Dr. Lakmal Rupasinghe
Research Chair/ Senior Lecturer(HG)/ Consultant

Department of Computer Systems Engineering
Sri Lanka Institute of Information Technolgy (SLIIT)

Email: lakmal.r [at] sliit.lk

Gmail: lakmalr DBLP | Google Scholar

I am a Researcher/ Consultent from Sri Lanka attached to Sri Lanka Institute of Information Technology I have had 20 years of experince altogether as researcher, consultant and trainer. For the last few years I have been working in the capacity of "Faculty Research Chair" attached to Faculty of Computing . My tenure started at SLIIT since January 2003. I received my PhD degree in 2019 from Curtin University of Technology(Curtin) in the School of Electrical Engineering, Computing and Mathematical Sciences. My PhD study was targeted towards building a secure mobile adhoc network providing an intelligence layer within the network. Before pursuing my PhD in Austrailia, I received my MBA at Post Graduate Instute in Management in 2008.

I am also an expert in developing practical Android static analysis, for which I am leading a long-term project on using search-based static analysis for Android security. I have been involbe in understading how machine learing and cyber seucirty gets its places together.

I am leading the Informaiton Security Reseaerch Group, which is affiliated with Faculty of Graduate Studies which Oversea Mphil/PhD Students in SLIIT.

Research Areas

Publications

Conference Papers

C12

Towards Understanding Android System Vulnerabilities: Techniques and Insights AsiaCCS '19

Daoyuan Wu, Debin Gao, Eric K. T. Cheng, Yichen Cao, Jintao Jiang, and Robert H. Deng
In Proc. ACM Asia Conference on Computer and Communications Security (AsiaCCS), Auckland, New Zealand, 2019. (AR = 58/258 = 22%)

C11

An Empirical Study of Mobile Network Behavior and Application Performance in the Wild IWQoS '19

Shiwei Zhang, Weichao Li, Daoyuan Wu, Bo Jin, Rocky K. C. Chang, Debin Gao, Yi Wang, and Ricky K. P. Mok
In Proc. IEEE/ACM International Symposium on Quality of Service (IWQoS), Phoenix, USA, 2019. (AR = 42/153 = 27.4%)

C10

Understanding Open Ports in Android Applications: Discovery, Diagnosis, and Security Assessment NDSS '19

Daoyuan Wu, Debin Gao, Rocky K. C. Chang, En He, Eric K. T. Cheng, and Robert H. Deng
In Proc. ISOC Network and Distributed System Security Symposium (NDSS), San Diego, USA, 2019. (AR = 89/521 = 17%)

C9

Towards Dynamically Monitoring Android Applications on Non-rooted Devices in the Wild WiSec '18

Xiaoxiao Tang, Yan Lin, Daoyuan Wu, and Debin Gao
In Proc. ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Stockholm, Sweden, 2018. (AR = 28/78 = 35.9%)

C8

SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications CODASPY '18

Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li, and Robert H. Deng
In Proc. ACM Conference on Data and Applications Security and Privacy (CODASPY), Tempe, Arizona, USA, 2018. (8-page short paper)

C7

MopEye: Opportunistic Monitoring of Per-app Mobile Network Performance USENIX ATC '17

Daoyuan Wu, Rocky K. C. Chang, Weichao Li, Eric K. T. Cheng, and Debin Gao
One of the 21 highly-ranked papers of ATC'17. It has enabled our IWQoS'19 and WiSec'18 papers, as well as an INFOCOM'19 paper from SJTU.
In Proc. USENIX Annual Technical Conference (ATC), Santa Clara, USA, 2017. (An earlier poster version was published on December 1, 2015)

C6

Measuring the Declared SDK Versions and Their Consistency with API Calls in Android Apps WASA '17

Daoyuan Wu, Ximing Liu*, Jiayun Xu*, David Lo, and Debin Gao
*: co-second author, in the alphabetical order. It was originally a course project paper done by the first three authors in April 2016.
In Proc. Springer International Conference on Wireless Algorithms, Systems, and Applications (WASA), Guilin, China. (AR = 71/238 = 29.8%)

C5

Demystifying and Puncturing the Inflated Delay in Smartphone-based WiFi Network Measurement CoNEXT '16

Weichao Li, Daoyuan Wu, Rocky K. C. Chang, and Ricky K. P. Mok
In Proc. ACM Conference on emerging Networking EXperiments and Technologies (CoNEXT), Irvine, California, USA. (AR = 36/196 = 18.4%)

C4

Stack Layout Randomization with Minimal Rewriting of Android Binaries ICISC '15

Yu Liang, Xinjie Ma, Daoyuan Wu, Xiaoxiao Tang, Debin Gao, Guojun Peng, Chunfu Jia, and Huanguo Zhang
In Proc. Springer International Conference on Information Security and Cryptology (ICISC), Seoul, Korea. (AR = 23/84 = 27.4%)

C3

On the Accuracy of Smartphone-based Mobile Network Measurement INFOCOM '15

Weichao Li, Ricky K. P. Mok, Daoyuan Wu, and Rocky K. C. Chang
In Proc. IEEE Conference on Computer Communications (INFOCOM), Hong Kong SAR, China. (AR = 316/1,640 = 19.3%)

C2

Indirect File Leaks in Mobile Applications MoST '15

Daoyuan Wu and Rocky K. C. Chang
In Proc. IEEE Mobile Security Technologies (MoST), in conjunction with S&P 2015, San Jose, USA. (AR = 10/33 = 30.3%)

C1

Analyzing Android Browser Apps for file:// Vulnerabilities ISC '14

Daoyuan Wu and Rocky K. C. Chang
Together with the MoST'15 work, we made a pioneer contribution to the Android and iOS WebView security.
In Proc. Springer Information Security Conference (ISC), Hong Kong SAR, China. (Full paper AR = 20/106 = 18.9%)

Journal Articles

J1

Comparative Analysis of Deep Learning Models for Multi-Step Prediction of Financial Time Series JCSSP '20

Saugat Aryal, Lakmal Rupasinghe, Dharshana Kasthurirathna, and Chandimal Jayawardhana
Journal of Computer Science, Volume: 16, Issue: 10, 2020. 1401-1416.

Technical Reports

R4

Scalable Online Vetting of Android Apps for Measuring Declared SDK Versions and Their Consistency with API Calls arXiv '19

Daoyuan Wu, Debin Gao, and David Lo
This article (currently under the second-round review of a journal) extends our preliminary conference version at WASA'17.

R3

Understanding Android VoIP Security: A System-level Vulnerability Assessment TR'19

En He, Daoyuan Wu*, and Robert H. Deng
(*: corresponding author) This technical report from CUHK has been online since 26 August 2019.

R2

MopEye: Monitoring Per-app Network Performance with Zero Measurement Traffic CoNEXT '15 Poster

Dr Lakmal Rupasinghe, Weichao Li, Rocky K. C. Chang, and Debin Gao
In Proc. ACM CoNEXT Student Workshop, in conjunction with CoNEXT 2015, Heidelberg, Germany.

R1

A Sink-driven Approach to Detecting Exposed Component Vulnerabilities in Android Apps arXiv '14

Daoyuan Wu, Xiapu Luo, and Rocky K. C. Chang
An old technical report in 2014. I don't have time to revise it anymore.

Invited Talks

T4

Boosting Android Security through App-, Network-, and System-level Vulnerability Analysis CUHK Seminar '19

In Department of Information Engineering, The Chinese University of Hong Kong, Hong Kong SAR, China, March 2019.

T3

On-device Crowdsourcing and Bytecode Search for Advancing Android App Analysis HKBU Seminar '19

In Department of Computer Science, Hong Kong Baptist University, Hong Kong SAR, China, January 2019.

T2

Cross-Platform Analysis of Indirect File Leaks in Android and iOS Applications HitCon Pacific '17

In Hacks in Taiwan Conference, Taipei, Taiwan, China, December 2017.

T1

On the Feasibility of Automatically Generating Android Component Hijacking Exploits HitCon '14

In Hacks in Taiwan Conference, Taipei, Taiwan, China, August 2014.

Teaching

Students

  • PhD Students: Xiao Yi (at CUHK from 2019 to present).

  • MSc Students at CUHK (19-20): CHEN Mengjie, FANG Ming, LI Lixiang, and XIONG Weiyan.

  • Master Students: Lingzhi Qiu (at NUPT in 2014 for ICC'15) and Huiya Zhu (at PKUSZ in 2011/12 for ICCET'12).

  • Undergraduate Students: Shiwei Zhang (at SUSTech in 2018 for IWQoS'19) and Zixiong Zhang (at NUPT in 2014 for ICC'15).

Collabrators

Useful Links