发表论文
(1) File hijacking vulnerability: The elephant in the room, File hijacking vulnerability: The elephant in the room, Proceedings of the Network and Distributed System Security Symposium, 2024, 第 6 作者(2) PEARL: A Multi-Derivation Approach to Efficient CFL-Reachability Solving, IEEE Transactions on Software Engineering, 2024, 第 5 作者 通讯作者(3) Better Not Together: Staged Solving for Context-Free Language Reachability, Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024, 第 4 作者 通讯作者(4) Boosting the Performance of Alias-Aware IFDS Analysis with CFL-Based Environment Transformers, Proceedings of the ACM on Programming Languages (OOPSLA2), 2024, 第 4 作者 通讯作者(5) Detecting Broken Object-Level Authorization Vulnerabilities in Database-Backed Applications, ACM Conference on Computer and Communications Security, 2024, 第 6 作者 通讯作者(6) Boosting the Performance of Multi-Solver IFDS Algorithms with Flow-Sensitivity Optimizations, 2024 IEEE/ACM International Symposium on Code Generation and Optimization, 2024, 第 5 作者 通讯作者(7) Generic Sensitivity: Generics-Guided Context Sensitivity for Pointer Analysis, IEEE Transactions on Software Engineering, 2024, 第 8 作者 通讯作者(8) AutoWeb: Automatically Inferring Web Framework Semantics via Configuration Mutation, International Conference on Engineering of Complex Computer Systems, 2024, 第 6 作者 通讯作者(9) Two Birds with One Stone: Multi-Derivation for Fast Context-Free Language Reachability Analysis, Two Birds with One Stone: Multi-Derivation for Fast Context-Free Language Reachability Analysis, 2023 38th IEEE/ACM International Conference on Automated Software, 2023, 第 5 作者 通讯作者(10) Generic sensitivity: customizing context-sensitive pointer analysis for generics, the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022, 第 6 作者 通讯作者(11) 面向对象程序的上下文敏感指针分析研究, Context-sensitive Pointer Analysis for Object-oriented Programs:A Systematic Literature Review, 软件学报, 2022, 第 5 作者(12) Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems (Best paper honorable mention), the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022, 第 4 作者 通讯作者(13) COMRACE: Detecting Data Race Vulnerabilities in COM Objects, Usenix Security, 2022, 第 3 作者 通讯作者(14) CloudRaid: Detecting Distributed Concurrency Bugs via Log-Mining and Enhancement, IEEE Transactions on Software Engineering, 2021, 第 3 作者 通讯作者(15) Detecting TensorFlow Program Bugs in Real-World Industrial Environment, The 36th IEEE/ACM International Conference on Automated Software Engineering (ASE'21), 2021, 第 5 作者(16) Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution, the 28th Asia-Pacific Software Engineering Conference, 2021, 第 4 作者 通讯作者(17) GoBench: A Benchmark Suite of Real-World Go Concurrency Bugs, CGO '21: PROCEEDINGS OF THE 2021 IEEE/ACM INTERNATIONAL SYMPOSIUM ON CODE GENERATION AND OPTIMIZATION (CGO), 2021, 第 5 作者 通讯作者(18) Scaling Up the IFDS Algorithm with Efficient Disk-assisted Computing, IEEE/ACM International Symposium on Code Generation and Optimization (CGO), 2021, 第 6 作者 通讯作者(19) Understanding Node Change Bugs for Distributed Systems, 2019 IEEE 26TH INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION AND REENGINEERING (SANER), 2019, 第 3 作者 通讯作者(20) 程序分析研究进展, Recent Progress in Program Analysis, 软件学报, 2019, 第 7 作者(21) CrashTuner: Detecting Crash-Recovery Bugs in Cloud Systems via Meta-Info Analysis, PROCEEDINGS OF THE TWENTY-SEVENTH ACM SYMPOSIUM ON OPERATING SYSTEMS PRINCIPLES (SOSP '19), 2019, 第 3 作者 通讯作者(22) Performance-Boosting Sparsification of the IFDS Algorithm with Applications to Taint Analysis, 34TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE 2019), 2019, 第 8 作者(23) 面向Android应用隐私泄露检测的多源污点分析技术, Multi-source Taint Analysis Technique for Privacy Leak Detection of Android Apps, 软件学报, 2019, 第 4 作者(24) 基于稀疏框架的静态污点分析优化技术, Sparse Framework Based Static Taint Analysis Optimization, 计算机研究与发展, 2019, 第 3 作者(25) AgamottoEye:Recovering Request Flow for Cloud Systems via Log Analysis, AgamottoEye:Recovering Request Flow for Cloud Systems via Log Analysis, 计算机科学研究(英文), 2019, 第 3 作者(26) CloudRaid: Hunting Concurrency Bugs in the Cloud via Log-Mining, ESEC/FSE'18: PROCEEDINGS OF THE 2018 26TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERING, 2018, 第 3 作者 通讯作者(27) 基于静态调度的多线程程序分析方法, Multi-threaded program analysis with static scheduler, 高技术通讯, 2018, 第 2 作者(28) Understanding and Detecting Evolution-Induced Compatibility Issues in Android Apps, PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18), 2018, 第 2 作者 通讯作者(29) May-happen-in-parallel analysis with static vector clocks, Proceedings of the 2018 International Symposium on Code Generation and Optimization, 2018, (30) 污点分析技术的原理和实践应用, Principle and Practice of Taint Analysis, 软件学报, 2017, 第 3 作者(31) Symbolic Execution with Value-range Analysis for Floating-point Exception Detection, 24th Asia-Pacific Software Engineering Conference (APSEC'17), 2017, (32) Dynamic Symbolic Execution for Polymorphism, CC'17: PROCEEDINGS OF THE 26TH INTERNATIONAL CONFERENCE ON COMPILER CONSTRUCTION, 2017, 第 1 作者 通讯作者(33) Precise and Scalable Context-Sensitive Pointer Analysis via Value Flow Graph, ACM SIGPLAN NOTICES, 2013, 第 1 作者 通讯作者(34) SEED: A Statically Greedy and Dynamically Adaptive Approach for Speculative Loop Execution, IEEE TRANSACTIONS ON COMPUTERS, 2013, 第 2 作者(35) Path-Sensitive Data Flow Analysis Simplified, FORMAL METHODS AND SOFTWARE ENGINEERING, 2013, 第 6 作者(36) Through the Looking Glass: Transitioning Parfait into a Development Tool, IEEE Security & Privacy Journal, 2012, 第 1 作者(37) Boosting the Performance of Flow-sensitive Pointer Analysis using Value Flow, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2011, 第 1 作者 通讯作者(38) Static Deep Error Checking in Large System Applications using Parfait, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2011, 第 1 作者(39) Scratchpad Memory Allocation for Data Aggregates via Interval Coloring in Superperfect Graphs, ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS, 2010, 第 1 作者 通讯作者(40) Practical and Effective Symbolic Analysis for Buffer Overow Detection, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2010, 第 1 作者(41) BegBunch: Benchmarking for C Bug Detection Tools, Workshop on Defects in Large Software Systems, 2009, 第 1 作者(42) Compiler-Directed Scratchpad Memory Management via Graph Coloring, ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, 2009, 第 1 作者(43) Program Analysis for Bug Detection using Parfait, Workshop on Partial Evaluation and Semantic-Based Program Manipulation, 2009, 第 1 作者(44) Exploiting Speculative TLP in Recursive Pro-grams by Dynamic Thread Prediction, International Conference on Compiler Construction, 2009, 第 1 作者(45) Thread-Sensitive Modulo Scheduling for Multi-core Processors, International Conference on Parallel Processing, 2008, 第 1 作者(46) Trace-based leakage energy optimisations at link time, JOURNAL OF SYSTEMS ARCHITECTURE, 2007, 第 1 作者(47) Scratchpad Allocation for Data Aggregates in Superperfect Graphs, LCTES'07: PROCEEDINGS OF THE 2007 ACM SIGPLAN-SIGBED CONFERENCE ON LANGUAGES, COMPILERS, AND TOOLS FOR EMBEDDED SYSTEMS, 2007, 第 1 作者(48) Towards data tiling for whole programs in sc ratchpad memory allocation, ADVANCES IN COMPUTER SYSTEMS ARCHITECTURE, PROCEEDINGS, 2007, 第 1 作者 通讯作者(49) Memory Coloring: A Compiler Approach for Scratchpad Memory Management, International Conference on Parallel Architecture and Compilation Techniques, 2005, 第 1 作者(50) A trace-based binary compilation framework for energy-aware computing, ACM SIGPLAN NOTICES, 2004,