Limin Yang   (杨利民)

I'm a Senior Software Engineer at ByteDance.
I got my PhD from UIUC Computer Science.
During my PhD, I focus on machine learning security and Internet measurement.
My advisor is Prof. Gang Wang.

Contact: liminy2@illinois.edu

News
07/18/2023

I passed my PhD defense. Now I'm officially Dr. Yang!

05/22/2023 Gave a talk about Jigsaw Puzzle selective backdoor at IEEE S&P 2023.
04/28/2023 Will be giving a talk about CADE at the Noise Lab of UChicago this Friday (04/28).
Thanks for the invitation from Shinan Liu and Prof. Nick Feamster!
04/13/2023 Submitted another paper to IEEE S&P 2024! Thanks my advisor and all of our collaborators!
03/10/2023 Two papers accepted in IEEE S&P'23 (Oakland). Big thanks to everyone and see you at San Francisco!
02/21/2023 Just passed my preliminary exam. Thanks all my committee members!
02/24/2021 We release a new PE malware dataset for ML research [download link].
11/30/2020 I will be serving as a Shadow PC at IEEE S&P 2021.
Publications
[USENIX Security'24] True Attacks, Attack Attempts, or Benign Triggers? An Empirical Measurement of Network Alerts in a Security Operations Center
Limin Yang*, Zhi Chen*, Chenkai Wang, Zhenning Zhang, Sushruth Booma, Phuong Cao, Constantin Adam, Alex Withers, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Gang Wang
PDF
[IEEE S&P'23] Jigsaw Puzzle: Selective Backdoor Attack to Subvert Malware Classifier
Limin Yang, Zhi Chen, Jacopo Cortellazzi, Feargus Pendlebury, Kevin Tu, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang
PDF / Supplementary PDF / Code / Slides / Video
TL;DR: Jigsaw Puzzle backdoor attack can selectively protect one specific malware family but not other malware, leaving smaller footprints and thus bypassing many existing backdoor defenses.
[IEEE S&P'23] Everybody's Got ML, Tell Me What Else You Have: Practitioners' Perception of ML-Based Security Tools and Explanations
Jaron Mink, Hadjer Benkraouda, Limin Yang, Arridhana Ciptadi, Ali Ahmadzadeh, Daniel Votipka, Gang Wang
PDF / Supplementary PDF
TL;DR: Semi-structured interviews with 18 practioners to understand their perspectives on ML and ML explanation.
[USENIX Security'21] CADE: Detecting and Explaining Concept Drift Samples for Security Applications
Limin Yang, Wenbo Guo, Qingying Hao, Arridhana Ciptadi, Ali Ahmadzadeh, Xinyu Xing, Gang Wang
PDF / Supplementary PDF / Code / Slides / Video / Artifact Evaluated
TL;DR: Contrastive learning can help detect drifting samples from previously unseen classes and distance-based explanation can find out why such drifting samples are different from existing classes.
[USENIX Security'20] Measuring and Modeling the Label Dynamics of Online Anti-Malware Engines
Shuofei Zhu, Jianjun Shi, Limin Yang, Boqin Qin, Ziyi Zhang, Linhai Song, Gang Wang
PDF / Data / Artifact Evaluated
TL;DR: How to aggregate VirusTotal labels more properly?
[IMC'19] Opening the Blackbox of VirusTotal: Analyzing Online Phishing Scan Engines
Peng Peng, Limin Yang, Linhai Song, Gang Wang
PDF / Data
TL;DR: Control simple phishing sites to see how bad and inconsistent of the URL detection provided by VirusTotal and security vendors' own APIs.
[USENIX Security'18] Understanding the Reproducibility of Crowd-reported Security Vulnerabilities
Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, Gang Wang
PDF / Data
TL;DR: Provide quantitive evidence on the prevalence of missing information in vulnerability reports and low reproducibility by manually reproduce 368 memory corruption bugs.
[GLOBECOM'17] VulDigger: A Just-in-Time and Cost-Aware Tool for Digging Vulnerability-Contributing Changes
Limin Yang, et al.
PDF
TL;DR: Use metadata and heuristics to predict whether a git commit introduced a vulnerability.
Journal / Workshop Papers
[DLSP'23] Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors
Zhi Chen, Zhenning Zhang, Zeliang Kan, Limin Yang, Jacopo Cortellazzi, Feargus Pendlebury, Fabio Pierazzi, Lorenzo Cavallaro, Gang Wang
PDF
TL;DR: Data-space drift is the dominating contributor to the model degradation over time while feature-space drift has little to no impact.
[DLS'21] BODMAS: An Open Dataset for Learning based Temporal Analysis of PE Malware
Limin Yang, Arridhana Ciptadi, Ihar Laziuk, Ali Ahmadzadeh, Gang Wang
PDF / Slides / Data / Code
TL;DR: We collaborate with Blue Hexagon to release an open Windows PE malware dataset with timestamped metadata as well as curated malware family labels.
[SafeThings'20] A Case Study of the Security Vetting Process of Smart-home Assistant Applications
Hang Hu, Limin Yang, Shihan Lin, Gang Wang
PDF
TL;DR: Verify that replay attack and SQL injection are feasible in Amazon Alexa / Google Home apps.
[PPNA'17] Characterizing User Behaviors in Location-based Find-and-Flirt Services: Anonymity and Demographics
Minhui Xue, Limin Yang, Keith W. Ross, Haifeng Qian
PDF
TL;DR: Who used the WeChat "People Nearby" feature more often?
Internships
IBM Research Visiting Scholar (Research Intern) , New York, US, 05/2022 – 08/2022
ByteDance Security Engineering Intern, California, US, 05/2021 – 08/2021
Penn State Research Intern, Pennsylvania, US, 09/2017 – 02/2018
Peking University Exploit Intern, Beijing, China, 07/2015 – 08/2015
Awards
2021 CCS Student Conference Grant
2017 ECNU Graduate Student Overseas Research Scholarship
2013-2015 ECNU Top-notch Innovative Personnel Training Plan
Teaching
2022 Fall CS-463 Computer Security II, UIUC, Teaching Assistant
2019 Spring CS-4264 Principles of Computer Security, Virginia Tech, Teaching Assistant
2018 Fall CS-3114 Data Structures and Algorithms, Virginia Tech, Teaching Assistant
Professional Services
[TDSC'23] IEEE Transactions on Dependable and Secure Computing, Reviewer
[TSC'23] ACM Transactions on Social Computing, Reviewer
[SECURWARE'23] Emerging Security Information, Systems and Technologies, Technical Program Committee
[ADVCOMP'23] Advanced Engineering Computing and Applications in Sciences, Technical Program Committee
[JISA'23] Journal of Information Security and Applications, Reviewer
[IEEE S&P'21] IEEE Symposium on Security and Privacy, Student PC
[Patterns'21] Patterns (a data science journal by Cell Press), Reviewer
Upcoming Deadlines
Oakland'24 April 13, August 3, December 6, 2023. San Francisco, CA.
USENIX Sec'24 June 6, October 17, 2023; February 8, 2024. Philadelphia, PA.
CCS'23 January 19, May 4, 2023. Copenhagen, Denmark.
NDSS'24 April 19, June 28, 2023. San Diego, CA.

Miscellaneous I'm also a minimalism photographer: whyisyoung.com

Feel free to steal this website's source code, just add a link back to my website and credit Jon Barron and me. Please remove any code that contains "UA-45384067-2" and "GTM-N2T82H2" as they are my Google Analytic tracking ID and you do not want on your own website.