I am a 1st/2nd/3rd 4th year Ph.D candidate in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017. I am awarded the 2020 IBM Ph.D Fellowship (1/24 globally).
I am especially interested in exploitability assessment for infrastructure software systems such as OS kernel and crytograph library. I am very happy that some of our works have received wide recognition in both academia and industry.
- News
[ 2021-09-03 ] "Your Trash Kernel Bug, My Precious 0-day" is accepted to Black Hat Europe 2021
[ 2021-08-08 ] Nu1L team hit 7th at DEF CON CTF 2021 Finals
[ 2021-08-03 ] "Finding Multiple ... Exploitability Estimation" is accepted to Linux Security Summit NA 2021
[ 2021-05-06 ] Present "A General Approach ... " at Black Hat Asia 2021
[ 2021-05-02 ] Nu1L team enters DEF CON CTF 2021 Finals
[ 2021-01-28 ] "A General Approach ... " is accepted to Black Hat Asia 2021
[ 2020-12-18 ] I pass my thesis proposal and become a Ph.D candidate.
[ 2020-11-30 ] I will serve as Shadow PC for IEEE S&P 2021
[ 2020-10-30 ] Present "Bypassing ..." at LSS Europe 2020 [ Slides ]
[ 2020-10-01 ] Symo3 is accepted to OOPSLA 2020.
[ 2020-09-08 ] ELOISE is accepted to ACM CCS 2020. [ Paper ]
- Talks
-
Your Trash Kernel Bug, My Precious 0-day
2021-11-10, Virtual Event, Black Hat Europe 2021
-
Finding Multiple Bug Effectis for More Precise Exploitability Estimation
2021-10-01, Seattle, US, Linux Security Summit (LSS) North America 2021
-
A General Approach to Bypassing Many Kernel Protections and its Mitigation
2020-05-06, Virtual Event, BlackHat Asia 2021
-
Bypassing Many Kernel Protections Using Elastic Objects [ Slides ]
2020-10-30, Virtual Event, Linux Security Summit (LSS) Europe 2020
-
Facilitate Linux Kernel Exploitation Step by Step [ Slides ]
2020-02-05, Tel Aviv, Israel, Blue Hat IL 2020
-
Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox
[ Slides ]
[ Video ]
[ Demo1 ]
[ Demo2 ]
2019-12-04, London, UK, Highly-anticipated Talk at Black Hat Europe 2019
-
Towards Exploitability Assessment for Linux Kernel Vulnerabilities
[ Slides ]
[ V2 in IBM S&P Seminar ]
2019-11-25, Amsterdam, Netherlands, Vrije Universiteit Amsterdam
2019-11-22, Oxford, UK, University of Oxford [ Flyer ]
-
Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel [ Slides available upon request ]
2019-10-19, Hangzhou, China, CLK 2019 (中国Linux内核开发者大会)
- Publication
OS Security
Take an overview of this research thread in my "Towards ..." talk slides (V2)
-
(ELOISE) A Systematic Study of Elastic Objects in Kernel Exploitation
Yueqi Chen, Zhenpeng Lin, Xinyu Xing
The 27th ACM Conference on Computer and Communications Security (ACM CCS 2020)
[ Paper ]
[ Slides ]
[ Repo]
-
SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
Yueqi Chen, Xinyu Xing
The 26th ACM Conference on Computer and Communications Security (ACM CCS 2019)
[ Paper ]
[ Slides ]
[ Repo ]
[ Video ]
-
KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
The 28th USENIX Security Symposium (USENIX Security 2019)
[ Paper ]
[ Slides ]
[ Repo ]
-
FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
The 27th USENIX Security Symposium (USENIX Security 2018)
[ Paper ]
[ Slides ]
[ Repo ]
Side-channel Detection
-
(Symo3) Exposing Cache Timing Side-channel Leaks through Out-of-order Symbolic Execution
Shengjian Guo, Yueqi Chen*, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng
The Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2020)
[ Paper ]
[ Slides ]
[ Repo ]
* indicates equal contribution
-
SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
Shengjian Guo, Yueqi Chen*, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo
The 42nd International Conference on Software Engineering (ACM/IEEE ICSE 2020)
[ Paper ]
[ Slides ]
[ Repo ]
* indicates equal contribution
AI for security
-
Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
The 28th USENIX Security Symposium (USENIX Security 2019)
[ Paper ]
[ Slides ]
[ Repo ]
[ Video ]
-
RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
The 34th IEEE/ACM International Conference on Automated Software Engineering (IEEE/ACM ASE 2019)
[ Paper ]
[ Slides ]
[ Repo ]
- Honor & Award
-
DEF CON 29 CTF, Team Nu1L, 7th in Final, 2021
-
Black Hat USA, Student Scholarship, 2021
-
IST Graduate Student Travel Grant Award, 2020
-
Black Hat USA, Student Scholarship, 2020
-
IBM PhD Fellowship Award, 2020 (1 out of 24 globally) [ Press 1 ]
[ Press 2 ]
-
IST Graduate Student Travel Grant Award, 2019
-
The 28th USENIX Security Symposium, Student Travel Grant Award, 2019
-
FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018
-
DEF CON 26 CTF, Team r3kapig, Final, 2018
-
Black Hat USA, Student Scholarship, 2018
-
The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
-
NSA codebreaker Challenge, Team member, Rank 5, 2017
- Community Services
-
Shadow PC of
2021: IEEE S&P
-
Sub-reviewer of
2022: IEEE S&P
2021: USENIX Security
2020: USENIX Security, ACM CCS, ACSAC
2019: ACM CCS, ESORICS, ACSAC, ISC
2018: ACM AsiaCCS, IEEE CNS
- Teaching
-
Fall 2019, "CYBER 362 - Cyber Analysis Studio", Teaching Assistant
-
Spring 2019, "IST 456 - Information Security Management", Teaching Assistant
-
Fall 2018, "SRA 221 - Overview of Information Security", Teaching Assistant
- Traveling
I enjoy traveling. I have visied many U.S. states and countries on earth with my best friends and sometimes alone.
|
