General
LI Menghao     Institute of information engineering, Chinese Acamedy of Sciences 

Email: limenghao@iie.ac.cn

Address:No. 19 Shucun Rd, Haidian District, Beijing


Research Areas

CyberSecurity, Software Security, Firmware Security, Reverse Engineering of Binary code

Education

2013-09--2017-07, Institute of Information Engineering, CAS, PhD degree

2010-09--2013-01, University of Science and Technology of China, Master degree

Experience

   
Work Experience

2020-10~now, Insititute of Information Engineering, CAS, Associate Professer​

2017-07~2020-10,  Insititute of Information Engineering, CAS, Assistant Professor

Teaching Experience

Exploiting software vulnerabilities—Methodologies, Techniques and Practices, Experimental course of Graduate Students


Compiler Principles and Practices, Elective course of Undergraduate Students

Publications


Papers

1. Jiawei Yin, Menghao Li, Yuekang Li, Yong Yu, Boru Lin, Yanyan Zou, Yang Liu, Wei Huo, Jingling Xue, "RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing," 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2023, pp. 2155-2169, doi: 10.1109/SP46215.2023.10179421.

2. Jiawei Yin, Menghao Li, Wei Wu, Dandan Sun, Jianhua Zhou, Wei Huo, Jingling Xue, "Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis," 2022 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2022, pp. 1623-1637, doi: 10.1109/SP46214.2022.9833723

3. Menghao LiWei Wang, Pei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, Wei Huo, "LibD: Scalable and Precise Third-Party Library Detection in Android Markets," 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE), Buenos Aires, Argentina, 2017, pp. 335-346, doi: 10.1109/ICSE.2017.38.

4. Menghao Li​, Pei Wang, Wei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, Wei Huo, Wei Zou, "Large-Scale Third-Party Library Detection in Android Markets," in IEEE Transactions on Software Engineering, vol. 46, no. 9, pp. 981-1003, 1 Sept. 2020, doi: 10.1109/TSE.2018.2872958

5. Menghao Li, Liang Yang, Zimu Yuan, Rui Zhang, Rui Xue, "An Approach for Mitigating Potential Threats in Practical SSO Systems." Information Security and Cryptology: 11th International Conference, Inscrypt 2015, Beijing, China, November 1-3, 2015, Revised Selected Papers 11. Springer International Publishing, 2016.

Research Interests

Security Analysis of Software, software and firmware vulnerability detection