My research interests lie in the intersection of security and programming language. The goal is to strengthen the security of software applications by using the properties of programming languages. Techniques that commonly involved in my research work include: Security Type Systems,  Data/Control Flow Analysis,  Formal Proof,  Constraint Solvers,  Compiler and etc.

• Information Flow Security: Protecting sensitive information that used by computing systems has been a vital task in information security. Existing security practices can not guarantee that the end-to-end behavior of the system will satisfy important security policies, such as confidentiality. Information flow security is a promising approach to such security enforcement. It aims to protect confidential data used in computing systems. It studies how information propagates through the system and provide end-to-end security guarantee for no disclosure of sensitive data.
• Fault Localizations: Debugging is a painful process in software development. Attempts to reduce the number of delivered faults in software are estimated to consume 50% to 80% of the development and maintenance effort. Given the complexity of software systems, tracing back from the failure to its cause generates a long list of suspicious locations that is hardly useful for programmers. Fault localization technique directs a programmer’s attention to specific parts of a program as potential locations of the errors. In the short-term, fault localization improves the efficiency of debugging; in the long-term, it will be one key enabling technique for developing tools to automatically fix the errors.