基本信息

孟国柱  中国科学院信息工程研究所 


网络空间安全防御全国重点实验室副研究员,博导

02体系结构安全研究室副主任

中国科学院大学岗位教师


北京市科技新星

ACM SIGSAC中国科技新星


电子邮箱:mengguozhu@iie.ac.cn

个人主页:mengguozhu.com

办公地址:北京市海淀区树村路19号

研究领域

主要研究方向包括移动安全、智能驱动的软件安全、人工智能安全,在信息安全和软件工程领域发表论文六十余篇,包括ACM CCS、USENIX Security等CCF-A类论文三十余篇。

  • 移动安全:恶意代码 [ISSTA'15, AsiaCCS'15, TIFS'17,19,21]、移动应用缺陷 [FSE'17, ICSE'18, ASE'18, ASE'19, ICSE'20]

  • 智能驱动的软件安全:漏洞分析、挖掘和验证 [NDSS'13, ICSE'20, ISSRE'21, WWW'21, USENIX Sec'23]、代码修复 [ASE'22]

  • 人工智能安全:大模型安全 [USENIX Sec'24, CCS'24, ASE'24]、模型窃取 [USENIX Sec'21, CCS'22]、模型后门 [USENIX Sec'23, AAAI'24]、模型可解释性 [CCS'23]

招生信息

计划招收2024年秋季入学的博士生1-2名,硕士生1-2名

招生专业
083900-网络空间安全
招生方向
人工智能安全,移动安全,大数据安全,漏洞挖掘

教育背景

2013-01--2017-06   新加坡南洋理工大学   博士研究生
2009-09--2012-06   天津大学   硕士研究生
2005-09--2009-06   天津大学   学士

工作经历

2018-09--至今   中国科学院信息工程研究所  副研究员

工作简历
2018-09~现在, 中国科学院信息工程研究所, 副研究员

教授课程

基于大数据的软件安全
移动安全与测评
人工智能安全
文献阅读
对抗机器学习

专利与奖励

   
奖励信息
(1) 北京市科技新星, 省级, 2022
(2) 天津市科技进步一等奖, 一等奖, 省级, 2020
(3) ACM SIGSAC中国科技新星, , 专项, 2019
(4) ACM SIGSOFT ICSE最佳论文奖, , 其他, 2018
(5) 信息安全国家重点实验室最佳论文奖, , 其他, 2018
(6) 信工所重大科技进展奖, , 研究所(学校), 2018

出版信息

   
发表论文

  • [ASE'24, CCF-A] Xueyang Li, Guozhu Meng, Shangqing Liu, Lu Xiang, Kun Sun, Kai Chen, and Yang Liu, "Attribution-guided Adversarial Code Prompt Generation for Code Completion Models", Proceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering (ASE 2024), Sacramento, California, US, 2024.

  • ​[CCS'24, CCF-A] Tong Liu, Zizhuang Deng, Guozhu Meng, Yuekang Li, and Kai Chen, "Demystifying RCE Vulnerabilities in LLM-Integrated Apps", in The ACM Conference on Computer and Communications Security (CCS), Salt Lake City, US, 2024.

  • [TOSEM'24, CCF-A]  Shangqing Liu, Yanzhou Li, Xiaofei Xie, Wei Ma, Guozhu Meng, and Yang Liu, "Automated Commit Intelligence by Pre-training," ACM Transactions on Software Engineering and Methodology (TOSEM) 2024.

  • [USENIX Sec'24, CCF-A] Tong Liu, Yingjie Zhang, Zhe Zhao, Yinpeng Dong, Guozhu Meng, and Kai Chen, "Making Them Ask and Answer: Jailbreaking Large Language Models in Few Queries via Disguise and Reconstruction," in Proceedings of the 33rd USENIX Security Symposium (USENIX), PHILADELPHIA, PA, USA 2024.

  • [NDSS'24, CCF-A] Peizhuo Lv, Pan Li, Shenchen Zhu, Shengzhi Zhang, Kai Chen, Ruigang Liang, Chang Yue, Fan Xiang, Yuling Cai, Hualong Ma, Yingjun Zhang and Guozhu Meng, "Ssl-wm: A black-box watermarking approach for encoders pre-trained by self-supervised learning," The Network and Distributed System Security (NDSS) Symposium 2024.

  • [AAAI'24, CCF-A] Jiachen Zhou, Peizhuo Lv, Yibing Lan, Guozhu Meng, Kai Chen and Hualong Ma, "DataElixir: Purifying Poisoned Dataset to Mitigate Backdoor Attacks via Diffusion Models," Proceedings of the AAAI Conference on Artificial Intelligence 2024. 

  • [CCS'23, CCF-A] Jinwen He, Kai Chen, Guozhu Meng, Jiangshan Zhang and Congyi Li, "Good-looking but Lacking Faithfulness: Understanding Local Explanation Methods through Trend-based Testing," in The ACM Conference on Computer and Communications Security (CCS), Copenhagen, Denmark, 2023.  

  • [USENIX Sec'23, CCF-A] Zizhuang Deng, Guozhu Meng, Kai Chen, Tong Liu, Lu Xiang, and Chunyang Chen, "Differential Testing of Cross Deep Learning Framework APIs: Revealing Inconsistencies and Vulnerabilities," in Proceedings of the 32nd USENIX Security Symposium (USENIX), ANAHEIM, CA, USA, 2023.

  • [USENIX Sec'23, CCF-A] Chengan Wei, Yeonjoon Lee, Kai Chen, Guozhu Meng, and Peizhuo Lv, "Aliasing Backdoor Attacks on Pre-trained Models," in Proceedings of the 32nd USENIX Security Symposium (USENIX), ANAHEIM, CA, USA, 2023. 

  • [IJCAI'23, CCF-A] Tianlin Li, Zhiming Li, Anran Li, Mengnan Du, Aishan Liu, Qing Guo, Guozhu Meng and Yang Liu, "Fairness via Group Contribution Matching," International Joint Conference on Artificial Intelligence 2023.

  • [ICSE'23, CCF-A] Shangqing Liu, Bozhi Wu, Xiaofei Xie, Guozhu Meng, and Yang Liu, "ContraBERT: Enhancing Code Pre-trained Models via Contrastive Learning," in The 45th International Conference on Software Engineering (ICSE), Melbourne, Australia, 2023. 

  • [TSE'23, CCF-A] Shangqing Liu, Xiaofei Xie, Jingkai Siow, Lei Ma, Guozhu Meng, and Yang Liu, "GraphSearchNet: Enhancing GNNs via Capturing Global Dependencies for Semantic Code Search," in IEEE Transactions on Software Engineering (TSE), 2023.  

  • [CCS'22, CCF-A] Zizhuang Deng, Kai Chen, Guozhu Meng, Xiaodong Zhang, Ke Xu and Yao Cheng, "Understanding Real-world Threats to Deep Learning Models in Android Apps," in The ACM Conference on Computer and Communications Security (CCS), Los Angeles, USA, 2022, pp. 785-799.  

  • [ASE'22, CCF-A] Xueyang Li, Shangqing Liu, Ruitao Feng, Guozhu Meng, Xiaofei Xie, Kai Chen and Yang Liu, "TransRepair: Context-aware Program Repair for Compilation Errors," in The 37th IEEE/ACM International Conference on Automated Software Engineering (ASE), Michigan, USA, 2022.  

  • [SIGMETRICS'22, CCF-B] Liu Wang, Haoyu Wang, Ren He, Ran Tao, Guozhu Meng, Xiapu Luo and Xuanzhe Liu, "MalRadar: Demystifying Android Malware in the New Era," in ACM SIGMETRICS / IFIP PERFORMANCE 2022 (SIGMETRICS 2022), Mumbai, India, 2022.  

  • [SANER'22, CCF-B] Siow Jing Kai, Shangqing Liu, Xiaofei Xie, Guozhu Meng and Yang Liu, "Learning Program Semantics with Code Representations: An Empirical Study," in 29th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2022), Hawaii, 2022. 

  • [ICA3PP'21, CCF-C] Xingbo Hu, Yibing Lan, Ruimin Gao, Guozhu Meng, and Kai Chen, "Why is Your Trojan NOT Responding? A Quantitative Analysis of Failures in Backdoor Attacks of Neural Networks," in The 21st International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP 2021), Xiamen, China, 2021. 

  • [ISSRE'21, CCF-B] Yuekang Li, Guozhu Meng, Jun Xu, Cen Zhang, Hongxu Chen, Xiaofei Xie, Haijun Wang and Yang Liu, "VALL-NUT: Principled Anti-Greybox-Fuzzing," in The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021), Wuhan, China, 2021. 

  • [USENIX Sec'21, CCF-A] Yingzhe He, Guozhu Meng, Kai Chen, Jinwen He, and Xingbo Hu, "DRMI: A Dataset Reduction Technology based on Mutual Information for Black-box Attacks," in Proceedings of the 30th USENIX Security Symposium (USENIX), Vancouver, B.C., Canada, 2021.  

  • [WWW'21, CCF-A] Dongsong Yu, Guangliang Yang, Guozhu Meng, Xiaorui Gong, Xiu Zhang, Xiaobo Xiang, Xiaoyu Wang, Yue Jiang, Kai Chen, Wei Zou, Wenke Lee and Wenchang Shi, "SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization," in Proceedings of the 30th The Web Conference (WWW), Ljubljana, Slovenia, 2021.  

  • [WWW'21, CCF-A] Shuang Liu, Baiyang Zhao, Renjie Guo, Guozhu Meng, Fan Zhang and Meishan Zhang, "Have You been Properly Notified? Automatic Compliance Analysis of Privacy Policy Text with GDPR Article 13," in Proceedings of the 30th The Web Conference (WWW), Ljubljana, Slovenia, 2021.  

  • [TSE'20, CCF-A] Yingzhe He, Guozhu Meng, Kai Chen, Xingbo Hu, and Jinwen He, "Towards Security Threats of Deep Learning Systems: A Survey," in IEEE Transactions on Software Engineering, 2020. 

  • [TIFS'20, CCF-A] Ruitao Feng, Sen Chen, Xiaofei Xie, Guozhu Meng, Shang-Wei Lin, and Yang Liu, "A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices," in IEEE Transactions on Information Forensics and Security, 2020. 

  • [ICSME'20, CCF-B] Wei Wang, Guozhu Meng, Haoyu Wang, Kai Chen, Weimin Ge, and Xiaohong Li, "A3IDENT: A Two-phased Approach to Identify the Leading Authors of Android Apps," in 36th IEEE International Conference on Software Maintenance and Evolution (ICSME), Adelaide, Austalia, 2020, pp. 617--628. 

  • [ICSE'20, CCF-A] Bingchang Liu, Guozhu Meng, Wei Zou, Feng Li, Qi Gong, Min Lin, Dandan Sun, Wei Huo, and Chao Zhang, "A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned," in The 42nd International Conference on Software Engineering (ICSE), Seoul, South Korean, 2020, pp. 1547-–1559.  

  • [ICSE'20, CCF-A] Sen Chen, Lingling Fan, Guozhu Meng, Ting Su, Minhui Xue, Yinxing Xue, Yang Liu, Lihua Xu, "An Empirical Assessment of Security Risks of Global Android Banking Apps," in The 42nd International Conference on Software Engineering (ICSE), Seoul, South Korean, 2020, pp. 1310--1322.  

  • [Inscrypt'19] Mingming Zha, Guozhu Meng, Chaoyang Lin, Zhe Zhou and Kai Chen, "RoLMA: A Practical Adversarial Attack against Deep Learning-based LPR Systems," in The 15th International Conference on Information Security and Cryptology, Nanjing, China, 2019, pp. 101-117. 

  • [ASE'19, CCF-A] Haoyu Wang, Hongxuan Liu, Xusheng Xiao, Guozhu Meng, and Yao Guo, "Characterizing Android App Signing Issues," in The 34th IEEE/ACM International Conference on Automated Software Engineering (ASE), San Diego, CA, USA, 2019, pp. 280-292.

  • [C&S'19, CCF-B] Zhushou Tang, Minhui Xue, Guozhu Meng, Chengguo Ying, Yugeng Liu, Jianan He, Haojin Zhu and Yang Liu, "Securing Android Applications via Edge Assistant Third-party Library Detection," in Computers & Security, vol. 80, 2019, pp. 257--272. 

  • [TIFS'19, CCF-A] Guozhu Meng, Matthew Patrick, Yinxing Xue, Yang Liu and Jie Zhang, "Securing Android App Markets via Modelling and Predicting Malware Spread between Markets," in IEEE Transactions on Information Forensics and Security, vol. 14, issue 7, 2019, pp. 1944 - 1959. 

  • [ASE'18, CCF-A] Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu, and Geguang Pu, "Efficiently Manifesting Asynchronous Programming Errors in Android Apps," in The 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE), Montpellier, France, 2018, pp. 486--497.  

  • [CyberSecurity'18] Guozhu Meng, Ruitao Feng, Guangdong Bai, Kai Chen, and Yang Liu, "DroidEcho: An In-depth Dissection of Malicious Behaviors in Android Applications," in Cybersecurity, vol. 1, issue 1, 2018, pp. 1--17.  

  • [ICSE'18, CCF-A] Chunyang Chen, Ting Su, Guozhu Meng, Zhenchang Xing and Yang Liu, "From UI Design Image to GUI Skeleton: A Neural Machine Translator to Bootstrap Mobile GUI Implementation," in The 40th International Conference on Software Engineering (ICSE), Gothenburg, Sweden, 2018, pp. 665-676.  

  • [ICSE'18, CCF-A] Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu, Geguang Pu and Zhendong Su, "Large-Scale Analysis of Framework-Specific Exceptions in Android Apps," in The 40th International Conference on Software Engineering (ICSE), Gothenburg, Sweden, 2018, pp. 408--419. (ACM SIGSOFT Distinguished Paper Award)

  • [ASE'17, CCF-A] Yun Lin, Guozhu Meng, Yinxing Xue, Zhenchang Xing, Jun Sun, Xin Peng, Yang Liu, Wenyun Zhao, and Jinsong Dong, "Mining Implicit Design Templates for Actionable Code Reuse," in The 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), Urbana-Champaign, Illinois, USA, 2017, pp. 394--404.  

  • [FSE'17, CCF-A] Ting Su, Guozhu Meng, Yuting Chen, Ke Wu, Weiming Yang, Yao Yao, Geguang Pu, Yang Liu, and Zhendong Su, "Guided, Stochastic Model-Based GUI Testing of Android Apps," in 11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), Paderborn, Germany, 2017, pp. 245--256. (First Prize of Tool Demo in NASAC 2017)

  • [TMC'17, CCF-A] Liang He, Guozhu Meng, Yu Gu, Cong Liu, Jun Sun, Ting Zhu, Yang Liu, and Kang G Shin, "Battery-Aware Mobile Data Service," in IEEE Transactions on Mobile Computing (TMC), vol. 16, issue 6, 2017, pp. 1544--1558. 

  • [TIFS'17, CCF-A] Yinxing Xue, Guozhu Meng, Yang Liu, Tian Huat Tan, Hongxu Chen, Jun Sun, and Jie Zhang, "Auditing Anti-Malware Tools by Evolving Android Malware and Dynamic Loading Technique," in IEEE Transactions on Information Forensics and Security (TIFS), vol. 12, issue 7, 2017, pp. 1529--1544.  

  • [ISSTA'16, CCF-A] Guozhu Meng, Yinxing Xue, Zhengzi Xu, Yang Liu, Jie Zhang, and Annamalai Narayanan, "Semantic Modelling of Android Malware for Effective Malware Comprehension, Detection, and Classification," in The International Symposium on Software Testing and Analysis (ISSTA), Saarbrücken, Germany, 2016, pp. 306--317.  

  • [AsiaCCS'16] Guozhu Meng, Yinxing Xue, Mahinthan Chandramohan, Annamalai Narayanan, Yang Liu, Jie Zhang, and Tieming Chen, "Mystique: Evolving Android Malware for Auditing Anti-Malware Tools," in ACM Asia Conference on Computer and Communicatoins Security (AsiaCCS), Xi'an, China, 2016, pp. 365--376. 

  • [CSUR'15, SCI一区] Guozhu Meng, Yang Liu, Jie Zhang, Alexander Pokluda, and Raouf Boutaba, "Collaborative Security: A Survey and Taxonomy," in ACM Computing Surveys (CSUR), vol. 48, issue 1, 2015, pp. 1--42.  

  • [NDSS'13, CCF-A] Guangdong Bai, Jike Lei, Guozhu Meng, Sai Sathyanarayan Venkatraman, Prateek Saxena, Jun Sun, Yang Liu, and Jin Song Dong, "AuthScan: Automatic Extraction of Web Authentication Protocols from Implementations," in Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, 2013.


科研活动

   
科研项目
( 1 ) 基于智能化方法的代码安全加固技术研究, 负责人, 国家任务, 2020-01--2022-12
( 2 ) CCF-腾讯犀牛鸟科研基金, 负责人, 企业委托, 2020-10--2021-10
( 3 ) 基于人工智能的漏洞检测研究, 负责人, 国家任务, 2020-07--2023-07
( 4 ) 云环境下恶意文件精准识别、分析和风险评估方法的研究, 负责人, 企业委托, 2021-01--2021-12
( 5 ) 终端智能模型的安全防御技术研究, 负责人, 企业委托, 2022-08--2023-07
( 6 ) 人工智能系统的安全评估与防御技术研究, 负责人, 中国科学院计划, 2022-01--2023-12

指导学生

   
指导&协助指导学生

李雪扬 博士研究生(曾获硕士研究生国家奖学金)

周嘉辰 博士研究生

刘通     博士研究生

张英杰 博士研究生

蔡毓灵  硕士研究生  

向凡      硕士研究生  

王铭思  硕士研究生 

孙堃      硕士研究生  

李懿霖  硕士研究生  

王庆昕  硕士研究生  

昌海龙  硕士研究生

孙铭扬  硕士研究生

肖书慧  硕士研究生


学生毕业去向

【2024届】

邓子壮,博士,山大副研究员(曾获博士研究生国家奖学金等)

赖   堃, 硕士,阿里云

兰一冰,硕士,建行总部

相    璐,硕士,银河证券


【2023届】

郭芝秀,博士,建行总部(曾获国家奖学金、所长优秀奖、国科大一等学业奖学金等)

黄伟豪,博士,中山大学师资博士后

闫秋存,硕士,建设银行总部

张晓东,硕士,大连商品交易所

陈宏程,硕士,京东


【2022届】

何英哲,博士,华为“天才少年” (曾获国科大院长优秀奖、国家奖学金、朱李月华奖学金、所长优秀奖等)

于冬松,博士,中关村实验室助理研究员

胡兴波,硕士,上海华为