My Portfolio

About Me

As a passionate open source contributor and security researcher, I dedicate to construct software analysis toolkits for the discovery of malicious artifacts. Moreover, I join several open source projects for programming language optimization, enhancing industrial engineering practice.

Experience

Appier

System Engineer

Orchestrated the real-time bidding system comprised of globally-distributed inventory servers.

Mozilla

Compiler Developer

Optimized the Just-in-Time compilation of Mozilla's SpiderMonkey JavaScript engine.

TrendMicro

Software Engineer and Threat Researcher

Contributed precise detection schemes for obfuscated ransomware and script-based malware.

Education

Carnegie Mellon University

August 2019 - Present

Master of Science in Software Engineering Engineering

Course Work: Software Verification and Testing, Foundation of Software Engineering

National Chiao Tung University

July 2011 - July 2013

Master of Science in Network Engineering

Thesis: Modeling Security Relevant Semantics for Android Malware Detection

National Chiao Tung University

September 2007 - June 2011

Bachelor of Science in Computer Science

Independent Study: Scalable Security Cloud Computing for Malware Analysis Platform

Projects

ProbeDroid

A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.

View Project

YADD

A static Android app disassembler for fast class and method signature extraction and code structure visualization.

View Project

MeltingPot

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

View Project

LibCDS

A fast and memory efficient C library to manipulate sequential containers, associative structures, and advanced string processing, such as tree map, hash map, and trie.

View Project

Conferences

Toward Dynamic Analysis of Obfuscated Android Malware

HITCON Training, Taiwan, 2016

View Slide

Crafting Your Own Dynamic Instrumentation Tool on Android for App Behavior Exploration

COSCUP, Taiwan, 2016

View Slide

A Begineer's Journey to Mozilla SpiderMonkey JavaScript Engine

COSCUP, Taiwan, 2015

View Slide

Skills

C++ 14/17
C
Python
Java
SQL
x86/64 assembly
GDB
Cassandra
PostgreSQL
Ansible
Prometheus
Kafka
Grafana
Docker
IDA Pro
OllyDbg
Hiew
Wireshark
Cuckoo Sandbox
Apktool
JEB
Xposed
Sysinternals

Zong-Xian Shen

System Engineer

About Me

Experience

Appier

System Engineer

Mozilla

Compiler Developer

TrendMicro

Software Engineer and Threat Researcher

Education

Carnegie Mellon University

Master of Science in Software Engineering Engineering

National Chiao Tung University

Master of Science in Network Engineering

National Chiao Tung University

Bachelor of Science in Computer Science

Projects

ProbeDroid

YADD

MeltingPot

LibCDS

Conferences

Toward Dynamic Analysis of Obfuscated Android Malware

Crafting Your Own Dynamic Instrumentation Tool on Android for App Behavior Exploration

A Begineer's Journey to Mozilla SpiderMonkey JavaScript Engine

Skills

Get in Touch