Education I received my B.E. in
Computer Science from Tsinghua University, and my Ph.D. in Computer Science from
Princeton University advised by Andrew Appel.
Research Interests
I lead the Security of Software (SOS) lab at Lehigh. In general, I am interested in methodologies that
help create reliable and secure software systems:
- Software security
- Programming languages, software engineering
Research Projects
- (1/31/12) The RockSalt paper is accepted by PLDI 2012.
- (1/17/12) We are glad to open source RockSalt 1.0, which includes a high-fidelity model of a subset of x86 in Coq. See this page.
- (1/1/12) I received the NSF Faculty Early Career Development (CAREER) award with the project "User-Space Protection Domains for Compositional Information Security".
- (1/1/12) The SOS lab is looking for talented undergraduate and graduate students to join. Undergrads who are interested in computer security research
can do a summer internship under the NSF REU program; see this page for more details.
- (11/13/11) We are glad to release the source code of Robusta 1.0;
Please see this page.
- Older news...
Teaching
- CSE 262, Programming Languages, Fall 10, Fall 11, Spring 12
- CSE 497, Advanced Programming Languages, Fall 11
- CSE 397/497, Software System Security, Fall 10, Fall 08
- CSE 216, Software Engineering, Spring 10, Spring 09
- CSE 397/497, Programming Languages Design & Analysis Fall 09
Service
Selected Recent Publications
- RockSalt: Better, Faster, Stronger SFI for the x86. G. Morrisett, G. Tan, J. Tassarotti, J.B. Tristan, and E. Gan. To appear in ACM Conference on Programming Language Design and Implementation (PLDI '2012), Jun. 2012.
- Combining Control-Flow Integrity and Static Analysis for Efficient and Validated Data Sandboxing. B. Zeng and G. Tan and G. Morrisett. In 18th ACM Conference on Computer and Communication Security (CCS '11), Oct. 2011.
[paper]
- JET: Exception checking in the Java Native Interface. S. Li and G. Tan. In ACM SIGPLAN International conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA '11), Oct 2011.
[paper]
- Weak updates and separation logic. G. Tan, Z. Shao, X. Feng and H. Cai. In the Journal of New Generation Computing, 2011.
[paper]
- JNI Light: An Operational Model for the Core JNI. G. Tan. In the 8th Asian Symposium on Programming Languages and Systems (APLAS '10), Dec 2010
[paper
|tech report]
- Robusta: Taming the Native Beast of the JVM. J. Siefers, G. Tan, and G. Morrisett. In the 17th ACM Conference on Computer and Communication Security (CCS '10), Oct. 2010.
[paper |
presentation
]
- Weak updates and separation logic. G. Tan, Z. Shao, X. Feng and H. Cai. In the 7th Asian Symposium on Programming Languages and Systems (APLAS '09), Dec. 2009.
[paper
|tech report] (note: superseded by the journal version of the paper)
- Finding bugs in exceptional situations of JNI programs. S. Li and G. Tan. In the 16th ACM Conference on Computer and Communication Security (CCS '09), Nov. 2009.
[paper]
- Semantic Foundations for Typed Assembly Languages.
A. Ahmed, A. W. Appel, C. D. Richards, G. Tan, and D. C. Wang.
ACM Transactions on Programming Languages and Systems (TOPLAS), March 2010.
[paper]
- The New Jersey Voting-machine Lawsuit and the AVC Advantage DRE Voting Machine.
A. W. Appel, M. Ginsburg, H. Hursti, B. W. Kernighan, C. D. Richards, G. Tan, and P. Venetis.
In 2009 Electronic Voting Workshop/Workshop on Trustworthy Elections (EVT/WOTE '09), Aug. 2009.
[paper
| full report
| slashdot
| video
| presentation]
- An Empirical Security Study of the Native Code in the JDK.
G. Tan and J. Croft. In USENIX Security 2008,
San Jose, California, USA, July 2008.
[paper
| technical report
| presentation]
- ILEA: Inter-Language Analysis across Java and C.
G. Tan and G. Morrisett.
In ACM SIGPLAN International conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA '07), Montreal, Canada, Oct 2007.
[paper
| presentation]
- More publications
Links
