Publications

[DBLP] [Google Scholar]

SCAD: Towards a Universal and Automated Network Side-Channel Vulnerability Detection
Keyu Man, Zhongjie Wang, Yu Hao, Shenghan Zheng, Xin’an Zhou, Yue Cao, Zhiyun Qian
IEEE Symposium on Security and Privacy, S&P 25.

SymBisect: Accurate Bisection for Fuzzer-Exposed Vulnerabilities
Zheng Zhang, Yu Hao, Weiteng Chen, Xiaochen Zou, Xingyu Li, Haonan Li, Yizhuo Zhai, Zhiyun Qian, Billy Lau
USENIX Security Symposium 2024, USENIX Security 24.

Enhancing Static Analysis for Practical Bug Detection: An LLM-Integrated Approach
Haonan Li, Yu Hao, Yizhuo Zhai, Zhiyun Qian
ACM SIGPLAN International Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA 24.
[PDF] [Tool]

SyzGen++: Dependency Inference for Augmenting Kernel Driver Fuzzing
Weiteng Chen, Yu Hao, Zheng Zhang, Xiaochen Zou, Dhilung Kirat, Shachee Mishra, Douglas Schales, Jiyong Jang, Zhiyun Qian
IEEE Symposium on Security and Privacy, S&P 24. [PDF] [Tool]

SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem
Xiaochen Zou, Yu Hao, Zheng Zhang, Juefei Pu, Weiteng Chen, Zhiyun Qian
Network and Distributed System Security Symposium, NDSS 24. [PDF] [Tool]

E&V: Prompting Large Language Models to Perform Static Analysis by Pseudo-code Execution and Verification
Yu Hao, Weiteng Chen, Ziqiao Zhou, Weidong Cui [PDF]arXiv

Assisting Static Analysis with Large Language Models: A ChatGPT Experiment
Haonan Li, Yu Hao, Yizhuo Zhai, Zhiyun Qian
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Ideas, Visions and Reflections, ESEC/FSE 23 IVR [PDF] [Publication] [Tool]

SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers
Yu Hao, Guoren Li, Xiaochen Zou, Weiteng Chen, Shitong Zhu, Zhiyun Qian, Ardalan Amiri Sani
IEEE Symposium on Security and Privacy, S&P 23. [PDF] [Publication] [Tool] [Result]

Demystifying the Dependency Challenge in Kernel Fuzzing
Yu Hao, Hang Zhang, Guoren Li, Xingyun Du, Zhiyun Qian, Ardalan Amiri Sani
IEEE/ACM International Conference on Software Engineering, ICSE 22. [PDF] [Publication] [Tool] [Result]

Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel
Yizhuo Zhai, Yu Hao, Zheng Zhang, Weiteng Chen, Guoren Li, Zhiyun Qian, Chengyu Song, Manu Sridharan, Srikanth V. Krishnamurthy, Trent Jaeger, Paul Yu
Network and Distributed System Security Symposium, NDSS 22. [PDF] [Publication] [Tool]

Eluding ML-based Adblockers With Actionable Adversarial Examples
Shitong Zhu, Zhongjie Wang, Xun Chen, Shasha Li, Keyu Man, Umar Iqbal, Zhiyun Qian, Kevin S Chan, Srikanth V Krishnamurthy, Zubair Shafiq, Yu Hao, Guoren Li, Zheng Zhang, Xiaochen Zou
Annual Computer Security Applications Conference, ACSAC 21. [PDF] [Publication] [Tool]

Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison
Zhongjie Wang, Shitong Zhu, Keyu Man, Pengxiong Zhu, Yu Hao, Zhiyun Qian, Srikanth V. Krishnamurthy, Tom La Porta, Michael J. De Lucia
ACM SIGSAC Conference on Computer and Communications Security, CCS 21. [PDF] [Publication] [Tool]

Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels
Hang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, Zhiyun Qian
ACM SIGSAC Conference on Computer and Communications Security, CCS 21. [PDF] [Publication] [Tool]

UBITect: A Precise and Scalable Method to Detect Use-before-Initialization Bugs in Linux Kernel
Yizhuo Zhai, Yu Hao, Hang Zhang, Daimeng Wang, Chengyu Song, Zhiyun Qian, Mohsen Lesani, Srikanth V. Krishnamurthy, Paul Yu
ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 20. [PDF] [Publication] [Tool]

ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs
Yang Liu, Ming Fan, Ting Liu, Yu Hao, Zisen Xu, Kai Chen, Hao Chen, and Yan Cai
IEEE Transactions on Reliability [Publication] [Code] [Result]

ConcSpectre: Be Aware of Forthcoming Malware Hidden in Concurrent Programs
Yang Liu, Ming Fan, Ting Liu, Yu Hao, Zisen Xu, Kai Chen, Hao Chen, and Yan Cai
IEEE International Conference on Software Quality, Reliability, and Security, QRS 21. [Best Paper Award] [PDF] [Code] [Result]

Tell You a Definite Answer: Whether Your Data is Tainted During Thread Scheduling
Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Yu Hao, Pei Liu, Ting Liu
IEEE Transactions on Software Engineering, TSE [Publication] [Tool] [Result],

Debugging Multithreaded Programs as if They Were Sequential
Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Yu Hao, Pei Liu, Lechen Yu, Ting Liu
IEEE Access [Publication] [Benchmarks] [Tool]

Automated Testing of Definition-Use Data Flow for Multithreaded Programs
Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Pei Liu, Jialiang Chang, Yu Hao, Ting Liu
IEEE International Conference on Software Testing, Verification and Validation, ICST 17. [PDF] [Publication] [Tool]

Debugging Multithreaded Programs as if They Were Sequential
Xiaodong Zhang, Zijiang Yang, Qinghua Zheng, Yu Hao, Pei Liu, Lechen Yu, Ming Fan, Ting Liu
IEEE International Conference on Software Analysis, Testing and Evolution, SATE 16. [Publication] [Tool]