083900-网络空间安全
0812Z1-信息安全
081201-计算机系统结构

系统安全，处理器安全，内存安全
软硬件协同安全设计
系统级攻防研究

2025-10--中国科学院信息工程研究所   研究员
2019-10--2025-10   中国科学院信息工程研究所   副研究员
2014-07--2019-10   中国科学院信息工程研究所   助理研究员
2008-09--2014-07   中国科学院计算技术研究所   硕博连读，工学博士
2004-09--2008-07   清华大学自动化系   本科，学士

计算机组成与结构（研讨课）
计算系统安全
计算机组成原理（研讨课）
计算机组成原理习题课
计算机组成原理
计算机体系结构安全
高级计算机系统结构

   

（1） Critical Variable State-Aware Directed Greybox Fuzzing, 47th IEEE/ACM International Conference on Software Engineering, 2025, 第 4 作者  通讯作者
（2） HScheduler: An execution history-based seed scheduling strategy for hardware fuzzing, Computers & Security, 2025, 第 4 作者  通讯作者
（3） ArgvFuzz: Argv-Sensitive Multi-target Directed Greybox Fuzzing, International Conference on Computer Supported Cooperative Work in Design, 2025, 第 3 作者  通讯作者
（4） Into the Unknown: Fuzzing CPU Non-standard Instructions with MystFuzz, Annual Computer Security Applications Conference, 2025, 第 3 作者  通讯作者
（5） DiveFuzz: Enhancing CPU Fuzzing via Diverse Instruction Construction, ACM SIGSAC Conference on Computer and Communications Security, 2025, 第 4 作者  通讯作者
（6） UltraVCS: Ultra-fine-grained Variable-based Code Slicing for Automated Vulnerability Detection, IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2024, 第 2 作者  通讯作者
（7） SSFuzz: Generating syntactic and semantic seeds for RISC-V processors, Great Lakes Sym posium on VLSI, 2024, 第 3 作者
（8） SCFI: Efficient forward fine-grained control flow integrity based on coarse-grained ISA extensions, Computers & Security, 2024, 第 3 作者  通讯作者
（9） Prospector: Boosting Directed Greybox Fuzzing for Large-scale Target Sets with Iterative Prioritization, International Symposium on Software Testing and Analysis, 2024, 第 2 作者  通讯作者
（10） Vulnerability Localization Based on Intermediate Code Representation and Feature Fusion, The Computer Journal, 2024, 第 2 作者  通讯作者
（11） Scheduled Execution-based Binary Indirect Call Targets Refinement, European Symposium on Research in Computer Security, 2024, 第 3 作者  通讯作者
（12） Sleuth: A Switchable Dual-Mode Fuzzer to Investigate Bug Impacts Following a Single PoC, International Symposium on Software Testing and Analysis, 2024, 第 2 作者  通讯作者
（13） CDNM: Clustering-Based Data Normalization Method For Automated Vulnerability Detection, COMPUTER JOURNAL, 2024, 第 2 作者  通讯作者
（14） Cross Domain on Snippets: BiLSTM-TextCNN based Vulnerability Detection with Domain Adaptation, The 26th International Conference on Computer Supported Cooperative Work in Design (CSCWD), 2023, 第 2 作者  通讯作者
（15） Code Property Graph based Vulnerability Type Identification with Fusion Representation, The 26th International Conference on Computer Supported Cooperative Work in Design (CSCWD), 2023, 第 4 作者  通讯作者
（16） KPDFI: Efficient data flow integrity based on key property against data corruption attack, COMPUTERS & SECURITY, 2023, 第 2 作者  通讯作者
（17） CDNM: Clustering-Based Data Normalization Method For Automated Vulnerability Detection, COMPUTER JOURNAL, 2023, 第 2 作者  通讯作者
（18） Inductive Vulnerability Detection via Gated Graph Neural Network, The IEEE 25th International Conference on Computer Supported Cooperative Work in Design, 2022, 第 2 作者  通讯作者
（19） Gadgets Splicing: Dynamic Binary Transformation for Precise Rewriting, International Symposium on Code Generation and Optimization （CGO）, 2022, 第 3 作者  通讯作者
（20） Automated Vulnerable Codes Mutation through Deep Learning for Variability Detection, International Joint Conference on Neural Networks, 2022, 第 4 作者  通讯作者
（21） Finding Runtime Usable Gadgets: On the Security of Return Address Authentication, The 19th IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA), 2021, 第 3 作者  通讯作者
（22） Self-Attention based Automated Vulnerability Detection with Effective Data Representation, The 19th IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA), 2021, 第 2 作者  通讯作者
（23） Twine Stack: A Hybrid Mechanism Achieving Less Cost for Return Address Protection, Asian Test Symposium (ATS), 2021, 第 2 作者  通讯作者
（24） Accelerating Data-Flow Analysis with Full-Partitioning, The 19th IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA), 2021, 第 2 作者  通讯作者
（25） AVDHRAM: Automated Vulnerability Detection based on Hierarchical Representation and Attention Mechanism, The 18th IEEE International Symposium on Parallel and Distributed Processing with Applications（ISPA）, 2020, 第 2 作者  通讯作者
（26） Zipper Stack: Shadow Stacks Without Shadow, The 25th European Symposium on Research in Computer Security (ESORICS), 2020, 第 2 作者  通讯作者
（27） Efficient Return Address Verification Based on Dislocated Stack, IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2020, 第 4 作者  通讯作者
（28） ABCFI: Fast and Lightweight Fine-Grained Hardware-Assisted Control-Flow Integrity, IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2020, 第 2 作者  通讯作者
（29） Dam: A Practical Scheme to Mitigate Data-oriented Attacks with Tagged Memory based on Hardware, 2019 26TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC), 2019, 第 2 作者  通讯作者
（30） TMDFI: Tagged Memory Assisted for Fine-grained Data-Flow Integrity towards Embedded Systems against Software Exploitation, 2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, 第 3 作者  通讯作者
（31） Function-Oriented Programming: A New Class of Code Reuse Attack in C Applications, 2018 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS), 2018, 第 2 作者
（32） SMP: A New Mechanism to Mitigate Control-Flow Hijacking Attacks, 2018 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS ENGINEERING (ICISE), 2018, 第 2 作者
（33） A Comprehensive Detection of Memory Corruption Vulnerabilities for C/C++ Programs, The 16th IEEE International Symposium on Parallel and Distributed Processing with Applications, 2018, 第 2 作者  通讯作者
（34） 基于配件加权标记的代码重用攻击防御框架, A Framework based on Gadget Weighted Tagging (GWT) to Protect Against Code Reuse Attacks, 信息安全学报, 2018, 第 2 作者
（35） 内存数据污染攻击和防御综述, A Survey of Memory Corruption Attack and Defense, 信息安全学报, 2017, 第 2 作者
（36） Rethinking robust and accurate application protocol identification, COMPUTER NETWORKS, 2017, 第 4 作者
（37） A nonparametric approach to the automated protocol fingerprint inference, JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2017, 第 4 作者
（38） Gadget Weighted Tagging: A Flexible Framework to Protect Against Code Reuse Attacks, ICT SYSTEMS SECURITY AND PRIVACY PROTECTION, SEC 2017, 2017, 第 1 作者  通讯作者
（39） Multiple-combinational-channel: A network architecture for workload balance and deadlock free, FUTURE GENERATION COMPUTER SYSTEMS, 2016, 第 1 作者
（40） Multiple-combinational-channel: A network architecture for workload balance and deadlock free, FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2016, 第 1 作者
（41） Multiple-combinational-channel: A network architecture for workload balance and deadlock free. Future Generation Computer Systems, Future Generation Computer Systems, 2016, 第 1 作者

已指导学生

郑雄  硕士研究生  085400-电子信息  

现指导学生

费卅  硕士研究生  083900-网络空间安全  

胡晋玮  硕士研究生  081201-计算机系统结构  

李叡青  硕士研究生  083900-网络空间安全  

林泽尧  硕士研究生  083900-网络空间安全  

刘永哲  硕士研究生  083900-网络空间安全  

王镭翰  硕士研究生  085412-网络与信息安全