I am a first second third year Ph.D student in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017.
My research interests include Operating system (OS) Security and Vulnerability Analysis. I am actively working on exploitability assessment, especially for vulnerabilities in infrastructure software systems (e.g., OS kernel and cryptography library).
I am looking for 2020 summer internship in both academia and industry.
If you know of any suitable positions, please contact me. Thank you very much.
News
[ 01/10/2020 ] "Facilitate ... Step by Step" is accepted to Blue Hat IL 2020. See you folks in Tel Aviv, Israel.
[ 12/09/2019 ] SpecuSym is accepted to ICSE 2020. Cheers! [ arXiv Preprint ]
[ 12/04/2019 ] Present "Hands off..." at Black Hat Europe 2019. [ Slides ]
[ 11/25/2019 ] Talk about exploitability assessment at Vrije Universiteit Amsterdam. [ Slides ]
[ 11/22/2019 ] Talk about exploitability assessment at University of Oxford.
[ 11/14/2019 ] Present SLAKE at ACM CCS 2019. [ Slides ] [ Video ]
[ 10/09/2019 ] "Hands off..." is accepted to Black Hat Europe 2019. See you folks again in London, UK.
[ 09/16/2019 ] SLAKE is accepted to ACM CCS 2019. See you folks in London, UK.
[ 09/13/2019 ] Invited to talk about security issues in Linux kernel at CLK 2019, Hangzhou, China.
[ 08/16/2019 ] Officially end internship at Baidu X-Lab.
[ 08/15/2019 ] Present VIEM at USENIX Security 2019. [ Slides ] [ Video ]
Talks
-
Facilitate Linux Kernel Exploitation Step by Step [ Slides ]
Feb 05th, 2020, Tel Aviv, Israel, Blue Hat IL 2020
-
Towards Exploitability Assessment for Linux Kernel Vulnerabilities [ Slides ]
Nov 25th, 2019, Amsterdam, Netherlands, Vrije Universiteit Amsterdam
Nov 22nd, 2019, Oxford, UK, University of Oxford [ Flyer ]
-
Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel [ Slides available upon request ]
Oct 19th, 2019, Hangzhou, China, CLK 2019 (The China Linux Kernel conference)
Publication
OS Security
Feel free to take an overview of this research thread in my "Towards ..." talk slides
-
Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox
Yueqi Chen, Xinyu Xing, Jimmy Su
Highly-anticipated Talk at Black Hat Europe 2019
[ Slides ]
[ Video ]
[ Demo1 ]
[ Demo2 ]
-
SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
Yueqi Chen, Xinyu Xing
The 26th ACM Conference on Computer and Communications Security (ACM CCS 2019)
[ Paper ]
[ Slides ]
[ Repo ]
[ Video ]
-
KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
The 28th USENIX Security Symposium (USENIX Security 2019)
[ Paper ]
[ Slides ]
[ Repo ]
-
FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
The 27th USENIX Security Symposium (USENIX Security 2018)
[ Paper ]
[ Slides ]
[ Repo ]
Vulnerability Analysis
-
SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
Shengjian Guo, Yueqi Chen (equal contribution), Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo
The 42nd International Conference on Software Engineering (ACM/IEEE ICSE 2020)
[ Paper ]
[ Slides ]
[ Repo ]
[ arXiv Preprint ]
-
Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
The 28th USENIX Security Symposium (USENIX Security 2019)
[ Paper ]
[ Slides ]
[ Repo ]
[ Video ]
-
RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
The 34th IEEE/ACM International Conference on Automated Software Engineering (IEEE/ACM ASE 2019)
[ Paper ]
[ Slides ]
[ Repo ]
Honor & Award
-
IST Graduate Student Travel Grant Award, 2019
-
The 28th USENIX Security Symposium, Student Travel Grant Award, 2019
-
FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018
-
DEF CON 26 CTF, Team r3kapig, Final, 2018
-
Black Hat USA, Student Scholarship, 2018
-
The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
-
2017 NSA codebreaker Challenge, Team member, Rank 5, 2017
Community Services
-
Sub-reviewer of
2020: USENIX Security
2019: ACM CCS, ESORICS, ACSAC, ISC
2018: ACM AsiaCCS, IEEE CNS
Teaching
-
Fall 2019, "CYBER 362 - Cyber Analysis Studio", Teaching Assistant
-
Spring 2019, "IST 456 - Information Security Management", Teaching Assistant
-
Fall 2018, "SRA 221 - Overview of Information Security", Teaching Assistant
Traveling
-
I enjoy traveling. I have visied many U.S. states and countries on earth with my best friends and sometimes alone.
|