• BE, Computer Science, Tsinghua University, 1999
• Ph D, Computer Science, Princeton University, 2005

Journal Articles

Xiaodong Jia, Ashish Kumar and Gang Tan, 2023, "A derivative-based parser generator for visibly pushdown grammars", ACM Transactions on Programming Languages and Systems (TOPLAS), 45, (9), pp. 1--68

Jialun Zhang, Greg Morrisett and Gang Tan, 2023, "Interval Parsing Grammars for File Format Parsing", Proceedings of the ACM on Programming Languages, 7, (PLDI), pp. 1073--1095

Cong Sun, Yuwan Ma, Dongrui Zeng, Gang Tan, Siqi Ma and Yafei Wu, 2023, "muDep: Mutation-based Dependency Generation for Precise Taint Analysis on Android Native Code", IEEE Transactions on Dependable and Secure Computing, pp. 1461--1475

Cong Ma, Dinghao Wu, Gang Tan, Mahmut T Kandemir and Danfeng Zhang, 2023, "Quantifying and Mitigating Cache Side Channel Leakage with Differential Set", Proceedings of the ACM on Programming Languages, (OOPSLA), pp. 1470--1498

Michael Norris, Z. Berkay Celik, Prasanna Venkatesh Rengasamy, Shulin Zhao, Patrick Drew McDaniel, Anand Sivasubramaniam and Gang Tan, 2022, "IoTRepair: Flexible Fault Handling in Diverse IoT Deployments", ACM Transactions on Internet of Things, 3, (3), pp. 22:1--22:33

Gang Tan, 2017, "Principles and Implementation Techniques of Software-Based Fault Isolation", Foundations and Trends in Privacy and Security, 1, (3), pp. 137-198

Mengtao Sun, Gang Tan, Joseph Siefers, Bin Zeng and Greg Morrisett, 2013, "Bringing Java’s Wild Native World Under Control", ACM Transactions on Information Systems and Security, 16, (3), pp. 9:1–9:28

Amal Ahmed, Andrew Appel, Chris Richards, Kedar Swadi, Gang Tan and Daniel Wang, 2010, "Semantic Foundations for Typed-Assembly Languages", ACM Transactions on Programming Languages and Systems, 32, (3), pp. 1-67

Conference Proceedings

Yuanqing Miao, Mahmut T Kandemir, Danfeng Zhang, Yingtian Zhang, Gang Tan and Dinghao Wu, 2023, "Hardware Support for Constant-Time Programming", pp. 856--870

Verya Monjezi, Ashutosh Trivedi, Gang Tan and Saeid Tizpaz-Niari, 2023, "Information-Theoretic Testing and Debugging of Fairness Defects in Deep Neural Networks", pp. 1571--1582

Yafei Wu, Cong Sun, Dongrui Zeng, Gang Tan, Siqi Ma and Peicheng Wang, 2023, "LibScan: Towards More Precise Third-Party Library Identification for Android Applications", pp. 3385--3402

Saeid Tizpaz-Niari, Ashish Kumar, Gang Tan and Ashutosh Trivedi, 2022, "Fairness-aware Configuration of Machine Learning Libraries", pp. 909--920

Yongzhe Huang, Vikram Narayanan, David Detweiler, Kaiming Huang, Gang Tan, Trent R Jaeger and Anton Burtsev, 2022, "KSplit: Automating Device Driver Isolation", pp. 613--631

Kaiming Huang, Yongzhe Huang, Mathias Payer, Zhiyun Qian, Jack Sampson, Gang Tan and Trent R Jaeger, 2022, "The Taming of the Stack: Isolating Stack Data from Memory Errors"

Zhen Huang, Trent R Jaeger and Gang Tan, 2021, "Fine-grained Program Partitioning for Security", pp. 21--26

Robert Brotzman, Danfeng Zhang, Mahmut T Kandemir and Gang Tan, 2021, "Ghost Thread: Effective User-Space Cache Side Channel Protection", pp. 233--244

Paul Muntean, Richard Viehoever, Zhiqiang Lin, Gang Tan, Jens Grossklags and Claudia Eckert, 2021, "iTOP: Automating Counterfeit Object-Oriented Programming Attacks", pp. 162--176

Dongrui Zeng, Ben Niu and Gang Tan, 2021, "MazeRunner: Evaluating the Attack Surface of Control-Flow Integrity Policies"

Yumei Zhang, Xinzhi Liu, Cong Sun, Dongrui Zeng, Gang Tan, Xiao Kan and Siqi Ma, 2021, "ReCFA: Resilient Control-Flow Attestation", pp. 311-322

Sun Kim, Cong Sun, Dongrui Zeng and Gang Tan, 2021, "Refining Indirect Call Targets at the Binary Level"

Xiaodong Jia, Ashish Kumar and Gang Tan, 2021, "A derivative-based parser generator for visibly Pushdown grammars", In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pp. 1--24

Robert Brotzman, Danfeng Zhang, Mahmut T Kandemir and Gang Tan, 2021, "SpecSafe: Detecting Cache Side Channels in a Speculative World", In ACM Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA), pp. 1--28

Shen Liu, Dongrui Zeng, Yongzhe Huang, Frank Capobianco, Stephen McCamant, Trent R Jaeger and Gang Tan, 2019, "Program-mandering: Quantitative Privilege Separation"

Yu-ping Wang, Xu-Qiang Hu, Zi-Xin Zou, Wende Tan and Gang Tan, 2019, "IVT: an E?cient Method for Sharing Subtype Polymorphic Objects"

Robert Brotzman, Shen Liu, Danfeng Zhang, Gang Tan and Mahmut T Kandemir, 2019, "CaSym: Cache Aware Symbolic Execution for Side Channel Detection and Mitigation", pp. 364--380

Zhen Huang, David Lie, Gang Tan and Trent R Jaeger, 2019, "Using Safety Properties to Generate Vulnerability Patches"

Z. Berkay Celik, Gang Tan and Patrick D McDaniel, 2019, "IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT"

Z. B. Celik, L. Babun, A. K. Sikder, H. Aksu, Gang Tan, Patrick McDaniel and A. S. Uluagac, 2018, "Sensitive Information Tracking in Commodity IoT", pp. 1687–1704

Z. Berkay Celik, Patrick D McDaniel and Gang Tan, 2018, "Soteria: Automated IoT Safety and Security Analysis", pp. 147--158

Shen Liu, Gang Tan and Trent R Jaeger, 2017, "PtrSplit: Supporting General Pointers in Automatic Program Partitioning", pp. 2359–2371

Ben Niu and Gang Tan, 2015, "Per-Input Control-Flow Integrity", pp. 914–926

Ben Niu and Gang Tan, 2014, "Modular Control Flow Integrity", pp. 577–587

Ben Niu and Gang Tan, 2014, "RockJIT: Securing Just-In-Time Compilation Using Modular Control-Flow Integrity", pp. 1317–1328

Ben Niu and Gang Tan, 2013, "Monitor Integrity Protection with Space Efficiency and Separate Compilation", pp. 199-210

Bin Zeng, Gang Tan and Ulfar Erlingsson, 2013, "Strato: A Retargetable Framework for Low-Level Inlined-Reference Monitors", pp. 369–382

Greg Morrisett, Gang Tan, Joseph Tassarotti, Jean-Baptiste Tristan and Edward Gan, 2012, "RockSalt: Better, Faster, Stronger SFI for the x86", pp. 395–404

Bin Zeng, Gang Tan and Greg Morrisett, 2011, "Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing", pp. 29–40

Siliang Li and Gang Tan, 2011, "JET: Exception Checking in the Java Native Interface", pp. 345–358

Joseph Siefers, Gang Tan and Greg Morrisett, 2010, "Robusta: Taming the Native Beast of the JVM", pp. 201–211

Siliang Li and Gang Tan, 2009, "Finding Bugs in Exceptional Situations of JNI Programs", pp. 442–452

Gang Tan and Jason Croft, 2008, "An Empirical Security Study of the Native Code in the JDK", pp. 365–377

Gang Tan and Greg Morrisett, 2007, "ILEA: Inter-Language Analysis across Java and C", pp. 39–56

Gang Tan and Andrew Appel, 2006, "A Compositional Logic for Control Flow", SPRINGER, 3855, pp. 80–94

Xinming Ou, Gang Tan, Yitzhak Mandelbaum and David Walker, 2004, "Dynamic Typing with Dependent Types", pp. 437–450

• April 2023 - March 2026, "Collaborative Research: SaTC: Core: Small: Detecting and Localizing Non-Functional Vulnerabilities in Machine Learning Libraries," (Sponsor: National Science Foundation).

• April 2023 - March 2026, "SaTC: CORE: Small: Precise and Robust Binary Reverse Engineering and its Applications," (Sponsor: National Science Foundation).

• September 2019 - February 2024, "Secure Handling of Isolated Executables without Leaking Data (SHIELD)," (Sponsor: Perspecta Labs, Inc).

• August 2018 - July 2024, "SaTC: CORE: Medium: Collaborative: Threat-Aware Defenses: Evaluating Threats for Continuous Improvement," (Sponsor: National Science Foundation).

• July 2020 - June 2024, "SaTC: CORE: Small: Automatic Software Patching against Microarchitectual Attacks," (Sponsor: National Science Foundation).

• May 2019 - May 2023, "Automatic Generation of Human-Understandable, Machine-Checkable, High-Performance Parsers," (Sponsor: Galois, Inc.).

• June 2019 - May 2023, "CNS Core: Medium: Automated IoT Safety and Security Analysis and Synthesis," (Sponsor: National Science Foundation).

• September 2017 - August 2021, "CAPA: Collaborative Research: Lightweight Abstract Memory Features," (Sponsor: National Science Foundation).

• July 2017 - June 2021, "Semantics-Directed Binary Reverse Engineering and Transformation Validation," (Sponsor: Office of Naval Research).

• January 2016 - August 2019, "TWC: Medium: Collaborative: Retrofitting Software for Defense-in-Depth," (Sponsor: National Science Foundation).

• September 2017 - September 2018, "Automatic Generation of Anti-Specifications from Exploits for Scalable Program Hardening," (Sponsor: Virginia Polytechnic Institute and State University).

• January 2016 - December 2017, "CAREER: User-Space Protection Domains for Compositional Information Security," (Sponsor: National Science Foundation).

• February 2016 - July 2016, "SHF: Small: Collaborative Research: Reusable Tools for Formal Modeling of Machine Code," (Sponsor: National Science Foundation).

• Best Paper Award, 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE), March 2020

• Outstanding Paper Award, 8th ACM Conference on Data and Application Security and Privacy (CODASPY), March 2018 - March 2018

• James F. Will Career Development Professorship, Penn State, January 2016 - December 2018

• Distinguished Reviewer Award for 39th IEEE Symposium on Security and Privacy, IEEE Computer Society's Technical Committee on Security and Privacy, May 2018 - May 2018

• Ruth and Joel Spira Excellence in Teaching Award, Penn State CSE, 2018

• NSF CAREER Award, National Science Foundation, January 2012 - December 2017

• Outstanding Research Award, Penn State Engineering Alumni Society (PSEAS), 2023

• Best Paper Award, 9th Workshop on Language-Theoretic Security (LangSec), 2023

Service to Penn State:

• Academic Leadership and Support Work, Director, Co-director, Institute for Networking and Security Research (INSR), August 2023

• Committee Work, Member, Promotion and Tenure Committee, August 2023 - July 2024

• Committee Work, Chairperson, Department Space Committee, August 2023 - July 2024

• Committee Work, Chairperson, EECS Tenure and Promotion Committee, August 2022 - July 2023

• Committee Work, Member, Chief Information Security Officer (CISO) Advisory Board, September 2022

• Committee Work, Member, Research Computing and Cyber Infrastructure (RCCI) Executive Committee, September 2022

• Committee Work, Co-Chairperson, CSE Faculty Search Committee, August 2022 - July 2024

• Committee Work, Chairperson, CSE Tenure and Promotion Committee, August 2020 - July 2021

• Committee Work, Chairperson, CSE Awards Committee, August 2020 - July 2022

• Committee Work, Member, EECS Steering Committee, August 2020 - July 2024

• Committee Work, Member, EECS Tenure and Promotion Committee, August 2018 - July 2021

• Committee Work, Member, CSE Strategic Committee, August 2017 - May 2022

• Committee Work, Chairperson, Colloquium Committee, August 2017 - July 2020

• Committee Work, Member, Strategic Committee, August 2017 - May 2020

• Committee Work, Member, CSE Tenure and Promotion Committee, August 2017 - July 2021

• Committee Work, Member, Engineering Faculty Council, August 2016 - August 2019

• Committee Work, Member, Institute for CyberScience Coordinating Committee, August 2016 - July 2017

Service to External Organizations:

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, IEEE Symposium on Security and Privacy (Oakland), August 2023 - March 2024

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), October 2022 - March 2023

• Organizing Conferences and Service on Conference Committees, Member, Organizing Committee, IEEE Workshop on Language-Theoretic Security (LangSec), 2022

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Program co-chair, DARPA/ISAT workshop on Radical Paradigm for Innovative Design of Systems (RAPIDS), August 2022 - May 2023

• Organizing Conferences and Service on Conference Committees, Member, Program Committee, 2021 Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), January 2021 - October 2021

• Organizing Conferences and Service on Conference Committees, Committee Member, Technical program committee member, 2022 IEEE Symposium on Security and Privacy (Oakland), June 2021 - May 2022

• Organizing Conferences and Service on Conference Committees, Member, Steering Committee, Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), 2020

• Service to Governmental Agencies, Member, DARPA Information Science and Technology (ISAT) study group, July 2020 - June 2024

• Organizing Conferences and Service on Conference Committees, Member, Program Committee, 2020 Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec), January 2020 - October 2020

• Organizing Conferences and Service on Conference Committees, Chairperson, Workshop chair, The 2020 ACM Conference on Computer and Communications Security (CCS), February 2020 - November 2020

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Poster co-chair, The 2020 Network and Distributed System Security Symposium (NDSS), July 2019 - February 2020

• Organizing Conferences and Service on Conference Committees, Co-Chairperson, Poster co-chair, The 2019 Network and Distributed System Security Symposium (NDSS), July 2018 - February 2019

• Organizing Conferences and Service on Conference Committees, Chairperson, Web chair, The 2019 International Symposium on Code Generation and Optimization, July 2018 - February 2019