基本信息
李炼  男  博导  中国科学院计算技术研究所
电子邮件: lianli@ict.ac.cn
通信地址: 中科院计算所国家重点实验室
邮政编码:

研究领域

我们小组专注于研究通过程序分析技术来帮助提高软件系统的可靠性和安全性。我们的目标是研究创新的程序分析方法并实现切实有效的开发工具,来帮助程序开发人员和测试人员有效解决软件中普遍存在的可靠性和安全性问题。我们开发了静态分析检测系统Wukong。 Wukong实现了一系列深度程序分析方法,能够检测跨函数、跨组件、涉及复杂依赖关系的深度安全漏洞。 Wukong支持主流 C/C++、 Java、 Android等编程语言及开发环境, 并能够从谷歌Chromium、 Bash、 sed、 大数据处理系统Hadoop等常见开源软件中发现数千已有商业工具无法检测到的深层错误和潜在安全漏洞, 其中超过一百个严重错误已经被开源社区确认。我们研究的方法和工具已经发表在领域内顶级会议包括 SOSP、FSE、ASE、CGO上。

招生信息

   
招生专业
081202-计算机软件与理论
招生方向
程序分析,软件安全,软件工程

教育背景

2003-03--2007-08   University of New South Wales, Australia   博士
1993-09--1998-06   清华大学工程物理系   学士

工作经历

   
工作简历
2015-04~现在, 中国科学院计算技术研究所, 研究员
2011-06~2015-03,甲骨文公司澳大利亚实验室, 主管研究员 (Principal member of technical staff)
2008-06~2011-06,升阳公司实验室, 高级研究员(Senior Member of Technical Staff)
2007-09~2008-05,University of New South Wales, Australia, PostDoc
2001-08~2002-10,Celestry公司北京分公司, 软件工程师
1998-07~2001-07,中国科学院计算技术研究所, 助理研究员

教授课程

编译程序高级教程

专利与奖励

   
专利成果
( 1 ) System and method for overflow detection using symbolic analysis, 发明, 2012, 第 1 作者, 专利号: US 12/642,729
( 2 ) Points-to analysis as value flow, 发明, 2012, 第 1 作者, 专利号: US 13/117,058
( 3 ) Context-sensitive analysis framework using value flows, 发明, 2012, 第 1 作者, 专利号: US 13/117,078
( 4 ) cifuentes,Path-sensitive analysis framework for bug checking, 发明, 2015, 第 1 作者, 专利号: US 14/188,552
( 5 ) Method and system for performing backward-driven path-sensitive dataflow analysis, 发明, 2013, 第 3 作者, 专利号: US 13/192,349

出版信息

   
发表论文
[1] 李昊峰, 陆杰, 孟海宁, 曹立庆, 黄永恒, 李炼, 高琳. Generic sensitivity: customizing context-sensitive pointer analysis for generics. the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineeringnull. 2022, [2] 陆杰, 李昊峰, 刘晨, 李炼, 陈琨. Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems. the 2022 ACM SIGSAC Conference on Computer and Communications Securitynull. 2022, [3] 顾芳铭, 郭青丽, 李炼, 彭峙酿, 林巍, 杨晓波, 龚晓锐. COMRACE: Detecting Data Race Vulnerabilities in COM Objects. Usenix Securitynull. 2022, [4] 李昊峰, 陆杰, 孟海宁, 曹立庆, 黄永恒, 李炼, 高琳. Generic sensitivity: customizing context-sensitive pointer analysis for generics. the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineeringnull. 2022, [5] 陆杰, 李昊峰, 刘晨, 李炼, 陈琨. Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems. the 2022 ACM SIGSAC Conference on Computer and Communications Securitynull. 2022, [6] 顾芳铭, 郭青丽, 李炼, 彭峙酿, 林巍, 杨晓波, 龚晓锐. COMRACE: Detecting Data Race Vulnerabilities in COM Objects. Usenix Securitynull. 2022, [7] 陆杰, 李丰, 李炼, 冯晓兵, xue jingling. CloudRaid: Detecting Distributed Concurrency Bugs via Log-Mining and Enhancement. IEEE Transactions on Software Engineering[J]. 2021, [8] 李昊峰, 孟海宁, 郑恒杰, 曹立庆, 陆杰, Li Lian. Scaling up the IFDS Algorithm with Efficient Disk-based Computing. International Symposium on Code Generation and Optimization (CGO'21)[J]. 2021, [9] Li Lian. Detecting TensorFlow Program Bugs in Real-World Industrial Environment. The 36th IEEE/ACM International Conference on Automated Software Engineering (ASE'21). 2021, [10] Yuan, Ting, Li, Guangwei, Lu, Jie, Liu, Chen, Li, Lian, Xue, Jingling, Lee, JW, Soffa, ML, Zaks, A. GoBench: A Benchmark Suite of Real-World Go Concurrency Bugs. CGO '21: PROCEEDINGS OF THE 2021 IEEE/ACM INTERNATIONAL SYMPOSIUM ON CODE GENERATION AND OPTIMIZATION (CGO)null. 2021, 187-199, [11] 陆杰, 李丰, 李炼, 冯晓兵, xue jingling. CloudRaid: Detecting Distributed Concurrency Bugs via Log-Mining and Enhancement. IEEE Transactions on Software Engineering[J]. 2021, [12] 李昊峰, 孟海宁, 郑恒杰, 曹立庆, 陆杰, Li Lian. Scaling up the IFDS Algorithm with Efficient Disk-based Computing. International Symposium on Code Generation and Optimization (CGO'21)[J]. 2021, [13] Li Lian. Detecting TensorFlow Program Bugs in Real-World Industrial Environment. The 36th IEEE/ACM International Conference on Automated Software Engineering (ASE'21). 2021, [14] Yuan, Ting, Li, Guangwei, Lu, Jie, Liu, Chen, Li, Lian, Xue, Jingling, Lee, JW, Soffa, ML, Zaks, A. GoBench: A Benchmark Suite of Real-World Go Concurrency Bugs. CGO '21: PROCEEDINGS OF THE 2021 IEEE/ACM INTERNATIONAL SYMPOSIUM ON CODE GENERATION AND OPTIMIZATION (CGO)null. 2021, 187-199, [15] Li Lian. Performance-Boosting Sparsification of the IFDS Algorithm with Applications to Taint Analysis (Distinguished Paper Award). the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE'19). 2019, [16] Lu Jie, Chen Liu, Li Lian, Feng Xiaobing. Understanding Node Change Bugs for Distributed Systems. 2019 IEEE 26TH INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION AND REENGINEERING (SANER)[J]. 2019, 399-410, http://apps.webofknowledge.com/CitedFullRecord.do?product=UA&colName=WOS&SID=5CCFccWmJJRAuMzNPjj&search_mode=CitedFullRecord&isickref=WOS:000469754100039.
[17] Lu, Jie, Liu, Chen, Li, Lian, Feng, Xiaobing, Tan, Feng, Yang, Jun, You, Liang, ACM. CrashTuner: Detecting Crash-Recovery Bugs in Cloud Systems via Meta-Info Analysis. PROCEEDINGS OF THE TWENTY-SEVENTH ACM SYMPOSIUM ON OPERATING SYSTEMS PRINCIPLES (SOSP '19)null. 2019, 114-130, http://dx.doi.org/10.1145/3341301.3359645.
[18] Li Lian. Performance-Boosting Sparsification of the IFDS Algorithm with Applications to Taint Analysis (Distinguished Paper Award). the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE'19). 2019, [19] Lu Jie, Chen Liu, Li Lian, Feng Xiaobing. Understanding Node Change Bugs for Distributed Systems. 2019 IEEE 26TH INTERNATIONAL CONFERENCE ON SOFTWARE ANALYSIS, EVOLUTION AND REENGINEERING (SANER)[J]. 2019, 399-410, http://apps.webofknowledge.com/CitedFullRecord.do?product=UA&colName=WOS&SID=5CCFccWmJJRAuMzNPjj&search_mode=CitedFullRecord&isickref=WOS:000469754100039.
[20] Lu, Jie, Liu, Chen, Li, Lian, Feng, Xiaobing, Tan, Feng, Yang, Jun, You, Liang, ACM. CrashTuner: Detecting Crash-Recovery Bugs in Cloud Systems via Meta-Info Analysis. PROCEEDINGS OF THE TWENTY-SEVENTH ACM SYMPOSIUM ON OPERATING SYSTEMS PRINCIPLES (SOSP '19)null. 2019, 114-130, http://dx.doi.org/10.1145/3341301.3359645.
[21] Lu, Jie, Li, Feng, Li, Lian, Feng, Xiaobing, Leavens, GT, Garcia, A, Pasareanu, CS. CloudRaid: Hunting Concurrency Bugs in the Cloud via Log-Mining. ESEC/FSE'18: PROCEEDINGS OF THE 2018 26TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERINGnull. 2018, 3-14, http://dx.doi.org/10.1145/3236024.3236071.
[22] He, Dongjie, Li, Lian, Wang, Lei, Zheng, Hengjie, Li, Guangwei, Xue, Jingling, Huchard, M, Kastner, C, Fraser, G. Understanding and Detecting Evolution-Induced Compatibility Issues in Android Apps. PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18)null. 2018, 167-177, [23] 冯晓兵. May-happen-in-parallel analysis with static vector clocks. Proceedings of the 2018 International Symposium on Code Generation and Optimization. 2018, [24] Lu, Jie, Li, Feng, Li, Lian, Feng, Xiaobing, Leavens, GT, Garcia, A, Pasareanu, CS. CloudRaid: Hunting Concurrency Bugs in the Cloud via Log-Mining. ESEC/FSE'18: PROCEEDINGS OF THE 2018 26TH ACM JOINT MEETING ON EUROPEAN SOFTWARE ENGINEERING CONFERENCE AND SYMPOSIUM ON THE FOUNDATIONS OF SOFTWARE ENGINEERINGnull. 2018, 3-14, http://dx.doi.org/10.1145/3236024.3236071.
[25] He, Dongjie, Li, Lian, Wang, Lei, Zheng, Hengjie, Li, Guangwei, Xue, Jingling, Huchard, M, Kastner, C, Fraser, G. Understanding and Detecting Evolution-Induced Compatibility Issues in Android Apps. PROCEEDINGS OF THE 2018 33RD IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMTED SOFTWARE ENGINEERING (ASE' 18)null. 2018, 167-177, [26] 冯晓兵. May-happen-in-parallel analysis with static vector clocks. Proceedings of the 2018 International Symposium on Code Generation and Optimization. 2018, [27] 王蕾, 李丰, 李炼, 冯晓兵. 污点分析技术的原理和实践应用. 软件学报[J]. 2017, 28(4): 860-882, http://lib.cqvip.com/Qikan/Article/Detail?id=671917931.
[28] Jian Zhang. Symbolic Execution with Value-range Analysis for Floating-point Exception Detection. 24th Asia-Pacific Software Engineering Conference (APSEC'17). 2017, [29] Li Lian, Lu Yi, Xue Jingling, Wu P, Hack S. Dynamic Symbolic Execution for Polymorphism. CC'17: PROCEEDINGS OF THE 26TH INTERNATIONAL CONFERENCE ON COMPILER CONSTRUCTIONnull. 2017, 120-130, http://dx.doi.org/10.1145/3033019.3033029.
[30] 王蕾, 李丰, 李炼, 冯晓兵. 污点分析技术的原理和实践应用. 软件学报[J]. 2017, 28(4): 860-882, http://lib.cqvip.com/Qikan/Article/Detail?id=671917931.
[31] Jian Zhang. Symbolic Execution with Value-range Analysis for Floating-point Exception Detection. 24th Asia-Pacific Software Engineering Conference (APSEC'17). 2017, [32] Li Lian, Lu Yi, Xue Jingling, Wu P, Hack S. Dynamic Symbolic Execution for Polymorphism. CC'17: PROCEEDINGS OF THE 26TH INTERNATIONAL CONFERENCE ON COMPILER CONSTRUCTIONnull. 2017, 120-130, http://dx.doi.org/10.1145/3033019.3033029.
[33] Liu Lei, Yang Hao, Li Yong, Xie Mengyao, Li Lian, Wu Chenggang, IEEE. Memos: A Full Hierarchy Hybrid Memory Management Framework. PROCEEDINGS OF THE 34TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER DESIGN (ICCD)null. 2016, 368-371, [34] Liu Lei, Yang Hao, Li Yong, Xie Mengyao, Li Lian, Wu Chenggang, IEEE. Memos: A Full Hierarchy Hybrid Memory Management Framework. PROCEEDINGS OF THE 34TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER DESIGN (ICCD)null. 2016, 368-371, [35] Li, Lian, Cifuentes, Cristina, Keynes, Nathan. Precise and Scalable Context-Sensitive Pointer Analysis via Value Flow Graph. ACM SIGPLAN NOTICES[J]. 2013, 48(11): 85-96, https://www.webofscience.com/wos/woscc/full-record/WOS:000329972200009.
[36] Winter Kirsten, Zhang Chenyi, Hayes Ian J, Keynes Nathan, Cifuentes Cristina, Li Lian, Groves L, Sun J. Path-Sensitive Data Flow Analysis Simplified. FORMAL METHODS AND SOFTWARE ENGINEERINGnull. 2013, 8144: 415-430, [37] Li, Lian, Cifuentes, Cristina, Keynes, Nathan. Precise and Scalable Context-Sensitive Pointer Analysis via Value Flow Graph. ACM SIGPLAN NOTICES[J]. 2013, 48(11): 85-96, https://www.webofscience.com/wos/woscc/full-record/WOS:000329972200009.
[38] Winter Kirsten, Zhang Chenyi, Hayes Ian J, Keynes Nathan, Cifuentes Cristina, Li Lian, Groves L, Sun J. Path-Sensitive Data Flow Analysis Simplified. FORMAL METHODS AND SOFTWARE ENGINEERINGnull. 2013, 8144: 415-430, [39] Li Lian. Through the Looking Glass: Transitioning Parfait into a Development Tool. IEEE Security & Privacy Journal. 2012, [40] Li Lian. SEED: A Statically-Greedy and Dynamically-Adaptive Approach for Speculative Loop Execution. IEEE Transaction on Computers. 2012, [41] Li Lian. Through the Looking Glass: Transitioning Parfait into a Development Tool. IEEE Security & Privacy Journal. 2012, [42] Li Lian. SEED: A Statically-Greedy and Dynamically-Adaptive Approach for Speculative Loop Execution. IEEE Transaction on Computers. 2012, [43] Li Lian. Boosting the Performance of Flow-sensitive Pointer Analysis using Value Flow. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2011, [44] Li Lian. Static Deep Error Checking in Large System Applications using Parfait. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2011, [45] Li Lian. Boosting the Performance of Flow-sensitive Pointer Analysis using Value Flow. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2011, [46] Li Lian. Static Deep Error Checking in Large System Applications using Parfait. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2011, [47] Li, Lian, Xue, Jingling, Knoop, Jens. Scratchpad Memory Allocation for Data Aggregates via Interval Coloring in Superperfect Graphs. ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS[J]. 2010, 10(2): https://www.webofscience.com/wos/woscc/full-record/WOS:000285875500014.
[48] Li Lian. Practical and Effective Symbolic Analysis for Buffer Overow Detection. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2010, [49] Li, Lian, Xue, Jingling, Knoop, Jens. Scratchpad Memory Allocation for Data Aggregates via Interval Coloring in Superperfect Graphs. ACM TRANSACTIONS ON EMBEDDED COMPUTING SYSTEMS[J]. 2010, 10(2): https://www.webofscience.com/wos/woscc/full-record/WOS:000285875500014.
[50] Li Lian. Practical and Effective Symbolic Analysis for Buffer Overow Detection. ACM SIGSOFT Symposium on the Foundations of Software Engineering. 2010, [51] Li Lian. BegBunch: Benchmarking for C Bug Detection Tools. Workshop on Defects in Large Software Systems. 2009, [52] Li, Lian, Feng, Hui, Xue, Jingling. Compiler-Directed Scratchpad Memory Management via Graph Coloring. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION[J]. 2009, 6(3): https://www.webofscience.com/wos/woscc/full-record/WOS:000271212500001.
[53] Li Lian. Program Analysis for Bug Detection using Parfait. Workshop on Partial Evaluation and Semantic-Based Program Manipulation. 2009, [54] Li Lian. Exploiting Speculative TLP in Recursive Pro-grams by Dynamic Thread Prediction. International Conference on Compiler Construction. 2009, [55] Li Lian. BegBunch: Benchmarking for C Bug Detection Tools. Workshop on Defects in Large Software Systems. 2009, [56] Li, Lian, Feng, Hui, Xue, Jingling. Compiler-Directed Scratchpad Memory Management via Graph Coloring. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION[J]. 2009, 6(3): https://www.webofscience.com/wos/woscc/full-record/WOS:000271212500001.
[57] Li Lian. Program Analysis for Bug Detection using Parfait. Workshop on Partial Evaluation and Semantic-Based Program Manipulation. 2009, [58] Li Lian. Exploiting Speculative TLP in Recursive Pro-grams by Dynamic Thread Prediction. International Conference on Compiler Construction. 2009, [59] Li Lian. Thread-Sensitive Modulo Scheduling for Multi-core Processors. International Conference on Parallel Processing. 2008, [60] Li Lian. Thread-Sensitive Modulo Scheduling for Multi-core Processors. International Conference on Parallel Processing. 2008, [61] Gao Lin, Li Lian, Xue Jingling, Ngai TinFook, IEEE. Loop recreation for thread-level speculation. 2007 INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS, VOLS 1 AND 2null. 2007, 337-+, [62] Li, an Li, Xue, Jingling. Trace-based leakage energy optimisations at link time. JOURNAL OF SYSTEMS ARCHITECTURE[J]. 2007, 53(1): 1-20, http://dx.doi.org/10.1016/j.sysarc.2006.05.002.
[63] Li Lian, Nguyen Quan Hoang, Xue Jingling, ACM. Scratchpad Allocation for Data Aggregates in Superperfect Graphs. LCTES'07: PROCEEDINGS OF THE 2007 ACM SIGPLAN-SIGBED CONFERENCE ON LANGUAGES, COMPILERS, AND TOOLS FOR EMBEDDED SYSTEMSnull. 2007, 207-216, http://apps.webofknowledge.com/CitedFullRecord.do?product=UA&colName=WOS&SID=5CCFccWmJJRAuMzNPjj&search_mode=CitedFullRecord&isickref=WOS:000266485800030.
[64] Li Lian, Wu Hui, Feng Hui, Xue Jingling, Choi L, Paek Y, Cho S. Towards data tiling for whole programs in sc ratchpad memory allocation. ADVANCES IN COMPUTER SYSTEMS ARCHITECTURE, PROCEEDINGSnull. 2007, 4697: 63-+, [65] Gao Lin, Li Lian, Xue Jingling, Ngai TinFook, IEEE. Loop recreation for thread-level speculation. 2007 INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS, VOLS 1 AND 2null. 2007, 337-+, [66] Li, an Li, Xue, Jingling. Trace-based leakage energy optimisations at link time. JOURNAL OF SYSTEMS ARCHITECTURE[J]. 2007, 53(1): 1-20, http://dx.doi.org/10.1016/j.sysarc.2006.05.002.
[67] Li Lian, Nguyen Quan Hoang, Xue Jingling, ACM. Scratchpad Allocation for Data Aggregates in Superperfect Graphs. LCTES'07: PROCEEDINGS OF THE 2007 ACM SIGPLAN-SIGBED CONFERENCE ON LANGUAGES, COMPILERS, AND TOOLS FOR EMBEDDED SYSTEMSnull. 2007, 207-216, http://apps.webofknowledge.com/CitedFullRecord.do?product=UA&colName=WOS&SID=5CCFccWmJJRAuMzNPjj&search_mode=CitedFullRecord&isickref=WOS:000266485800030.
[68] Li Lian, Wu Hui, Feng Hui, Xue Jingling, Choi L, Paek Y, Cho S. Towards data tiling for whole programs in sc ratchpad memory allocation. ADVANCES IN COMPUTER SYSTEMS ARCHITECTURE, PROCEEDINGSnull. 2007, 4697: 63-+, [69] Li, Lian, Xue, Jingling, Jesshope, C, Egan, C. Trace-based data cache leakage reduction at link time. ADVANCES IN COMPUTER SYSTEMS ARCHITECTURE, PROCEEDINGS[J]. 2006, 4186: 175-188, https://www.webofscience.com/wos/woscc/full-record/WOS:000241449500014.
[70] Li, Lian, Xue, Jingling, Jesshope, C, Egan, C. Trace-based data cache leakage reduction at link time. ADVANCES IN COMPUTER SYSTEMS ARCHITECTURE, PROCEEDINGS[J]. 2006, 4186: 175-188, https://www.webofscience.com/wos/woscc/full-record/WOS:000241449500014.
[71] Li Lian. Memory Coloring: A Compiler Approach for Scratchpad Memory Management. International Conference on Parallel Architecture and Compilation Techniques. 2005, [72] Li Lian. Memory Coloring: A Compiler Approach for Scratchpad Memory Management. International Conference on Parallel Architecture and Compilation Techniques. 2005, [73] Li, L, Xue, JL. A trace-based binary compilation framework for energy-aware computing. ACM SIGPLAN NOTICES[J]. 2004, 39(7): 95-106, https://www.webofscience.com/wos/woscc/full-record/WOS:000223288600012.
[74] Li, L, Xue, JL. A trace-based binary compilation framework for energy-aware computing. ACM SIGPLAN NOTICES[J]. 2004, 39(7): 95-106, https://www.webofscience.com/wos/woscc/full-record/WOS:000223288600012.

科研活动

   

指导学生

已指导学生

周卿  博士研究生  081201-计算机系统结构  

陆杰  博士研究生  081201-计算机系统结构  

王科峰  硕士研究生  085211-计算机技术  

何冬杰  硕士研究生  081201-计算机系统结构  

张馨元  硕士研究生  081201-计算机系统结构  

郑恒杰  硕士研究生  081202-计算机软件与理论  

现指导学生

袁挺  博士研究生  081201-计算机系统结构  

孟海宁  博士研究生  081202-计算机软件与理论  

刘晨  博士研究生  081202-计算机软件与理论  

李广威  博士研究生  081202-计算机软件与理论  

李昊峰  博士研究生  081202-计算机软件与理论  

陈宇翔  博士研究生  081202-计算机软件与理论  

黄永恒  硕士研究生  081202-计算机软件与理论