Home   

Yueqi (Lewis) Chen, 陈越琦 [ CV ]
Ph.D Student
College of Information Sciences & Technology
The Pennsylvania State University

Contact
Westgate Building, E343
State College, PA 16803
ychen AT ist DOT psu DOT edu

I am a 1st/2nd/3rd  4th year Ph.D candidate in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017. I am awarded the 2020 IBM Ph.D Fellowship (1/24 globally).

Winter is coming! We are observing more and more cyber attacks and data breaches. Our current solutions are incapable in front of them. The discovery and patching of vulnerabilities fall behind their introduction. There is no way to evaluate the security improvement of defenses. Sometimes, the new defense is vulnerable too and actually easing the exploitation. Formal verification is defeated by the increased size and complexity of modern software systems. Software systems are not becoming secure. To strenthen these solutions in the coming winter, the goal of my research is to understand exploitation and escalate exploitability systematically. I am very happy that some of our works have received wide recognition in both academia and industry.

- News

    [ 2021-05-06 ] Present A General Approach ... " at Black Hat Asia 2021
    [ 2021-05-02 ] Nu1L team enters DEF CON CTF 2021 Finals
    [ 2021-01-28 ] "A General Approach ... " is accepted to Black Hat Asia 2021
    [ 2020-12-18 ] I pass my thesis proposal and become a Ph.D candidate.
    [ 2020-11-30 ] I will serve as Shadow PC for IEEE S&P 2021
    [ 2020-10-30 ] Present "Bypassing ..." at LSS Europe 2020 [ Slides ]
    [ 2020-10-01 ] Symo3 is accepted to OOPSLA 2020.
    [ 2020-09-08 ] ELOISE is accepted to ACM CCS 2020. [ Paper ]
    [ 2020-08-18 ] The talk "Bypassing ..." is accepted to LSS Europe 2020.
    [ 2020-06-10 ] Received Black Hat USA Student Scholarship.
    [ 2020-03-18 ] Received IBM PhD Fellowship Award. [ Press 1 ] [ Press 2 ]

- Talks

  1. A General Approach to Bypassing Many Kernel Protections and its Mitigation
    2020-05-06, Virtual Event, BlackHat Asia 2021

  2. Bypassing Many Kernel Protections Using Elastic Objects [ Slides ]
    2020-10-30, Virtual Event, Linux Security Summit (LSS) Europe 2020

  3. Facilitate Linux Kernel Exploitation Step by Step [ Slides ]
    2020-02-05, Tel Aviv, Israel, Blue Hat IL 2020

  4. Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox [ Slides ] [ Video ] [ Demo1 ] [ Demo2 ]
    2019-12-04, London, UK, Highly-anticipated Talk at Black Hat Europe 2019

  5. Towards Exploitability Assessment for Linux Kernel Vulnerabilities [ Slides ] [ V2 in IBM S&P Seminar ]
    2019-11-25, Amsterdam, Netherlands, Vrije Universiteit Amsterdam
    2019-11-22, Oxford, UK, University of Oxford [ Flyer ]

  6. Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel [ Slides available upon request ]
    2019-10-19, Hangzhou, China, CLK 2019 (中国Linux内核开发者大会)

- Publication

OS Security
Take an overview of this research thread in my "Towards ..." talk slides (V2)

  1. (ELOISE) A Systematic Study of Elastic Objects in Kernel Exploitation
    Yueqi Chen, Zhenpeng Lin, Xinyu Xing
    The 27th ACM Conference on Computer and Communications Security (ACM CCS 2020)
    [ Paper ] [ Slides ] [ Repo]

  2. SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
    Yueqi Chen, Xinyu Xing
    The 26th ACM Conference on Computer and Communications Security (ACM CCS 2019)
    [ Paper ] [ Slides ] [ Repo ] [ Video ]

  3. KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
    Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
    The 28th USENIX Security Symposium (USENIX Security 2019)
    [ Paper ] [ Slides ] [ Repo ]

  4. FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
    Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
    The 27th USENIX Security Symposium (USENIX Security 2018)
    [ Paper ] [ Slides ] [ Repo ]

Side-channel Detection

  1. (Symo3) Exposing Cache Timing Side-channel Leaks through Out-of-order Symbolic Execution
    Shengjian Guo, Yueqi Chen*, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng
    The Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2020)
    [ Paper ] [ Slides ] [ Repo ]
    * indicates equal contribution

  2. SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
    Shengjian Guo, Yueqi Chen*, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo
    The 42nd International Conference on Software Engineering (ACM/IEEE ICSE 2020)
    [ Paper ] [ Slides ] [ Repo ]
    * indicates equal contribution

AI for security

  1. Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
    Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
    The 28th USENIX Security Symposium (USENIX Security 2019)
    [ Paper ] [ Slides ] [ Repo ] [ Video ]

  2. RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
    Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
    The 34th IEEE/ACM International Conference on Automated Software Engineering (IEEE/ACM ASE 2019)
    [ Paper ] [ Slides ] [ Repo ]

- Honor & Award

  1. IST Research Excellence Award, 2021
  2. IST Graduate Student Travel Grant Award, 2020
  3. Black Hat USA, Student Scholarship, 2020
  4. IBM PhD Fellowship Award, 2020 (1 out of 24 globally) [ Press 1 ] [ Press 2 ]
  5. IST Graduate Student Travel Grant Award, 2019
  6. The 28th USENIX Security Symposium, Student Travel Grant Award, 2019
  7. FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018
  8. DEF CON 26 CTF, Team r3kapig, Final, 2018
  9. Black Hat USA, Student Scholarship, 2018
  10. The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
  11. 2017 NSA codebreaker Challenge, Team member, Rank 5, 2017

- Community Services

  1. Shadow PC of
    2021: IEEE S&P
  2. Sub-reviewer of
    2021: USENIX Security
    2020: USENIX Security, ACM CCS, ACSAC
    2019: ACM CCS, ESORICS, ACSAC, ISC
    2018: ACM AsiaCCS, IEEE CNS

- Teaching

  1. Fall 2019, "CYBER 362 - Cyber Analysis Studio", Teaching Assistant
  2. Spring 2019, "IST 456 - Information Security Management", Teaching Assistant
  3. Fall 2018, "SRA 221 - Overview of Information Security", Teaching Assistant

- Traveling

       I enjoy traveling. I have visied many U.S. states and countries on earth with my best friends and sometimes alone.