Select Publications
Journal articles
2024, 'A Survey of Protocol Fuzzing', ACM Computing Surveys, 57, http://dx.doi.org/10.1145/3696788
,2024, 'Drowzee: Metamorphic Testing for Fact-Conflicting Hallucination Detection in Large Language Models', Proceedings of the ACM on Programming Languages, 8, http://dx.doi.org/10.1145/3689776
,2022, 'Deep Learning for Coverage-Guided Fuzzing: How Far are We?', IEEE Transactions on Dependable and Secure Computing, http://dx.doi.org/10.1109/TDSC.2022.3200525
,Conference Papers
2024, 'Demystifying RCE Vulnerabilities in LLM-Integrated Apps', in Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, ACM, pp. 1716 - 1730, presented at CCS '24: ACM SIGSAC Conference on Computer and Communications Security, http://dx.doi.org/10.1145/3658644.3690338
,2024, 'Rust-twins: Automatic Rust Compiler Testing through Program Mutation and Dual Macros Generation', in Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering, ACM, pp. 631 - 642, presented at ASE '24: 39th IEEE/ACM International Conference on Automated Software Engineering, http://dx.doi.org/10.1145/3691620.3695059
,2024, 'Bugs in Pods: Understanding Bugs in Container Runtime Systems', in ISSTA 2024 - Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 1364 - 1376, http://dx.doi.org/10.1145/3650212.3680366
,2024, 'How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation', in ISSTA 2024 - Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 1223 - 1235, http://dx.doi.org/10.1145/3650212.3680355
,2024, 'A Comprehensive Study of Jailbreak Attack versus Defense for Large Language Models', in Findings of the Association for Computational Linguistics ACL 2024, Bangkok, Thailand, pp. 7432 - 7449, presented at 62nd Annual Meeting of the Association for Computational Linguistics (ACL 2024), Bangkok, Thailand, 11 August 2024, http://dx.doi.org/10.48550/arXiv.2402.13457
,2024, 'A Hitchhiker’s Guide to Jailbreaking ChatGPT via Prompt Engineering', in SEA4DQ 2024 - Proceedings of the 4th International Workshop on Software Engineering and AI for Data Quality in Cyber-Physical Systems/Internet of Things, Co-located with: ESEC/FSE 2024, pp. 12 - 21, http://dx.doi.org/10.1145/3663530.3665021
,2024, 'Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations', in WWW 2024 - Proceedings of the ACM Web Conference, pp. 1668 - 1679, http://dx.doi.org/10.1145/3589334.3645476
,2024, 'MeTMaP: Metamorphic Testing for Detecting False Vector Matching Problems in LLM Augmented Generation', in Proceedings - 2024 IEEE/ACM 1st International Conference on AI Foundation Models and Software Engineering, FORGE 2024, pp. 12 - 23, http://dx.doi.org/10.1145/3650105.3652297
,2024, 'Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems', in Proceedings of the 33rd USENIX Security Symposium, pp. 7067 - 7084
,2024, 'PENTESTGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing', in Proceedings of the 33rd USENIX Security Symposium, pp. 847 - 864
,2023, 'Monitoring Automotive Software Security Health through Trustworthiness Score', in Proceedings: CSCS 2023 - 7th ACM Computer Science in Cars Symposium, http://dx.doi.org/10.1145/3631204.3631859
,2023, 'ACETest: Automated Constraint Extraction for Testing Deep Learning Operators', in ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 690 - 702, http://dx.doi.org/10.1145/3597926.3598088
,2023, 'ASTER: Automatic Speech Recognition System Accessibility Testing for Stutterers', in Proceedings - 2023 38th IEEE/ACM International Conference on Automated Software Engineering, ASE 2023, pp. 510 - 521, http://dx.doi.org/10.1109/ASE56229.2023.00107
,2023, 'HasteFuzz: Full-Speed Fuzzing', in Proceedings - 2023 IEEE/ACM International Workshop on Search-Based and Fuzz Testing, SBFT 2023, pp. 73 - 75, http://dx.doi.org/10.1109/SBFT59156.2023.00022
,2023, 'NAUTILUS: Automated RESTful API Vulnerability Detection', in 32nd USENIX Security Symposium, USENIX Security 2023, pp. 5593 - 5610
,2023, 'PumpChannel: An Efficient and Secure Communication Channel for Trusted Execution Environment on ARM-FPGA Embedded SoC', in Proceedings -Design, Automation and Test in Europe, DATE, http://dx.doi.org/10.23919/DATE56975.2023.10137170
,2023, 'RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing', in Proceedings - IEEE Symposium on Security and Privacy, pp. 2155 - 2169, http://dx.doi.org/10.1109/SP46215.2023.10179421
,2022, 'More Secure Collaborative APIs resistant to Flush-Based Cache Attacks on Cortex-A9 Based Automotive System', in Proceedings - CSCS 2022: 6th ACM Computer Science in Cars Symposium, http://dx.doi.org/10.1145/3568160.3570227
,2022, 'Morest: Industry Practice of Automatic RESTful API Testing', in ACM International Conference Proceeding Series, http://dx.doi.org/10.1145/3551349.3559498
,2022, 'Efficient greybox fuzzing of applications in Linux-based IoT devices via enhanced user-mode emulation', in ISSTA 2022 - Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 417 - 428, http://dx.doi.org/10.1145/3533767.3534414
,2022, 'Morest: Model-based RESTful API Testing with Execution Feedback', in Proceedings - International Conference on Software Engineering, pp. 1406 - 1417, http://dx.doi.org/10.1145/3510003.3510133
,2022, 'RegexScalpel: Regular Expression Denial of Service (ReDoS) Defense by Localize-and-Fix', in Proceedings of the 31st USENIX Security Symposium, Security 2022, pp. 4183 - 4200
,2022, 'Windranger: A Directed Greybox Fuzzer driven by Deviation Basic Blocks', in Proceedings - International Conference on Software Engineering, pp. 2440 - 2451, http://dx.doi.org/10.1145/3510003.3510197
,2021, 'SoFi: Reflection-Augmented Fuzzing for JavaScript Engines', in Proceedings of the ACM Conference on Computer and Communications Security, pp. 2229 - 2242, http://dx.doi.org/10.1145/3460120.3484823
,2021, 'A First Look at the Effect of Deep Learning in Coverage-guided Fuzzing', in Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021, pp. 1186 - 1189, http://dx.doi.org/10.1109/ASE51524.2021.9678794
,2021, 'APICRAFT: Fuzz driver generation for closed-source SDK libraries', in Proceedings of the 30th USENIX Security Symposium, pp. 2811 - 2828
,2021, 'AutoCom: Automatic comment generation for C code', in Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE, pp. 632 - 633, http://dx.doi.org/10.18293/SEKE2021-202
,2021, 'BIFF: Practical Binary Fuzzing Framework for Programs of IoT and Mobile Devices', in Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021, pp. 1161 - 1165, http://dx.doi.org/10.1109/ASE51524.2021.9678910
,2021, 'Vall-nut: Principled Anti-Grey box - Fuzzing', in Proceedings - International Symposium on Software Reliability Engineering, ISSRE, pp. 288 - 299, http://dx.doi.org/10.1109/ISSRE52982.2021.00039
,2020, 'Ori: A greybox fuzzer for SOME/IP protocols in automotive ethernet', in Proceedings - Asia-Pacific Software Engineering Conference, APSEC, pp. 495 - 499, http://dx.doi.org/10.1109/APSEC51365.2020.00063
,2020, 'Memlock: Memory usage guided fuzzing', in Proceedings - International Conference on Software Engineering, pp. 765 - 777, http://dx.doi.org/10.1145/3377811.3380396
,2020, 'Typestate-guided fuzzer for discovering use-after-free vulnerabilities', in Proceedings - International Conference on Software Engineering, pp. 999 - 1010, http://dx.doi.org/10.1145/3377811.3380386
,2020, 'MUZZ: Thread-aware grey-box fuzzing for effective bug hunting in multithreaded programs', in Proceedings of the 29th USENIX Security Symposium, pp. 2325 - 2342
,2019, 'Cerebro: Context-aware adaptive fuzzing for effective vulnerability detection', in ESEC/FSE 2019 - Proceedings of the 2019 27th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 533 - 544, http://dx.doi.org/10.1145/3338906.3338975
,2019, 'Locating vulnerabilities in binaries via memory layout recovering', in ESEC/FSE 2019 - Proceedings of the 2019 27th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 718 - 728, http://dx.doi.org/10.1145/3338906.3338966
,2019, 'LEOPARD: Identifying Vulnerable Code for Vulnerability Assessment Through Program Metrics', in Proceedings - International Conference on Software Engineering, pp. 60 - 71, http://dx.doi.org/10.1109/ICSE.2019.00024
,2019, 'Diffchaser: Detecting disagreements for deep neural networks', in IJCAI International Joint Conference on Artificial Intelligence, pp. 5772 - 5778, http://dx.doi.org/10.24963/ijcai.2019/800
,2018, 'FOT: A versatile, configurable, extensible fuzzing framework', in ESEC/FSE 2018 - Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 867 - 870, http://dx.doi.org/10.1145/3236024.3264593
,2018, 'Hawkeye: Towards a desired directed grey-box fuzzer', in Proceedings of the ACM Conference on Computer and Communications Security, pp. 2095 - 2108, http://dx.doi.org/10.1145/3243734.3243849
,2018, 'Principled greybox fuzzing', in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), pp. 455 - 458, http://dx.doi.org/10.1007/978-3-030-02450-5_34
,2017, 'Steelix: Program-state based binary fuzzing', in Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 627 - 637, http://dx.doi.org/10.1145/3106237.3106295
,Preprints
2024, A Survey of Protocol Fuzzing, http://dx.doi.org/10.48550/arxiv.2401.01568
,