Zhiyong Shan is an assistant professor in the Department of Electrical Engineering
and Computer Science and the director of Software Analysis & Intelligence Laboratory.
Click here to learn more about the lab
Research Interests
- Program Analysis
- Mobile Phone Security
- Virtual Machine
Areas of Teaching Interest
- Aug 2017-Dec 2018, Operating System (Wichita State University).
- Aug 2017-Dec 2018, Software Analytics (Wichita State University).
- Aug 2016-Dec 2016, Advanced Software Engineering (University of Central Missouri)
- May 2016-June 2016, Advanced Android Application Programing (University of Central Missouri)
- Jan 2016-May 2016, Advanced Computer Network and Security (University of Central Missouri)
- Aug 2015-Dec 2015, Advanced Operating System (University of Central Missouri)
- Feb 2004-July 2004, Feb 2005-July 2005, Feb 2007-July 2007, Operating System Principles. (Renmin University of China)
- Sep 2004-Jan 2005, Sep 2005-Jan 2006, Sep 2006-Jan 2007, Computer Basics. (Renmin University of China)
- Sep 2004-Jan 2005, Linux Kernel Analysis. (Renmin University of China)
- Feb 2009-July 2009, C Language. (Renmin University of China)
- Feb 2010-July 2010, Operating System Practices. (Renmin University of China)
- Feb 2009-July 2009, Feb 2010-July 2010, Feb 2011-July 2011, Feb 2012-July 2012, Database Systems and Application. (Renmin University of China)
- Sep 2005-Jan 2006, Sep 2006-Jan 2007, Information Security. (Renmin University of China)
- Sep 2009-Jan 2010, Sep 2010-Jan 2011, Sep 2011-Jan 2012, E-Commerce Security. (Renmin University of China)
Publications
Papers
- Zhiyong Shan, Raina Samuel and Iulian Neamtiu. 2019. Device Administrator Use and Abuse in Android: Detection and Characterization. In Proceedings of the 25th Annual International Conference on Mobile Computing and Networking (MobiCom '19). Accepted.
- Zhiyong Shan, Iulian Neamtiu, Raina Samuel, Self-Hiding Behavior in Android Apps: Detection and Characterization, 40th International Conference on Software Engineering (ICSE 2018).
- Iulian Neamtiu, Xuetao Wei, Michalis Faloutsos, Lorenzo Gomez, Tanzirul Azim, Yongjian Hu, Zhiyong Shan: Improving Smartphone Security and Reliability. Journal of Interconnection Networks 17(1): 1-67 (2017)
- Zhiyong Shan, Tanzirul Azim, Iulian Neamtiu. Finding Resume and Restart Errors in Android Applications. ACM Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA’16), November 2016. Accepted.
- Zhiyong Shan, I. Neamtiu, Z. Qian and D. Torrieri, "Proactive restart as cyber maneuver for Android," Military Communications Conference, MILCOM 2015 - 2015 IEEE, Tampa, FL, 2015, pp. 19-24.
- Jin, Xinxin, Soyeon Park, Tianwei Sheng, Rishan Chen, Zhiyong Shan, and Yuanyuan Zhou. "FTXen: Making hypervisor resilient to hardware faults on relaxed cores." In 2015 IEEE 21st International Symposium on High Performance Computer Architecture (HPCA’15), pp. 451-462. IEEE, 2015.
- Zhiyong Shan, Xin Wang, Tzi-cker Chiueh: Shuttle: Facilitating Inter-Application Interactions for OS-Level Virtualization. IEEE Trans. Computers 63(5): 1220-1233 (2014)
- Zhiyong Shan, Xin Wang: Growing Grapes in Your Computer to Defend Against Malware. IEEE Transactions on Information Forensics and Security 9(2): 196-207 (2014)
- Zhiyong Shan, Xin Wang, Tzi-cker Chiueh: Malware Clearance for Secure Commitment of OS-Level Virtual Machines. IEEE Transactions on Dependable and Secure Computing. 10(2): 70-83 (2013)
- Zhiyong Shan, Xin Wang, Tzi-cker Chiueh: Enforcing Mandatory Access Control in Commodity OS to Disable Malware. IEEE Transactions on Dependable and Secure Computing 9(4): 541-555 (2012)
- Zhiyong Shan, Xin Wang, Tzi-cker Chiueh, Xiaofeng Meng: Facilitating inter-application interactions for OS-level virtualization. In Proceedings of the 8th ACM Annual International Conference on Virtual Execution Environments (VEE’12), 75-86
- Zhiyong Shan, Xin Wang, Tzi-cker Chiueh, and Xiaofeng Meng. "Safe side effects commitment for OS-level virtualization." In Proceedings of the 8th ACM international conference on Autonomic computing (ICAC’11), pp. 111-120. ACM, 2011.
- Zhiyong Shan, Xin Wang, and Tzi-cker Chiueh. 2011. Tracer: enforcing mandatory access control in commodity OS with the support of light-weight intrusion detection and tracing. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS '11). ACM, New York, NY, USA, 135-144. (full paper acceptance rate 16%)
- Shan, Zhiyong, Tzi-cker Chiueh, and Xin Wang. "Virtualizing system and ordinary services in Windows-based OS-level virtual machines." In Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 579-583. ACM, 2011.
- Shan, Zhiyong, Yang Yu, and Tzi-cker Chiueh. "Confining windows inter-process communications for OS-level virtual machine." In Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems, pp. 30-35. ACM, 2009.
- Shan, Zhiyong. "Compatible and Usable Mandatory Access Control for Good-enough OS Security." In Electronic Commerce and Security, 2009. ISECS'09. Second International Symposium on, vol. 1, pp. 246-250. IEEE, 2009.
- Xiao Li, Wenchang Shi, Zhaohui Liang, Bin Liang, Zhiyong Shan. Operating System Mechanisms for TPM-Based Lifetime Measurement of Process Integrity. Proceedings of the IEEE 6th International Conference on Mobile Adhoc and Sensor Systems (MASS 2009), Oct., 2009, Macau SAR, P.R.China, IEEE Computer Society. pp. 783--789.
- Xiao Li, Wenchang Shi, Zhaohui Liang, Bin Liang, Zhiyong Shan. Design of an Architecture for Process Runtime Integrity Measurement. Microelectronics & Computer, Vol.26, No.9, Sep 2009:183~186. (in Chinese)
- Zhiyong Shan, Wenchang Shi. “STBAC: A New Access Control Model for Operating System”. Journal of Computer Research and Development, Vol.45, No.5, 2008: 758~764.(in Chinese)
- Liang Wang, Yuepeng Li, Zhiyong Shan, Xiaoping Yang. Dependency Graph based Intrusion Detection. National Computer Security Conference, 2008. (in Chinese)
- Zhiyong Shan, Wenchang Shi. “An Access Control Model for Enhancing Survivability”. Computer Engineering and Applications, 2008.12. (in Chinese)
- Wenchang Shi, Zhiyong Shan. “A Method for Studying Fine Grained Trust Chain on Operating System”, Computer Science, Vol.35, No.9, 2008, 35(9):1-4. (in Chinese)
- Liang B, Liu H, Shi W, Shan Z. Automatic detection of integer sign vulnerabilities. In International Conference on Information and Automation, ICIA 2008. (pp. 1204-1209). IEEE.
- Zhiyong Shan, Qiuyue Wang, Xiaofeng Meng. “An OS Security Protection Model for Defeating Attacks from Network”, the Third International Conference on Information Systems Security (ICISS 2007), 25-36.
- Zhiyong Shan, “A Security Administration Framework for Security OS Following CC”, Computer Engineering, 2007.5, 33(09):151-163. (in Chinese)
- Zhiyong Shan, “Research on Framework for Multi-policies”, Computer Engineering, 2007.5, 33(09):148-160. (in Chinese)
- Zhiyong Shan, Shi Wenchang, Liao Bin. “Research on the Hierarchical and Distributed Network Security Management System”. Computer Engineering and Applications, 2007.3, 43(2):20-24. (in Chinese)
- Zhiyong Shan, “An Architecture for the Hierarchical and Distributed Network Security Management System”, Computer Engineering and Designing, 2007.7, 28(14):3316-3320. (in Chinese)
- Zhiyong Shan, Yufang Sun, “Study and Implementation of Double-Levels-Cache GFAC”, Chinese Journal of Computers, Nov, 2004, 27(11):1576-1584. (in Chinese)
- Zhiyong Shan, Yufang Sun, “An Operating System Oriented RBAC Model and Its Implementation”, Journal of Computer Research and Development, Feb, 2004, 41(2):287-298. (in Chinese)
- Zhiyong Shan, Yufang Sun, “A Study of Extending Generalized Framework for Access Control”, Journal of Computer Research and Development, Feb, 2003, 40(2):228-234. (in Chinese)
- Zhiyong Shan, Yufang Sun, “A Study of Generalized Environment-Adaptable Multi-Policies Supporting Framework”, Journal of Computer Research and Development, Feb, 2003, 40(2):235-244. (in Chinese)
- Zhiyong Shan, Research on the Framework for Multi-Policies and Practice in Secure Operation System. Phd Thesis, Institute of Software, Chinese Academy of Science 2003. (in Chinese)
- Zhiyong Shan, Yufang Sun, “A Study of Security Attributes Immediate Revocation in Secure OS”, Journal of Computer Research and Development, Dec, 2002, 39(12):1681-1688. (in Chinese)
- Wenchang Shi, Yufang Sun, Hongliang Liang, Xiangfeng Zhang, Qingsong Zhao, Zhiyong Shan. Design and Implementation of Secure Linux Kernel Security Functions. Journal of Computer Research and Development, 2001, Vol.38, No.10, 1255-1261.(in Chinese)
Books
- Zhiyong Shan, Wenchang Shi. Research in Access Control of Operating Systems. Science Press, Beijing, China, Mar 2009. (in Chinese)
- Zhiyong Shan, Zhiqun Guo, E-Commerce Security and Management, China Renmin University Press, Beijing, China, May 2010. (in Chinese)