manager at Amazon NYC, working on AWS Security Hub. I was a Security Software Engineer at Google New York, working on Google’s Data Protection infrastructure. I got my Ph.D in Computer Science at University of California, Berkeley. I was advised by Prof. Dawn Song. My dissertation is titled Abstract Semantics for Software Security Analysis. Before coming to Berkeley, I finished my B.S. degree in Computer Science in Peking University. I did some research as an undergraduate student at PKU ICST. I am also a full member of the Honeynet Project.
I am interested in software security and privacy, data protection, vulnerability discovery and program hardening. I perform research on security and privacy problem in mobile, web and binary programs. Most of my research shares the theme of using formal methods and program analysis to design and implement practical systems for vulnerability discovery and program hardening.
ASPIRE: Iterative Specification Synthesis for Security. Kevin Zhijie Chen, Warren He, Devdatta Ackhawe, Vijay D’Silva, Prateek Mittal, Dawn Song. To appear in the 15th Workshop on Hot Topics in Operating Systems (HotOS’15), Kartause Ittingen, Switzerland, May, 2015. [PDF]
JITScope: Protecting Web Users from Control-Flow Hijacking Attacks. Chao Zhang, Mehrdad Niknami, Kevin Zhijie Chen, Chengyu Song, Zhaofeng Chen, Dawn Song. To appear in the 34th Annual IEEE International Conference on Computer Communications (InfoCom’15), Hong Kong, China, April, 2015. [PDF]
VTint: Defending Virtual Function Tables’ Integrity. Chao Zhang, Chengyu Song, Kevin Zhijie Chen, Zhaofeng Chen, Dawn Song To appear in the Network and Distributed System Security Symposium, (NDSS’15), San Diego, February, 2015. [PDF]
Contextual Policy Enforcement in Android Applications with Permission Event Graphs. Kevin Zhijie Chen, Noah Johnson, Vijay D’Silva, Shuaifu Dai, Kyle MacNamara, Tom Magrino, Edward XueJun Wu, Martin Rinard, Dawn Song, in the Proceedings of the 20th Annual Network and Distributed System Security Symposium, (NDSS’13), San Diego, February 24-27, 2013. [PDF] [BIB] [Slides]
MACE: Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Discovery. Chia Yuan Cho, Domagoj Babic, Pongsin Poosankam, Kevin Zhijie Chen, Dawn Song, Edward XueJun Wu, in the Proceedings of the 20th USENIX Security Symposium, (USENIX Security’11), San Francisco, August 10-12, 2011. [PDF] [BIB]
Differential Slicing: Identifying Causal Execution Differences for Security Applications. Noah Johnson, Juan Caballero, Kevin Zhijie Chen, Stephen McCamant,Pongsin Poosankam, Daniel Reynaud, Dawn Song, in the Proceedings of the 32nd IEEE Symposium on Security and Privacy, (Oakland’11), Oakland, May 22-25 2011. [PDF] [BIB]
WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios. Kevin Zhijie Chen, Guofei Gu, Jose Nazario, Xinhui Han, Jianwei Zhuge, in the Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11), Hong Kong, March 22-24 2011. [PDF] [BIB] [Slides]