• BE, Computer Science, Tsinghua University, 1999
• Ph D, Computer Science, Princeton University, 2005

Journal Articles

Kaiming Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan and Trent R Jaeger, 2024, "Comprehensive Memory Safety Validation: An Alternative Approach to Memory Safety", IEEE Security and Privacy, 22, (4), pp. 40--49

Xiaodong Jia and Gang Tan, 2024, "V-Star: Learning Visibly Pushdown Grammars from Program Inputs", Proceedings of the ACM on Programming Languages, (PLDI), pp. 2003-2026

Xiaodong Jia, Ashish Kumar and Gang Tan, 2023, "A derivative-based parser generator for visibly pushdown grammars", ACM Transactions on Programming Languages and Systems (TOPLAS), 45, (9), pp. 1--68

Jialun Zhang, Greg Morrisett and Gang Tan, 2023, "Interval Parsing Grammars for File Format Parsing", Proceedings of the ACM on Programming Languages, 7, (PLDI), pp. 1073--1095

Cong Sun, Yuwan Ma, Dongrui Zeng, Gang Tan, Siqi Ma and Yafei Wu, 2023, "muDep: Mutation-based Dependency Generation for Precise Taint Analysis on Android Native Code", IEEE Transactions on Dependable and Secure Computing, pp. 1461--1475

Cong Ma, Dinghao Wu, Gang Tan, Mahmut T Kandemir and Danfeng Zhang, 2023, "Quantifying and Mitigating Cache Side Channel Leakage with Differential Set", Proceedings of the ACM on Programming Languages, (OOPSLA), pp. 1470--1498

Michael Norris, Z. Berkay Celik, Prasanna Venkatesh Rengasamy, Shulin Zhao, Patrick Drew McDaniel, Anand Sivasubramaniam and Gang Tan, 2022, "IoTRepair: Flexible Fault Handling in Diverse IoT Deployments", ACM Transactions on Internet of Things, 3, (3), pp. 22:1--22:33

Gang Tan, 2017, "Principles and Implementation Techniques of Software-Based Fault Isolation", Foundations and Trends in Privacy and Security, 1, (3), pp. 137-198

Mengtao Sun, Gang Tan, Joseph Siefers, Bin Zeng and Greg Morrisett, 2013, "Bringing Java’s Wild Native World Under Control", ACM Transactions on Information Systems and Security, 16, (3), pp. 9:1–9:28

Amal Ahmed, Andrew Appel, Chris Richards, Kedar Swadi, Gang Tan and Daniel Wang, 2010, "Semantic Foundations for Typed-Assembly Languages", ACM Transactions on Programming Languages and Systems, 32, (3), pp. 1-67

Conference Proceedings

Kaiming Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan and Trent R Jaeger, 2024, "Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects", pp. 1330--1344

Yuanqing Miao, Yingtian Zhang, Dinghao Wu, Danfeng Zhang, Gang Tan, Rui Zhang and Mahmut T Kandemir, 2024, "Veiled Pathways: Investigating Covert and Side Channels within GPU Uncore", pp. 1169--1183

Yuanqing Miao, Mahmut T Kandemir, Danfeng Zhang, Yingtian Zhang, Gang Tan and Dinghao Wu, 2023, "Hardware Support for Constant-Time Programming", pp. 856--870

Verya Monjezi, Ashutosh Trivedi, Gang Tan and Saeid Tizpaz-Niari, 2023, "Information-Theoretic Testing and Debugging of Fairness Defects in Deep Neural Networks", pp. 1571--1582

Yafei Wu, Cong Sun, Dongrui Zeng, Gang Tan, Siqi Ma and Peicheng Wang, 2023, "LibScan: Towards More Precise Third-Party Library Identification for Android Applications", pp. 3385--3402

Saeid Tizpaz-Niari, Ashish Kumar, Gang Tan and Ashutosh Trivedi, 2022, "Fairness-aware Configuration of Machine Learning Libraries", pp. 909--920

Yongzhe Huang, Vikram Narayanan, David Detweiler, Kaiming Huang, Gang Tan, Trent R Jaeger and Anton Burtsev, 2022, "KSplit: Automating Device Driver Isolation", pp. 613--631

Kaiming Huang, Yongzhe Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan and Trent R Jaeger, 2022, "The Taming of the Stack: Isolating Stack Data from Memory Errors"

Zhen Huang, Trent R Jaeger and Gang Tan, 2021, "Fine-grained Program Partitioning for Security", pp. 21--26

Robert Brotzman, Danfeng Zhang, Mahmut T Kandemir and Gang Tan, 2021, "Ghost Thread: Effective User-Space Cache Side Channel Protection", pp. 233--244

Paul Muntean, Richard Viehoever, Zhiqiang Lin, Gang Tan, Jens Grossklags and Claudia Eckert, 2021, "iTOP: Automating Counterfeit Object-Oriented Programming Attacks", pp. 162--176

Dongrui Zeng, Ben Niu and Gang Tan, 2021, "MazeRunner: Evaluating the Attack Surface of Control-Flow Integrity Policies"

Yumei Zhang, Xinzhi Liu, Cong Sun, Dongrui Zeng, Gang Tan, Xiao Kan and Siqi Ma, 2021, "ReCFA: Resilient Control-Flow Attestation", pp. 311-322

Sun Kim, Cong Sun, Dongrui Zeng and Gang Tan, 2021, "Refining Indirect Call Targets at the Binary Level"

Xiaodong Jia, Ashish Kumar and Gang Tan, 2021, "A derivative-based parser generator for visibly Pushdown grammars", In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pp. 1--24

Robert Brotzman, Danfeng Zhang, Mahmut T Kandemir and Gang Tan, 2021, "SpecSafe: Detecting Cache Side Channels in a Speculative World", In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pp. 1--28

Shen Liu, Dongrui Zeng, Yongzhe Huang, Frank Capobianco, Stephen McCamant, Trent R Jaeger and Gang Tan, 2019, "Program-mandering: Quantitative Privilege Separation"

Yu-ping Wang, Xu-Qiang Hu, Zi-Xin Zou, Wende Tan and Gang Tan, 2019, "IVT: an E?cient Method for Sharing Subtype Polymorphic Objects"

Robert Brotzman, Shen Liu, Danfeng Zhang, Gang Tan and Mahmut T Kandemir, 2019, "CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation", pp. 364--380

Zhen Huang, David Lie, Gang Tan and Trent R Jaeger, 2019, "Using Safety Properties to Generate Vulnerability Patches"

Z. Berkay Celik, Gang Tan and Patrick D McDaniel, 2019, "IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT"

Z. B. Celik, L. Babun, A. K. Sikder, H. Aksu, Gang Tan, Patrick McDaniel and A. S. Uluagac, 2018, "Sensitive Information Tracking in Commodity IoT", pp. 1687–1704

Z. Berkay Celik, Patrick D McDaniel and Gang Tan, 2018, "Soteria: Automated IoT Safety and Security Analysis", pp. 147--158

Shen Liu, Gang Tan and Trent R Jaeger, 2017, "PtrSplit: Supporting General Pointers in Automatic Program Partitioning", pp. 2359–2371

Ben Niu and Gang Tan, 2015, "Per-Input Control-Flow Integrity", pp. 914–926

Ben Niu and Gang Tan, 2014, "Modular Control Flow Integrity", pp. 577–587

Ben Niu and Gang Tan, 2014, "RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity", pp. 1317–1328

Ben Niu and Gang Tan, 2013, "Monitor Integrity Protection with Space Efficiency and Separate Compilation", pp. 199-210

Bin Zeng, Gang Tan and Ulfar Erlingsson, 2013, "Strato: A Retargetable Framework for Low-Level Inlined-Reference Monitors", pp. 369–382

Greg Morrisett, Gang Tan, Joseph Tassarotti, Jean-Baptiste Tristan and Edward Gan, 2012, "RockSalt: Better, Faster, Stronger SFI for the x86", pp. 395–404

Bin Zeng, Gang Tan and Greg Morrisett, 2011, "Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing", pp. 29–40

Siliang Li and Gang Tan, 2011, "JET: Exception Checking in the Java Native Interface", pp. 345–358

Joseph Siefers, Gang Tan and Greg Morrisett, 2010, "Robusta: Taming the Native Beast of the JVM", pp. 201–211

Siliang Li and Gang Tan, 2009, "Finding Bugs in Exceptional Situations of JNI Programs", pp. 442–452

Gang Tan and Jason Croft, 2008, "An Empirical Security Study of the Native Code in the JDK", pp. 365–377

Gang Tan and Greg Morrisett, 2007, "ILEA: Inter-Language Analysis across Java and C", pp. 39–56

Gang Tan and Andrew Appel, 2006, "A Compositional Logic for Control Flow", SPRINGER, 3855, pp. 80–94

Xinming Ou, Gang Tan, Yitzhak Mandelbaum and David Walker, 2004, "Dynamic Typing with Dependent Types", pp. 437–450

• June 2024 - June 2027, "VeriPro: Verified Probabilistic Cognitive Reasoning for Tactical Mixed Reality Systems," (Sponsor: Defense Advanced Research Projects Agency).

• April 2023 - March 2026, "Collaborative Research: SaTC: Core: Small: Detecting and Localizing Non-Functional Vulnerabilities in Machine Learning Libraries," (Sponsor: National Science Foundation).

• April 2023 - March 2026, "SaTC: CORE: Small: Precise and Robust Binary Reverse Engineering and its Applications," (Sponsor: National Science Foundation).

• July 2020 - June 2025, "SaTC: CORE: Small: Automatic Software Patching against Microarchitectual Attacks," (Sponsor: National Science Foundation).

• September 2019 - February 2024, "Secure Handling of Isolated Executables without Leaking Data (SHIELD)," (Sponsor: Perspecta Labs, Inc).

• August 2018 - July 2024, "SaTC: CORE: Medium: Collaborative: Threat-Aware Defenses: Evaluating Threats for Continuous Improvement," (Sponsor: National Science Foundation).

• June 2019 - May 2023, "CNS Core: Medium: Automated IoT Safety and Security Analysis and Synthesis," (Sponsor: National Science Foundation).

• May 2019 - May 2023, "Automatic Generation of Human-Understandable, Machine-Checkable, High-Performance Parsers," (Sponsor: Galois, Inc.).

• September 2017 - August 2021, "CAPA: Collaborative Research: Lightweight Abstract Memory Features," (Sponsor: National Science Foundation).

• July 2017 - June 2021, "Semantics-Directed Binary Reverse Engineering and Transformation Validation," (Sponsor: Office of Naval Research).

• January 2016 - August 2019, "TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth," (Sponsor: National Science Foundation).

• September 2017 - September 2018, "Automatic Generation of Anti-Specifications from Exploits for Scalable Program Hardening," (Sponsor: Virginia Polytechnic Institute and State University).

• January 2016 - December 2017, "CAREER: User-Space Protection Domains for Compositional Information Security," (Sponsor: National Science Foundation).

• February 2016 - July 2016, "SHF: Small: Collaborative Research: Reusable Tools for Formal Modeling of Machine Code," (Sponsor: National Science Foundation).

• Distinguished Paper Award, 45th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2024 - 2024

• Most Downloaded Paper, Proceedings of the ACM on Programming Languages (PAMPL), 2024 - 2024

• Outstanding Research Award, Penn State Engineering Alumni Society (PSEAS), 2023 - 2023

• Best Paper Award, 9th Workshop on Language-Theoretic Security (LangSec), 2023 - 2023

• Best Paper Award, 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE), March 2020

• Outstanding Paper Award, 8th ACM Conference on Data and Application Security and Privacy (CODASPY), March 2018 - March 2018

• James F. Will Career Development Professorship, Penn State, January 2016 - December 2018

• Distinguished Reviewer Award for 39th IEEE Symposium on Security and Privacy, IEEE Computer Society's Technical Committee on Security and Privacy, May 2018 - May 2018

• Ruth and Joel Spira Excellence in Teaching Award, Penn State CSE, 2018

• NSF CAREER Award, National Science Foundation, January 2012 - December 2017

Service to Penn State:

• Committee Work, Member, Promotion and Tenure Committee, August 2023 - July 2024

• Committee Work, Chairperson, Department Space Committee, August 2023 - July 2024

• Committee Work, Chairperson, EECS Tenure and Promotion Committee, August 2022 - July 2023

• Committee Work, Member, Chief Information Security Officer (CISO) Advisory Board, September 2022

• Committee Work, Member, Research Computing and Cyber Infrastructure (RCCI) Executive Committee, September 2022

• Committee Work, Co-Chairperson, CSE Faculty Search Committee, August 2022

• Committee Work, Chairperson, CSE Tenure and Promotion Committee, August 2020 - July 2021

• Committee Work, Chairperson, CSE Awards Committee, August 2020 - July 2022

• Committee Work, Member, EECS Steering Committee, August 2020

• Committee Work, Member, EECS Tenure and Promotion Committee, August 2018 - July 2021

• Committee Work, Member, CSE Strategic Committee, August 2017 - May 2022

• Committee Work, Chairperson, Colloquium Committee, August 2017 - July 2020

• Committee Work, Member, Strategic Committee, August 2017 - May 2020

• Committee Work, Member, CSE Tenure and Promotion Committee, August 2017 - July 2021

• Committee Work, Member, Engineering Faculty Council, August 2016 - August 2019

• Committee Work, Member, Institute for CyberScience Coordinating Committee, August 2016 - July 2017

Service to External Organizations:

• Organizing Conferences and Service on Conference Committees, Chairperson, Program chair, AppelFest at Princeton, January 2024 - May 2024

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, Annual Network & Distributed System Security Symposium (NDSS), February 2024 - February 2025

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA), October 2024 - October 2025

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, ACM CCS Doctoral Symposium, April 2024 - October 2024

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, IEEE Symposium on Security and Privacy (Oakland), August 2023 - March 2024

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Program co-chair, IEEE International Symposium on Secure and Private Execution Environment Design (SEED), August 2023 - May 2024

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), October 2022 - March 2023

• Organizing Conferences and Service on Conference Committees, Member, Organizing Committee, IEEE Workshop on Language-Theoretic Security (LangSec), 2022

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Program co-chair, DARPA/ISAT workshop on Radical Paradigm for Innovative Design of Systems (RAPIDS), August 2022 - May 2023

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, 2022 IEEE Symposium on Security and Privacy (Oakland), June 2021 - May 2022

• Organizing Conferences and Service on Conference Committees, Member, Program Committee, 2021 Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), January 2021 - October 2021

• Organizing Conferences and Service on Conference Committees, Member, Steering Committee, Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), 2020

• Service to Governmental Agencies, Member, DARPA Information Science and Technology (ISAT) study group, July 2020 - June 2024

• Organizing Conferences and Service on Conference Committees, Member, Program Committee, 2020 Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), January 2020 - October 2020

• Organizing Conferences and Service on Conference Committees, Chairperson, Workshop chair, The 2020 ACM Conference on Computer and Communications Security (CCS), February 2020 - November 2020

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Poster co-chair, The 2020 Network and Distributed System Security Symposium (NDSS), July 2019 - February 2020

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Poster co-chair, The 2019 Network and Distributed System Security Symposium (NDSS), July 2018 - February 2019

• Organizing Conferences and Service on Conference Committees, Chairperson, Web chair, The 2019 International Symposium on Code Generation and Optimization, July 2018 - February 2019