Home   

Yueqi Chen Full CV
Ph.D Student
College of Information Sciences & Technology
The Pennsylvania State University
State College, PA

Contact
Westgate Building. E364
State College, PA 16803
yxc431 AT ist DOT psu DOT edu


I am a first second year Ph.D student in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017.

My research interests lie in software security and are driven by three premises:

  • Software is inherently vulnerable.
  • Defense is indispensable but not panacea.
  • People never learn the value of security until attacked.

In particular, I am interested in developing techniques that automatically discover, exploit, and patch vulnerabilities for complex softwares such as operating system kernel. My approach is based on program analysis.

Publication

    Hack OS Kernel

  • KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities [ TBD ]
    Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
    The 28th USENIX Security Symposium (USENIX Security'19)
    Given control-flow hijacking primitive, a generic approach bypassing almost all default enabled protection techniques in Linux distros.
    Choke me if you can. Otherwise, maybe we should re-think design of protection techniques in Linux kernel.

  • FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities [ PDF ]
    Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
    The 27th USENIX Security Symposium (USENIX Security'18)
    Diversify the "use" part of a Use-After-Free vulnerability in Linux kernel to discover more, stronger exploit primitives.
    Here is a practice exploring exploitability of a vulnerability in complex software.

   Grasp Vulnerability

  • Towards the Detection of Inconsistencies in Public Security Vulnerability Reports [ TBD ]
    Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
    The 28th USENIX Security Symposium (USENIX Security'19)
    Vulnerability reports do not tell all truth and even make mistakes.
    Not good, buddy!

Honor and Award

  • DEF CON 26 CTF, Team jd-r3kapig, Final, 2018
  • Black Hat USA, Student Scholarship, 2018
  • The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
  • 2017 NSA codebreaker Challenge, Team member, Rank 5, 2017
  • Compiler Optimization Contest in Nanjing University, Individual, Rank 2, 2015