I am currently a Software Engineer at Google, and working with the Mobile Malware Detection Group. I graduated with a Ph.D. in the department of Computer Science and Engineering at University of South Florida, and honored to be advised by Dr.Xinming (Simon) Ou. Furthermore, I am a member of Argus CyberSecurity Lab.

Research

My main research interests are in the areas of computer networks and security with emphasis on:

  • Applying static analysis for Android security vetting: The focus is on detecting security issues on Android application. A large portion of those issues can be resolved by addressing one core problem – capturing semantic behaviors of the app such as object points-to and control-/data-flow information. Thus, we designed an approach to conducting static analysis for vetting Android apps, and built a generic framework, called Argus-SAF, which does inter-component, flow-/context-sensitive data flow analysis. Based on Argus-SAF, we applied certain security applications on popular Android apps, and the results shows that the tool is capable of finding real security issues and efficient enough in terms of analysis time. Our research paper is accepted by CCS 2014 and a significantly enhanced version is accepted by TOPS 2018. The JNI analysis part of Argus-SAF is published at CCS 2018. The Argus-SAF tool has been downloaded over 13,300 times as of Jan 2018 and become foundation of many research projects (cited over 250 times as of Aug 2018).
  • Android static analysis tool chain building: Based upon Amandroid work to design a comprehensive Android application analysis tool chain. Then, apply it into domains like: vulnerability finding, malware detection, etc. The current open source tools including: Argus-SAF (Amandroid is a submodule), Argus-CIT (code inspection IDE plugin for eclipse and intellij), jawa-compiler, jawa2java. For detailed information, please visit my project cite: PAG.
  • Android malware categorization and landscape study: By utilizing the tool chains I built during last couple years, I perform a large-scale landscape study to revealing the new threats and evolving trends of Android malware. This work presents a detailed picture of current malware behaviors and their evolving trend, which provides the Android malware research community a better ground truth dataset, a.k.a. Android Malware Dataset (AMD), for evaluating their approach. AMD have been shared with 145 research institute world-wide.

Publication

JN-SAF: Precise and Efficient NDK/JNI-aware Inter-language Static Analysis Framework for Security Vetting of Android Applications with Native Code.

Fengguo Wei, Xingwei Lin, Xinming Ou, Ting Chen, Xiaosong Zhang.
In the 25th ACM Conference on Computer and Communications Security. (CCS 2018)

Automated Forensic Analysis of Mobile Applications on Android Devices.

Xiaodong Lin, Ting Chen, Tong Zhu, Kun Yang, Fengguo Wei.
In the 18th USA Digital Forensics Research Workshop. (DFRWS 2018)

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps.

Fengguo Wei, Sankardas Roy, Xinming Ou, Robby.
ACM Transactions on Privacy and Security. (TOPS 2018)
A significantly enhanced version of our Amandroid CCS 2014.

Deep Ground Truth Analysis of Current Android Malware.

Fengguo Wei, Yuping Li, Sankardas Roy, Xinming Ou, and Wu Zhou.
In the 14th Conference on Detection of Intrusions and Malware & Vulnerability Assessment. (DIMVA 2017)

Amandroid: A Precise and General Inter-component Data Flow Analysis Framework for Security Vetting of Android Apps.

Fengguo Wei, Sankardas Roy, Xinming Ou, Robby.
In the 21st ACM Conference on Computer and Communications Security. (CCS 2014)

The documents contained in these pages are included to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Education

University of South Florida, Tampa, FL, USA

Ph.D. student in Computer Science, August 2015 – May 2018

Kansas State University, Manhattan, KS, USA

Ph.D. student in Computer Science, August 2012 - August 2015

People’s Public Security University, Beijing, China

B.S. in Computer Science, September 2008 - June 2012

Industry Experience

Google, Mountain View, CA

Software Engineer, July 2018 - Present
Manager: Monirul Sharif

Mobile malware detection.

JD.com American Technologies Corporation, Santa Clara, CA

Research & Development Intern, Sep 2017 - Nov 2017
Supervisor: Yueh-Hsun Lin, Manager: Jimmy Su

I am doing code review for JD’s web framework and applications to identify vulnerabilities. I am also doing hybrid code analysis research to provide automation solutions for java vulnerability finding.

SIG, Synopsys Inc, San Francisco, CA

Research & Development Intern, May 2017 - August 2017
Supervisor: Aaron Hurst, Manager: Timothy Alper

I am working in the Software Integrity Group (SIG) R&D team to design WEB/Android/IOS security checkers for Coverity static analysis tool.

B2B Lab, Samsung Research America, Mountain View, CA

Research & Development Intern, January 2015 - July 2015
Supervisor: Wu Zhou, Manager: Michael Grace

Our team is responsible of providing security solutions for Samsung’s internal products. My work includes:

  • Perform static analysis and manual analysis for Samsung KNOX Trust-zone applications, and Samsung Pay backend framework codes.
  • Designed an integrated android application reverse engineering and code analysis tool called Argus-CIT (Argus Code Inspect Tool), and implemented as a plugin for IntelliJ.

China Academy of Launch Vehicle Technology, Beijing, China

Research Intern, June 2011 – August 2011
Supervisor: Shuliang Ren

Central Control with MES System Integration Development.

  • Participated in the control system interface development of external system which including the enterprise service bus (ESB), Web service and XML.

Professional Affiliations

miscellaneous

  • I play a little Harmonica (Blues harp and Chromatic), Piano, and Guitar, non-professional, just for enjoyment.
  • I am currently 5th kyū in Aikido. Aikido (Japanese: 合気道) [aikiꜜdoː] is a modern Japanese martial art developed by Morihei Ueshiba as a synthesis of his martial studies, philosophy, and religious beliefs.
  • The cover image is Huang Guo Shu Waterfall (also known as Yellow Fruit Tree Waterfall) near my hometown. It is the world third largest waterfall located on the Baishui (white water) River in Anshun, Guizhou province, China.