个人简介
招生专业
081202-计算机软件与理论
招生方向
程序分析,软件安全,软件工程
教育背景
2003-03--2007-08 University of New South Wales, Australia 博士
1993-09--1998-06 清华大学工程物理系 学士
工作简历
2015-04~现在, 中国科学院计算技术研究所, 研究员
2011-06~2015-03,甲骨文公司澳大利亚实验室, 主管研究员 (Principal member of technical staff)
2008-06~2011-06,升阳公司实验室, 高级研究员(Senior Member of Technical Staff)
2007-09~2008-05,University of New South Wales, Australia, PostDoc
2001-08~2002-10,Celestry公司北京分公司, 软件工程师
1998-07~2001-07,中国科学院计算技术研究所, 助理研究员
教授课程
编译程序高级教程
专利成果
( 1 ) System and method for overflow detection using symbolic analysis, 发明, 2012, 第 1 作者, 专利号: US 12/642,729
( 2 ) Points-to analysis as value flow, 发明, 2012, 第 1 作者, 专利号: US 13/117,058
( 3 ) Context-sensitive analysis framework using value flows, 发明, 2012, 第 1 作者, 专利号: US 13/117,078
( 4 ) cifuentes,Path-sensitive analysis framework for bug checking, 发明, 2015, 第 1 作者, 专利号: US 14/188,552
( 5 ) Method and system for performing backward-driven path-sensitive dataflow analysis, 发明, 2013, 第 3 作者, 专利号: US 13/192,349
研究领域
我们小组专注于研究通过程序分析技术来帮助提高软件系统的可靠性和安全性。我们的目标是研究创新的程序分析方法并实现切实有效的开发工具,来帮助程序开发人员和测试人员有效解决软件中普遍存在的可靠性和安全性问题。我们开发了静态分析检测系统Wukong。 Wukong实现了一系列深度程序分析方法,能够检测跨函数、跨组件、涉及复杂依赖关系的深度安全漏洞。 Wukong支持主流 C/C++、 Java、 Android等编程语言及开发环境, 并能够从谷歌Chromium、 Bash、 sed、 大数据处理系统Hadoop等常见开源软件中发现数千已有商业工具无法检测到的深层错误和潜在安全漏洞, 其中超过一百个严重错误已经被开源社区确认。我们研究的方法和工具已经发表在领域内顶级会议包括 SOSP、FSE、ASE、CGO上。
近期论文
查看导师新发文章
(温馨提示:请注意重名现象,建议点开原文通过作者单位确认)
(1) CloudRaid: Detecting Distributed Concurrency Bugs via Log Mining and Enhancement, IEEE Transactions on Software Engineering (TSE), 2020, 通讯作者
(2) Performance-Boosting Sparsification of the IFDS Algorithm with Applications to Taint Analysis (Distinguished Paper Award), the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE'19), 2019, 通讯作者
(3) CrashTuner: Detecting Crash Recovery Bugs in Cloud Systems via Meta-info Analysis, Symposium on Operating Systems Principles (SOSP'19), 2019, 通讯作者
(4) Understanding Node Change Bugs for Distributed Systems, IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER'19), 2019, 通讯作者
(5) CloudRaid : Hunting Concurrency Bugs in the Cloud via Log-Mining, ACM conference on the Foundations of Software Engineering (FSE'18), 2018, 通讯作者
(6) Understanding and Detecting Evolution-induced Compatibility Issues in Android Apps, The 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE'18), 2018, 通讯作者
(7) May-Happen-in-Parallel Analysis with Static Vector Clocks, International Symposium on Code Generation and Optimization (CGO'18), 2018, 通讯作者
(8) Dynamic Symbolic Execution for Polymorphism, 26th International Conference on Compiler Construction (CC'17), 2017, 通讯作者
(9) Symbolic Execution with Value-range Analysis for Floating-point Exception Detection, 24th Asia-Pacific Software Engineering Conference (APSEC'17), 2017, 第 2 作者
(10) Memos: A Full Hierarchy Hybrid Memory Management Framework, The 34th International Conference on Computer Design (ICCD'16), 2016, 第 5 作者
(11) Precise and Scalable Context-sensitive Pointer Analysis via Value Flow Graph, International Symposium on Memory Management (ISMM'13), 2013, 通讯作者
(12) Path-Sensitive Data Flow Analysis Simplified, International Conference on Formal Engineering Methods (ICFEM'13), 2013, 第 4 作者
(13) Through the Looking Glass: Transitioning Parfait into a Development Tool, IEEE Security & Privacy Journal, 2012, 第 3 作者
(14) SEED: A Statically-Greedy and Dynamically-Adaptive Approach for Speculative Loop Execution, IEEE Transaction on Computers, 2012, 第 2 作者
(15) Boosting the Performance of Flow-sensitive Pointer Analysis using Value Flow, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2011, 通讯作者
(16) Static Deep Error Checking in Large System Applications using Parfait, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2011, 第 3 作者
(17) Practical and Effective Symbolic Analysis for Buffer Overow Detection, ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2010, 第 1 作者
(18) Scratchpad Memory Allocation for Data Aggregates via Interval Coloring in Superperfect Graphs, ACM Transaction on Embedded Computing Systems, 2010, 第 1 作者
(19) Program Analysis for Bug Detection using Parfait, Workshop on Partial Evaluation and Semantic-Based Program Manipulation, 2009, 第 3 作者
(20) BegBunch: Benchmarking for C Bug Detection Tools, Workshop on Defects in Large Software Systems, 2009, 第 4 作者
(21) Compiler-directed Scratchpad Memory Management via Graph Coloring, ACM Transaction on Architecture and Code Optimisation, 2009, 第 1 作者
(22) Exploiting Speculative TLP in Recursive Pro-grams by Dynamic Thread Prediction, International Conference on Compiler Construction, 2009, 第 2 作者
(23) Thread-Sensitive Modulo Scheduling for Multi-core Processors, International Conference on Parallel Processing, 2008, 第 3 作者
(24) Towards Data Tiling for Whole Programs in Scratchpad Memory Allocation, Asia-Pacfic Computer Systems Architecture Conference, 2007, 第 1 作者
(25) Scratchpad Allocation for Data Aggregates in Superperfect Graphs, ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems, 2007, 第 1 作者
(26) Trace-based leakage energy optimisations at link time, Journal of Systems Architecture, 2007, 第 1 作者
(27) Loop recreation for thread-level speculation, International Conference on Parallel and Distributed Systems, 2007, 第 2 作者
(28) Trace-Based Data Cache Leakage Reduction at Link Time, Asia-Paci_c Computer Systems Architecture Conference, 2006, 第 1 作者
(29) Memory Coloring: A Compiler Approach for Scratchpad Memory Management, International Conference on Parallel Architecture and Compilation Techniques, 2005, 第 1 作者
(30) A trace-based binary compilation framework for energy-aware computing, ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems, 2004, 第 1 作者