Publications

2025

CCS 2025

SyzSpec: Specification Generation for Linux Kernel Fuzzing via Under-Constrained Symbolic Execution

Yu Hao, Juefei Pu, Xingyu Li, Zhiyun Qian, Ardalan Amiri Sani

ACM SIGSAC Conference on Computer and Communications Security (CCS 25)

Distinguished Paper Award

S&P 2025

SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection

Keyu Man, Zhongjie Wang, Yu Hao, Shenghan Zheng, Xin’an Zhou, Yue Cao, Zhiyun Qian

IEEE Symposium on Security and Privacy (S&P 25)

2024

USENIX Security 24

SymBisect: Accurate Bisection for Fuzzer-Exposed Vulnerabilities

Zheng Zhang, Yu Hao, Weiteng Chen, Xiaochen Zou, Xingyu Li, Haonan Li, Yizhuo Zhai, Zhiyun Qian, Billy Lau

USENIX Security Symposium 2024

PDF
OOPSLA 24

Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach

Haonan Li, Yu Hao, Yizhuo Zhai, Zhiyun Qian

ACM OOPSLA 24

PDF
S&P 24

SyzGen++: Dependency Inference for Augmenting Kernel Driver Fuzzing

Weiteng Chen, Yu Hao, Zheng Zhang, Xiaochen Zou, Dhilung Kirat, Shachee Mishra, Douglas Schales, Jiyong Jang, Zhiyun Qian

IEEE Symposium on Security and Privacy (S&P 24)

PDF
NDSS 24

SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem

Xiaochen Zou, Yu Hao, Zheng Zhang, Juefei Pu, Weiteng Chen, Zhiyun Qian

Network and Distributed System Security Symposium (NDSS 24)

PDF
ArXiv (Preprint)

E&V: Prompting Large Language Models to Perform Static Analysis by Pseudo-code Execution and Verification

Yu Hao, Weiteng Chen, Ziqiao Zhou, Weidong Cui

AGI Leap Summit 2024 HoTSoS 2024

2023

FSE 23

Assisting Static Analysis with Large Language Models: A ChatGPT Experiment

Haonan Li, Yu Hao, Yizhuo Zhai, Zhiyun Qian

The ACM International Conference on the Foundations of Software Engineering (FSE 23 IVR)

PDF
S&P 23

SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers

Yu Hao, Guoren Li, Xiaochen Zou, Weiteng Chen, Shitong Zhu, Zhiyun Qian, Ardalan Amiri Sani

44th IEEE Symposium on Security and Privacy (S&P 23)

PDF

2022

ICSE 22

Demystifying the Dependency Challenge in Kernel Fuzzing

Yu Hao, Hang Zhang, Guoren Li, Xingyun Du, Zhiyun Qian, Ardalan Amiri Sani

IEEE/ACM International Conference on Software Engineering (ICSE 22)

Google Research Paper Rewards

NDSS 22

Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel

Yizhuo Zhai, Yu Hao, Zheng Zhang, Weiteng Chen, Guoren Li, Zhiyun Qian, Chengyu Song, Manu Sridharan, Srikanth V. Krishnamurthy, Trent Jaeger, Paul Yu

Network and Distributed System Security Symposium (NDSS 22)

2021

CCS 21

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison

Zhongjie Wang, Shitong Zhu, Keyu Man, Pengxiong Zhu, Yu Hao, Zhiyun Qian, Srikanth V. Krishnamurthy, Tom La Porta, Michael J. De Lucia

ACM SIGSAC Conference on Computer and Communications Security (CCS 21)

CCS 21

Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels

Hang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, Zhiyun Qian

ACM SIGSAC Conference on Computer and Communications Security (CCS 21)

ACSAC 21

Eluding ML-based Adblockers With Actionable Adversarial Examples

Shitong Zhu, Zhongjie Wang, Xun Chen, Shasha Li, Keyu Man, Umar Iqbal, Zhiyun Qian, Kevin S Chan, Srikanth V Krishnamurthy, Zubair Shafiq, Yu Hao, ...

Annual Computer Security Applications Conference (ACSAC 21)

QRS 21

ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs

Yang Liu, Ming Fan, Ting Liu, Yu Hao, Zisen Xu, Kai Chen, Hao Chen, Yan Cai

IEEE International Conference on Software Quality, Reliability, and Security (QRS 21)

Best Paper Award

2020 & Earlier

FSE 20

UBITect: A Precise and Scalable Method to Detect Use-before-Initialization Bugs in Linux Kernel

Yizhuo Zhai, Yu Hao, Hang Zhang, Daimeng Wang, Chengyu Song, Zhiyun Qian, Mohsen Lesani, Srikanth V. Krishnamurthy, Paul Yu

ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE 20)

ICST 17

Automated Testing of Definition-Use Data Flow for Multithreaded Programs

Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Pei Liu, Jialiang Chang, Yu Hao, Ting Liu

IEEE International Conference on Software Testing, Verification and Validation (ICST 17)

SATE 16

Debugging Multithreaded Programs as if They Were Sequential

Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Yu Hao, Pei Liu, Lechen Yu, Ming Fan, Ting Liu

IEEE International Conference on Software Analysis, Testing and Evolution (SATE 16)

Journals

TSE

Tell You a Definite Answer: Whether Your Data is Tainted During Thread Scheduling

Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Yu Hao, Pei Liu, Ting Liu

IEEE Transactions on Software Engineering (TSE)

IEEE Transactions on Reliability

ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs

Yang Liu, Ming Fan, Ting Liu, Yu Hao, Zisen Xu, Kai Chen, Hao Chen, Yan Cai

IEEE Transactions on Reliability

Patent

TAINT ANALYSIS METHOD EMPLOYING SYMBOLIC COMPUTATION AND USED FOR DYNAMIC PARALLEL PROGRAM

WO2017181628 [PCT] [CN]

Thesis

Ph.D. Thesis

Expanding the Boundaries of OS Kernel Fuzzing

University of California, Riverside, 2024

Master Thesis

Research on Malicious Code Hiding Methods Based on Uncertain Interleaving of Concurrent Programs

Xi’an Jiaotong University, 2018

© 2025 Yu Hao. All rights reserved.

Designed with ✨ by Gemini