Jun Xu's Home Page

Jun Xu

College of Information Sciences and Technology
The Pennsylvania State University

Office: E364 Westgate Building, University Park
Email: jxx13@ist.psu.edu
My Resume


I finished my Ph.D. at the College of Information Sciences and Technology, The Pennsylvania State University. I am advised by Dr. Peng Liu. Before I joined Penn State, I received my bachelor's degree at University of Science and Technology of China (2009-2013).

My research interests include software security and system security. The goal of my research is to secure computing system via neutralizing the risk of vulnerabilities in the software stack. I specialize in vulnerability discovery, runtime protection, and vulnerability diagnosis. I also do research to mitigate the threats of malware.

Recent Research Highlight

  • [August/2018] Our database for the analysis, PoC and execution environments of over 400 vulnerabilities is open sourced. Check out the docker images here: https://vulnreproduction.github.io/
  • [USENIX Security'18] FUZE leverages fuzzing and symbolic execution to facilitate automated Kernel Use-After-Free exploit.
  • [Feb/2018] CREDAL and POMP wins Penn State Alumni Association Dissertation Award.
  • [Nov/2017] Starts a project with JD.com Security on discovering vulnerabilities on IoT devices.
  • [CCS'17] FlashGuard proposes a lightweight and low-cost solution with SSDs to defend against encryption ransomware.
  • [USENIX Security'17] POMP leverages Intel Processor Tracing and reverse execution to diagnoze software crash without source code.
  • [CCS'16] CREDAL analyzes core dumps caused by memory corruption vulnerabilities to locate the crash point, restore the stack trace, and narrow down code segments carrying vulnerabilities.

Journal Publications

Conference Publications

Workshop Publications

Other Publications

  • A Symbolic N-Variant System
    Jun Xu, Pinyao Guo, Bo Chen, Robert F Erbacher, Ping Chen, Peng Liu
    The 2016 ACM Workshop on Moving Target Defense (MTD'16 Demo).

Research Experiences

  • Research Assistant, Pennsylvania State University.
    • Cyber Security Lab, 2013-Now
  • Intern, Samsung Research America
    • System security, Summer 2017
  • Intern, FireEye Inc.
    • Ransomware detection and analysis, Summer 2016
  • Intern, FireEye Inc.
    • Malware unpacking, Summer 2015
  • Intern, Shisheng Inc.
    • Stock market monitoring, Summer 2013

Teaching Experience

  • Teaching Assistant, Pennsylvania State University.
    • [SRA211] Introduction to Informaiton Security, Spring 2017
    • [SRA211] Introduction to Informaiton Security, Fall 2016

Honor and Award

  • Alumni Association Dissertation Award 2018, Penn State
  • RSA Scholarship, RSA Conference 2017, U.S.A.
  • Student Travel Grant, CCS 2016
  • Outstanding Honor for National Undergraduates Innovative Project 2013, China
  • Guo-Moruo Scholarship, University of Science and Technology of China 2013

Professional Services

List of Vulnerability

The full list of vulnerabilities I and my collaborators discovered: link