Selected Publications

• Navigating Developers’ Quagmire: LLM-Enabled Privacy Compliance Analysis for SDK Integrations [PDF] [Bib]
  Zhaojie Hu, and Xueqiang Wang
  In IEEE Security & Privacy'26
• When Designers Meet GenAI: Understanding the Role of Prompt-to-Design Generators in Privacy Dark Patterns [PDF] [Bib]
  Jingzhou Ye, Zhaojie Hu, Yao Li, and Xueqiang Wang
  In IEEE Security & Privacy'26
• Understanding and Analyzing Privacy Risks in Mobile Consent-Management Platforms [PDF] [Bib]
  Jingzhou Ye*, Fares Alharbi*, Luyi Xing, and Xueqiang Wang
  In IEEE Security & Privacy'26
• From Awareness to Action: The Effects of Experiential Learning on Educating Users about Dark Patterns [PDF] [Bib] [Best Paper Award]
  Jingzhou Ye, Yao Li, Wenting Zou, and Xueqiang Wang
  In CHI'25
• Privacy Law Enforcement Under Centralized Governance: A Qualitative Analysis of Four Years’ Special Privacy Rectification Campaigns [PDF] [Bib]
  Tao Jing, Yao Li, Jingzhou Ye, Jie Wang, Xueqiang Wang
  In USENIX Security'25
• Navigating the Privacy Compliance Maze: Understanding Risks with Privacy-Configurable Mobile SDKs [PDF] [Bib]
  Yifan Zhang*, Zhaojie Hu*, Xueqiang Wang, Yuhui Hong, Yuhong Nan, XiaoFeng Wang, Jiatao Cheng, Luyi Xing
  In USENIX Security'24
• Seeing is Not Always Believing: An Empirical Analysis of Fake Evidence Generators [PDF] [Bib]
  Zhaojie Hu*, Jingzhou Ye*, Yifan Zhang, Xueqiang Wang
  In EuroS&P’24
• DARPA: Combating Asymmetric Dark UI Patterns on Android with Run-time View Decorator [PDF] [Bib]
  Zhaoxin Cai, Yuhong Nan, Xueqiang Wang, Mengyi Long, Qihua Ou, Min Yang, Zibin Zheng
  In DSN’23
• Union under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android Software Supply Chain [PDF] [Bib]
  Xueqiang Wang*, Yifan Zhang*, XiaoFeng Wang, Yan Jia, Luyi Xing
  In USENIX Security’23
• Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps [PDF] [Bib] [Supplementary]
  Yuhong Nan*, Xueqiang Wang*, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang, XiaoFeng Wang
  In USENIX Security’23
• Credit Karma: Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference [PDF] [Bib]
  Xueqiang Wang*, Yuqiong Sun*, Susanta Nanda, XiaoFeng Wang
  In USENIX Security’23
• Understanding Malicious Cross-library Data Harvesting on Android [PDF] [Bib]
  Jice Wang*, Yue Xiao*, Xueqiang Wang, Yuhong Nan, Luyi Xing, Xiaojing Liao, JinWei Dong, Nicolas Serrano, XiaoFeng Wang, Yuqing Zhang, Haoran Lu
  In USENIX Security’21
• Demystifying Resource Management Risks in Emerging Mobile App-in-App Ecosystems [PDF] [Bib]
  Haoran Lu, Luyi Xing, Yue Xiao, Yifan Zhang, Xiaojing Liao, XiaoFeng Wang, Xueqiang Wang
  In CCS'20
• Understanding Illicit UI in iOS apps Through Hidden UI Analysis [PDF] [Bib] [Supplementary] [Media]
  Yeonjoon Lee*,Xueqiang Wang*, Xiaojing Liao, XiaoFeng Wang
  In TDSC'19
• Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps [PDF] [Bib] [AppSet]
  Xueqiang Wang, Yuqiong Sun, Susanta Nanda, XiaoFeng Wang
  In USENIX Security'19
• Understanding iOS-based Crowdturfing Through Hidden UI Analysis [PDF] [Bib]
  Yeonjoon Lee*, Xueqiang Wang*, Kwangwuk Lee, Xiaojing Liao, XiaoFeng Wang, Tongxi Li, Xianghang Mi
  In USENIX Security'19
• ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery [PDF] [Bib]
  Wei You, Xueqiang Wang, Shiqing Ma, Jianjun Huang, Xiangyu Zhang, XiaoFeng Wang, Bin Liang
  In IEEE Security & Privacy'19
• OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS [PDF] [Bib]
  Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, XiaoFeng Wang
  In NDSS'18
• Things You May Not Know About Android (Un)Packers: A Systematic Study based on Whole-System Emulation [PDF] [Bib]
  Yue Duan, Mu Zhang, Abhishek Vasist Bhaskar, Heng Yin, Xiaorui Pan, Tongxin Li, Xueqiang Wang, Xiaofeng Wang
  In NDSS'18
• Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews [PDF] [Bib] [Supplementary]
  Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han
  In CCS'17
• Dark Hazard: Learning-based, Large-scale Discovery of Hidden Sensitive Operations in Android Apps [PDF] [Bib]
  Xiaorui Pan, Xueqiang Wang, Yue Duan, XiaoFeng Wang, Heng Yin
  In NDSS'17
• Following devil's footprints: Cross-platform analysis of potentially harmful libraries on android and ios [PDF] [Bib] [Supplementary]
  Kai Chen, Xueqiang Wang, Yi Chen, Peng Wang, Yeonjoon Lee, XiaoFeng Wang, Bin Ma, Aohui Wang, Yingjun Zhang, Wei Zou
  In IEEE Security & Privacy'16
• DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices [PDF] [Bib]
  Xueqiang Wang, Kun Sun, Yuewu Wang, Jiwu Jing
  In NDSS'15
• WrapDroid: Flexible and Fine-Grained Scheme Towards Regulating Behaviors of Android Apps [PDF] [Bib]
  Xueqiang Wang, Yuewu Wang, Limin Liu, Lingguang Lei, Jiwu Jing
  In ICISC'14