My name is Yu Hao. I am a Security Researcher at Huawei HarmonyOS System Security Team. I earned my Ph.D. in Computer Science from UC Riverside in 2024, under the supervision of Prof. Zhiyun Qian. I earned my Master and Bachelor degrees at Xi’an Jiaotong University under the supervision of Prof. Ting Liu.
My research focuses on operating system security and program analysis (for C/C++). My research improves multiple program analysis and testing techniques (e.g., Fuzzing, LLMs for Security, Static Analysis based on LLVM/Clang, Symbolic Execution), thereby combining the advantages of those techniques to systematically and automatically improve the security for real world software system (e.g., Linux kernel, Hongmeng kernel, concurrent program). My research has led to multiple papers published in several prestigious conferences (e.g., S&P, USENIX Security, CCS, NDSS, ICSE, FSE) and journal (e.g., TSE). The open source tools attract interest from and applied in academia, community and industry. Besides open source tools, I also report bugs and CVE for Linux kernel and contribute patches.
Selected Publications
SyzSpec: Specification Generation for Linux Kernel Fuzzing via Under-Constrained Symbolic Execution
Yu Hao, Juefei Pu, Xingyu Li, Zhiyun Qian, Ardalan Amiri Sani
ACM SIGSAC Conference on Computer and Communications Security (CCS 25)
[Distinguished Paper Award]SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection
Keyu Man, Zhongjie Wang, Yu Hao, Shenghan Zheng, Xin’an Zhou, Yue Cao, Zhiyun Qian
IEEE Symposium on Security and Privacy (S&P 25)SymBisect: Accurate Bisection for Fuzzer-Exposed Vulnerabilities
Zheng Zhang, Yu Hao, Weiteng Chen, Xiaochen Zou, Xingyu Li, Haonan Li, Yizhuo Zhai, Zhiyun Qian, Billy Lau
USENIX Security Symposium (USENIX Security 24)
PDF