ABOUT ME

I am a senior lecturer of the UNSW Institute for Cyber Security (IFCYBER) in the School of Engineering and Information System (SEIT) at the University of New South Wales (UNSW). Currently, I am also the postgraduate program coordinator of Cyber Security Operations in UNSW. Before joining UNSW, I was a lectuer in the School of Information Technology and Electrical Engineering (ITEE) at the University of Queensland (UQ). I received my Ph.D. degree in the School of Information System (SIS) from Singapore Management University (SMU) in 2018 and became a postdoctoral research fellow in Data61, CSIRO. I visited Carnegie Mellon University (CMU) in 2015.

OUR TEAM

I work closely with Dr. Juanru Li from Shanghai Jiao Tong University. Moreover, I collaborate with the excellent researchers from different universities and research centres.

Prof. Elisa Bertino Purdue University

Juanru Li Shanghai Jiao Tong University

Robert H. Deng Singapore Management University

David Lo Singapore Management University

Surya Nepal CSIRO Data61

Research Interest


Automated vulnerability detection and Repair
Mobile security: Mobile apps analysis.
IoT security: IoT firmware analysis.
Network security: Authentication & network protocol analysis

Selected Publications

TIFS-24 A Credential Usage Study: Flow-Aware Leakage Detection in Open-Source Projects.
Ruidong Han, Huihui Gong, Siqi Ma, Juanru Li, Chang Xu, Elisa Bertino, Surya Nepal, Zhuo Ma, Jianfeng Ma
IEEE Transactions on Information Forensics and Security, 2024.

TIFS-24 A Causality-Aligned Structure Rationalization Scheme Against Adversarial Biased Perturbations for Graph Neural Networks.
Ju Jia, Siqi Ma, Yang Liu, Lina Wang, Robert H. Deng
IEEE Transactions on Information Forensics and Security, 2024.

USENIX SEC-23 Medusa Attack: Exploring Security Hazards of In-App QR Code Scanning.
Xing Han, Yuheng Zhang, Xue Zhang, Zeyuan Chen, Mingzhe Wang, Yiwei Zhang, Siqi Ma, Yu Yu, Elisa Bertino, Juanru Li
In the proceedings of the 32nd USENIX SECURITY SYMPOSIUM, 2023.

USENIX SEC-23 Pass2Edit: A Multi-Step Generative Model for Guessing Edit Passwords.
Ding Wang, Yunkai Zou, Yuan-An Xiao, Siqi Ma, Xiaofeng Chen.
In the proceedings of the 32nd USENIX SECURITY SYMPOSIUM, 2023.

USENIX SEC-23 LibScan: Towards More Precise Third-Party Library Identification for Android Applications..
Yafei Wu, Cong Sun, Dongrui Zeng, Gang Tan, Siqi Ma, Peicheng Wang.
In the proceedings of the 32nd USENIX SECURITY SYMPOSIUM, 2023.

ASIACCS-23 RaceBench: A Triggerable and Observable Concurrency Bug Benchmark.
Jiashuo Liang, Ming Yuan, Zhanzhao Ding, Siqi Ma, Xinhui Han, Chao Zhang
In the Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023.

CVPR-23 Private Image Generation with Dual-Purpose Auxiliary Classifier.
Chen Chen, Daochang Liu, Siqi Ma, Surya Nepal, Chang Xu.
In the proceedings of the 32nd IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2023.

TDSC-23 μDep: Mutation-Based Dependency Generation for Precise Taint Analysis on Android Native Code.
Cong Sun, Yuwan Ma, Dongrui Zeng, Gang Tan, Siqi Ma, Yafei Wu
IEEE Transactions on Dependable and Secure Computing, 2023.

TKDE-23 PEAK: Privacy-Enhanced Incentive Mechanism for Distributed K-Anonymity in LBS.
Man Zhang, Xinghua Li, Yinbin Miao, Bin Luo, Yanbing Ren, Siqi Ma
IEEE Transactions on Knowledge and Data Engineering , 2023.

TKDE-23 Consensus-Clustering-Based Automatic Distribution Matching for Cross-Domain Image Steganalysis.
Ju Jia, Meng Luo, Siqi Ma, Lina Wang, Yang Liu
IEEE Transactions on Knowledge and Data Engineering , 2023.

TMC-23 DistPreserv: Maintaining User Distribution for Privacy-Preserving Location-Based Services.
Yanbing Ren, Xinghua Li, Yinbin Miao, Robert H. Deng, Jian Weng,Siqi Ma, Jianfeng Ma
IEEE Transactions on Mobile Computing, 2023.

TPDS-23 Enabling Efficient Random Access to Hierarchically Compressed Text Data on Diverse GPU Platforms.
Yihua Hu, Feng Zhang, Yifei Xia, Zhiming Yao, Letian Zeng, Haipeng Ding, Zhewei Wei, Xiao Zhang, Jidong Zhai, Xiaoyong Du, Siqi Ma
IEEE Transactions on Parallel and Distributed Systems, 2023.

TSC-23 VRFMS: Verifiable Ranked Fuzzy Multi-Keyword Search Over Encrypted Data.
Xinghua Li, Lizhong Bai, Yinbin Miao, Siqi Ma, Jianfeng Ma, Ximeng Liu, Kim-Kwang Raymond Choo
IEEE Transactions on Services Computing, 2023.

TDSC-23 EvilScreen Attack: Smart TV Hijacking via Multi-channel Remote Control Mimicry.
Yiwei Zhang, Siqi Ma, Tiancheng Chen, Juanru Li, Robert H. Deng, Elisa Bertino
IEEE Transactions on Dependable and Secure Computing, 2023.

S&P-22 Goshawk: Hunting Memory Corruptions via Structure-Aware and Object-Centric Memory Operation Synopsis.
Yunlong Lyu, Yi Fang, Yiwei Zhang, Qibin Sun, Siqi Ma, Elisa Bertino, Kangjie Lu, Juanru Li.
In the proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022.

S&P-22 Annotating, Tracking, and Protecting Cryptographic Secrets with CryptoMPK
Xuancheng Jin, Xuangan Xiao, Songlin Jia, Wang Gao, Dawu Gu, Hang Zhang, Siqi Ma, Zhiyun Qian, Juanru Li
In the proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022.

DSN-22 KINGFISHER: Unveiling Insecurely Used Credentials in IoT-to-Mobile Communication.
Yiwei Zhang, Siqi Ma, Elisa Bertino, Juanru Li
In the proceedings of the 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2022.

ISSTA-22 PrIntFuzz: Fuzzing Linux Drivers via Automated Virtual Device Simulation.
Zheyu Ma, Bodong Zhao, Letu Ren, Zheming Li, Siqi Ma, Xiapu Luo, Chao Yang
In the proceedings of the ACM SIGSOFT International Symposium on Software Testing Analysis, 2022.

CVPR-22 DeepFake Disrupter: The Detector of DeepFake Is My Friend.
Xueyu Wang, Jiajun Huang, Siqi Ma, Surya Nepal, Chang Xu.
In the proceedings of the 31st Computer Vision and Pattern Recognition, 2022.

ICSE-22 Control Parameters Considered Harmful: Detecting Range Specification Bugs in Drone Configuration Modules via Learning-Guided Search.
Ruidong Han, Chao Yang, Siqi Ma, Jianfeng Ma, Cong Sun, Juanru Li, Elisa Bertino.
In the proceedings of the 44th International Conference of Software Engineering, 2022

TKDE-22 Consensus Clustering-Based Automatic Distribution Matching for Cross-Domain Image Steganalysis.
Ju Jia, Meng Luo, Siqi Ma, Lina Wang, Yang Liu.
IEEE Transactions on Knowledge and Data Engineering, 2022.

TDSC-22 μDep: Mutation-based Dependency Generation for Precise Taint Analysis on Android Native Code.
Cong Sun, Yuwan Ma, Dongrui Zeng, Gang Tan, Siqi Ma, Yafei Wu.
IEEE Transactions on Dependable and Secure Computing, 2022.

TIFS-22 Privacy-Preserving Object Detection for Medical Images With Faster R-NN.
Yang Liu, Zhuo Ma, Ximeng Liu, Siqi Ma, Kui Ren.
IEEE Transactions on Information Forensics Security, 2022.

IEEE IoT-21 Smart Applications in Edge Computing: Overview on Authentication and Data Security.
Xinghua Li, Ting Chen, Qingfeng Cheng, Siqi Ma, Jianfeng Ma.
In the IEEE Internet of Things Journal, 2021.

ICSE-21 Fine with ``1234''? An Analysis of SMS One-Time Password Randomness in Android Apps
Siqi Ma, Juanru Li, Hyoungshick Kim, Elisa Bertino, Surya Nepal, Diet Ostry, Cong Sun.
In the proceedings of the 43rd Internetional Conference on Software Engineering, 2021.

ACSAC-21 ReCFA: Resilient Control-Flow Attestation.
Yumei Zhang, Xinzhi Liu, Cong Sun, Dongrui Zeng, Gang Tan, Xiao Kan, Siqi Ma.
In the proceedings of the 37th Annual Computer Security Applications Conference, 2021.

TDSC-20 Orchestration or Automation: Authentication Flaw Detection in Android Apps
Siqi Ma, Juanru Li, Surya Nepal, Diethelm Ostry, David Lo, Sanjay Jha, Robert H. Deng, Elisa Bertino.
IEEE Transactions on Dependable and Secure Computing, 2020.

ACSAC-20 Certified Copy? Understanding Security Risks of Wi-Fi Hotspot based Android Data Clone Services
Siqi Ma, Hehao Li, Wenbo Yang, Juanru Li, Surya Nepal, Elisa Bertino.
In the proceedings of the 37th Annual Computer Security Applications Conference, 2020.

ICDCS-20 Boosting Privately: Federated Extreme Gradient Boosting for Mobile Crowdsensing
Yang Liu, Zhuo Ma, Ximeng Liu, Siqi Ma, Surya Nepal, Robert H. Deng, Kui Ren.
In the proceedings of the 40th IEEE Internaional Conference on Distributed Computing Systems, 2020.

IEEE TII-20 Emlr-Auth: Eye Movement and Iris-Based Portable Remote Authentication for Smart Grid
Zhuo Ma, Yilong Yang, Ximeng Liu, Yang Liu, Siqi Ma, Kui Ren, Chang Yao.
IEEE Transactions on Industrial Informatics, 2020.

IEEE Wireless Communication-20 Are Android Apps Being Protected Well Against Attacks
Siqi Ma, Yang Liu, Surya Nepal,
In the magazine of IEEE wireless Communication, 2020.

IWQoS-20 PE-HEALTH: Enabling Fully Encrypted CNN for Health Monitor with Optimized Communication
Yang Liu, Yilong Yang, Zhuo Ma, Ximeng Liu, Zhuzhu Wang, Siqi Ma
In the proceedings of the 29th IEEE/ACM International Symposium on Quality of Service, 2020.

IFIP SEC-20 IMShell-Dec: Pay More Attention to External Links in PowerShell
Ruidong Han, Chao Yang, Jianfeng Ma, Siqi Ma, Yunbo Wang, Feng Li
In the proceedings of the 35th International Conference on ICT Systems Security and Privacy Protection, 2020.

SANER-20 SmartShield: Automatic Smart Contract Protection Made Easy
Yuyao Zhang, Siqi Ma, Juanru Li, Kailai Li, Surya Nepal, Dawu Gu.
In the proceedings of the 27th IEEE International Conference on Software Analysis, Evolution and Reengineering, 2020.

SANER-20 EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts
Qingzhao Zhang, Yizhuo Wang, Juanru Li, Siqi Ma.
In the proceedings of the 27th IEEE International Conference on Software Analysis, Evolution and Reengineering, 2020.

ICICS-19 Accelerating SM2 Digital Signature Algorithm using Modern Processor Features
Long Mai, Yuan Yan, Songlin Jia, Shuran Wang, Jianqiang Wang, Juanru Li, Siqi Ma, Dawu Gu.
In the proceedings of the 21st International Conference on Information and Communications Security, 2019.

ACSAC-19 An Empirical Study of the SMS One-Time Password Authentication in Android Apps
Siqi Ma, Runhan Feng, Juanru Li, Surya Nepal, Diethelm Ostry, Yang Liu, Elisa Bertino, Robert Deng, Sanjay Jha, Zhou Ma.
In the proceedings of the 2019 Annual Computer Security Applications Conference.

ESORICS-19 Finding Flaws from Password Authentication Code in Android Apps
Siqi Ma, Elisa Bertino, Robert Deng, Juanru Li, Diet Ostry, Surya Nepal, Sanjay Jha.
In the proceedings of the 24th European Symposium on Research in Computer Security, 2019.

RAID-19 NLP-EYE: Detecting Memory Corruptions via Semantic-Aware Memory Operation Function Identification
Jianqiang Wang, Siqi Ma, Yuanyuan Zhang, Zheyu Ma, Long Mai, Tiancheng Chen, Juanru Li, Dawu Gu.
In the proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses, 2019.

ESORICS-17 VuRLE: Automatic Vulnerability Detection and Repair by Learning from Examples
Siqi Ma, Ferdian Thung, David Lo, Cong Sun, Robert H. Deng.
In the proceedings of the 22nd European Symposium on Research in Computer Security, 2017.

AsiaCCS-16 CDRep: Automatic Repair of Cryptographic Misuses in Android Applications
Siqi Ma, David Lo, Teng Li, Robert H. Deng.
In the proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, 2016.

COMPSAC-15 Active Semi-supervised Approach for Checking App Behavior against Its Description
Siqi Ma, Shaowei Wang, David Lo, Robert Huijie Deng, Cong Sun.
In the proceedings of the 39th IEEE Annual Computer Software and Applications Conference, 2015

TIFS Attribute-Based Encryption With Efficient Verifiable Outsourced Decryption
Baodong Qin, Robert H. Deng, Shengli Liu, Siqi Ma.
IEEE Trans. Information Forensics and Security 10(7): 1384-1393 (2015).

PhD Thesis Automatic Vulnerability Detection and Repair
Siqi Ma, 2018.

Project Fundings

CSCRC 2022 Third-Party Library Exploitation in Software.
Helen Paik, Siqi Ma, Arash Shaghagi, Sanjay Jha.

Next Generation Graduates Programs 2022 Building National Cybersecurity Capabilities for Digital Transformation in Manufacturing.
UNSW Leading Siqi Ma

UNSW Startup Program 2022 A Study in Scarlet: Flow-aware Credential Misuse Detection in Open-source Projects.
Siqi Ma

ARC Discovery Project 2020 DeepHoney: Automatic Honey Data Generation for Active Cyber Defence.
Chang Xu, Surya Nepal, Siqi Ma.