Projects

  • Semantic-aware Concolic Execution and Its Applications on Hybrid Vulnerability Detection
    (语义感知符号执行技术及混合式漏洞检测方法研究)
    National Natural Science Foundation of China (No.62172305)
    PI(Principal Investigator) 2022.01 - 2025.12
  • Representation, Integration and Assiciation Analysis on system-behavior-related Big Data for APT Detection and Traceability
    (面向APT攻击检测及诊断的行为大数据表达、融合及关联分析方法研究)
    National Natural Science Foundation of China (No.61672394)
    PI(Principal Investigator) 2017.01 - 2020.12
  • Reverse Engineering of Program Data Structures for Vulnerability Localization and Diagnosis
    (基于协同式数据结构逆向推理的漏洞定位及诊断方法研究)
    National Natural Science Foundation of China (No.61303213)
    PI(Principal Investigator) 2014.01 - 2016.12
  • Detection of Malicious Behaviors in the Cloud Platform
    (云计算环境中恶意行为检测技术研究与示范应用)
    National High Tech Research and Development Program of China(863 Projects)
    Co-PI 2016.01 - 2018.12
  • Attack Mitigation in the Cloud Platform via Randomization
    (云计算环境下采用随机化的攻击抑制机制研究)
    National Natural Science Foundation of China (No.61373168)
    Co-PI 2014.01 - 2017.12
  • Security Testing on Firmware and Hardware Interfaces
    (底层软件安全测试)
    Huawei Research Grants
    Co-PI 2021.01 - 2022.12
  • Clone Vulnerability Detection via Static Analysis
    (二进制程序安全分析)
    Huawei Research Grants
    PI 2020.05 - 2021.05
  • Fuzzing Test Cases Generation via GAN
    (基于对抗学习的测试用例生成技术)
    Huawei Research Grants
    PI 2018.01- 2018.12
  • Program for the Outstanding Youth Innovative Talents of Wuhan University
    (武汉大学拔尖人才培育项目)
    PI 2021.01- 2022.12

Tools

DigFuzz

  • DigFuzz is the prototype of our hybrid fuzzing tool. Please read our NDSS'19 paper for technical details.
  • The source code is available at this GitHub repository[more info].

MemRay

  • MemRay is part of the prototype of our study on reverse engineering of program data structures. This technique can be leveraged for memory corruption dignosis, patch analysis, etc. Please read our TDSC'22 paper for technical details.
  • MemRay is built on top of DECAF, a dynamic taint analysis platform. Part of the source code is available at this GitHub repository[more info].