2025

Understanding DevOps Security of Google Workspace Apps
Understanding DevOps Security of Google Workspace Apps

Liuhuo Wan, Chuan Yan, Zicong Liu, Haoyu Wang, Guangdong Bai

CCF-A CORE-A* ICSE '26: Proceedings of the IEEE/ACM 48th International Conference on Software Engineering 2026 2025

[Code] [Paper]

Understanding DevOps Security of Google Workspace Apps
Understanding DevOps Security of Google Workspace Apps

Liuhuo Wan, Chuan Yan, Zicong Liu, Haoyu Wang, Guangdong Bai

CCF-A CORE-A* ICSE '26: Proceedings of the IEEE/ACM 48th International Conference on Software Engineering 2026 2025

[Code] [Paper]

Tracking Third-Party Services in GPTs: Automation, Analysis, and Insights
Tracking Third-Party Services in GPTs: Automation, Analysis, and Insights

Chuan Yan, Liuhuo Wan, Bowei Guan, Fengqi Yu, Guangdong Bai, Jin Song Dong

The 1st International Workshop on LLM App Store Analysis 2025

[Code] [Paper]

Tracking Third-Party Services in GPTs: Automation, Analysis, and Insights
Tracking Third-Party Services in GPTs: Automation, Analysis, and Insights

Chuan Yan, Liuhuo Wan, Bowei Guan, Fengqi Yu, Guangdong Bai, Jin Song Dong

The 1st International Workshop on LLM App Store Analysis 2025

[Code] [Paper]

Understanding and Detecting File Knowledge Leakage in GPT App Ecosystem
Understanding and Detecting File Knowledge Leakage in GPT App Ecosystem

Chuan Yan, Bowei Guan, Yazhi Li, Mark Huasong Meng, Liuhuo Wan, Guangdong Bai

CCF-A CORE-A* WWW'25:The ACM Web Conference 2025

[Code] [Paper]

Understanding and Detecting File Knowledge Leakage in GPT App Ecosystem
Understanding and Detecting File Knowledge Leakage in GPT App Ecosystem

Chuan Yan, Bowei Guan, Yazhi Li, Mark Huasong Meng, Liuhuo Wan, Guangdong Bai

CCF-A CORE-A* WWW'25:The ACM Web Conference 2025

[Code] [Paper]

WinSpy: Cross-window Side-channel Attacks on Android’s Multi-window Mode
WinSpy: Cross-window Side-channel Attacks on Android’s Multi-window Mode

Zeng Li, Chuan Yan, Liuhuo Wan, Hui Zhuang, Pengfei Hu, Guangdong Bai, Yiran Shen

CCF-A CORE-A* MobiCom'25:The 31st Annual International Conference on Mobile Computing and Networking 2025

[Code] [Paper]

WinSpy: Cross-window Side-channel Attacks on Android’s Multi-window Mode
WinSpy: Cross-window Side-channel Attacks on Android’s Multi-window Mode

Zeng Li, Chuan Yan, Liuhuo Wan, Hui Zhuang, Pengfei Hu, Guangdong Bai, Yiran Shen

CCF-A CORE-A* MobiCom'25:The 31st Annual International Conference on Mobile Computing and Networking 2025

[Code] [Paper]

2024

Exploring ChatGPT App Ecosystem: Distribution, Deployment and Security
Exploring ChatGPT App Ecosystem: Distribution, Deployment and Security

Chuan Yan, Ruomai Ren, Mark Huasong Meng, Liuhuo Wan, Tian Yang Ooi, Guangdong Bai

CCF-A CORE-A* Distinguished Paper 🏆 ASE'24: The 39th IEEE/ACM International Conference on Automated Software Engineering 2024

[Code] [Paper]

Exploring ChatGPT App Ecosystem: Distribution, Deployment and Security
Exploring ChatGPT App Ecosystem: Distribution, Deployment and Security

Chuan Yan, Ruomai Ren, Mark Huasong Meng, Liuhuo Wan, Tian Yang Ooi, Guangdong Bai

CCF-A CORE-A* Distinguished Paper 🏆 ASE'24: The 39th IEEE/ACM International Conference on Automated Software Engineering 2024

[Code] [Paper]

Investigating Documented Privacy Changes in Android OS
Investigating Documented Privacy Changes in Android OS

Chuan Yan, Mark Huasong Meng, Fuman Xie, Guangdong Bai

CCF-A CORE-A* FSE'24: Proceedings of the ACM on Software Engineering, Volume 1, Issue FSE 2024

[Code] [Paper]

Investigating Documented Privacy Changes in Android OS
Investigating Documented Privacy Changes in Android OS

Chuan Yan, Mark Huasong Meng, Fuman Xie, Guangdong Bai

CCF-A CORE-A* FSE'24: Proceedings of the ACM on Software Engineering, Volume 1, Issue FSE 2024

[Code] [Paper]

Are Your Requests Your True Needs? Checking Excessive Data Collection in VPA App
Are Your Requests Your True Needs? Checking Excessive Data Collection in VPA App

Fuman Xie, Chuan Yan, Mark Huasong Meng, Shaoming Teng, Yanjun Zhang, Guangdong Bai

CCF-A CORE-A* ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering 2024

[Code] [Paper]

Are Your Requests Your True Needs? Checking Excessive Data Collection in VPA App
Are Your Requests Your True Needs? Checking Excessive Data Collection in VPA App

Fuman Xie, Chuan Yan, Mark Huasong Meng, Shaoming Teng, Yanjun Zhang, Guangdong Bai

CCF-A CORE-A* ICSE '24: Proceedings of the IEEE/ACM 46th International Conference on Software Engineering 2024

[Code] [Paper]

Analyzing Excessive Permission Requests in Google Workspace Add-ons
Analyzing Excessive Permission Requests in Google Workspace Add-ons

Liuhuo Wan, Chuan Yan, Mark Huasong Meng, Kailong Wang, Haoyu Wang

CCF-C CORE-B ICECCS '24: 28th International Conference on Engineering of Complex Computer Systems 2024

[Paper]

Analyzing Excessive Permission Requests in Google Workspace Add-ons
Analyzing Excessive Permission Requests in Google Workspace Add-ons

Liuhuo Wan, Chuan Yan, Mark Huasong Meng, Kailong Wang, Haoyu Wang

CCF-C CORE-B ICECCS '24: 28th International Conference on Engineering of Complex Computer Systems 2024

[Paper]

2023

On the quality of privacy policy documents of virtual personal assistant applications
On the quality of privacy policy documents of virtual personal assistant applications

Chuan Yan, Fuman Xie, Mark Huasong Meng, Yanjun Zhang, Guangdong Bai

CCF-C CORE-A PETS'24:The 24th Privacy Enhancing Technologies Symposium 2024

[Code] [Paper]

On the quality of privacy policy documents of virtual personal assistant applications
On the quality of privacy policy documents of virtual personal assistant applications

Chuan Yan, Fuman Xie, Mark Huasong Meng, Yanjun Zhang, Guangdong Bai

CCF-C CORE-A PETS'24:The 24th Privacy Enhancing Technologies Symposium 2024

[Code] [Paper]

2022

Scrutinizing privacy policy compliance of virtual personal assistant apps
Scrutinizing privacy policy compliance of virtual personal assistant apps

Fuman Xie, Yanjun Zhang, Chuan Yan, Suwan Li, Lei Bu, Kai Chen, Zi Huang, Guangdong Bai

CCF-A CORE-A* Proceedings of the 37th IEEE/ACM international conference on automated software engineering 2022

[Code] [Paper]

Scrutinizing privacy policy compliance of virtual personal assistant apps
Scrutinizing privacy policy compliance of virtual personal assistant apps

Fuman Xie, Yanjun Zhang, Chuan Yan, Suwan Li, Lei Bu, Kai Chen, Zi Huang, Guangdong Bai

CCF-A CORE-A* Proceedings of the 37th IEEE/ACM international conference on automated software engineering 2022

[Code] [Paper]