Yueqi (Lewis) Chen, 陈越琦 Full CV
Ph.D Student
College of Information Sciences & Technology
The Pennsylvania State University
State College, PA

Westgate Building. E343
State College, PA 16803
ychen AT ist DOT psu DOT edu

I am a first second third year Ph.D student in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017.

My research interests include Operating system (OS) Security and Vulnerability Analysis. I am actively working on exploitability assessment, especially for vulnerability in infrastructure softwares, e.g., OS kernel and cryptography library.

I am looking for 2020 summer internship in both academia and industry.
If you know of any suitable positions, please contact me. Thank you very much.


  • Nov 14th, 2019. Presented SLAKE at ACM CCS 2019: [ Slides ] [ Video ]
  • Oct 31st, 2019. Invited to talk about Linue kernel exploitation at Typhoon Con. See you folks in Seoul, South Korea.
  • Oct 09th, 2019. "Hands off..." is accepted to Black Hat Europe. See you folks again in London, UK.
  • Oct 04th, 2019. Flyer for my talk about exploitability assessment at U of Oxford is ready.
  • Sep 16th, 2019. SLAKE is accepted to ACM CCS 2019. See you folks in London, UK.
  • Sep 13th, 2019. Invited to talk about security issues in Linux kernel at CLK2019 (The China Linux Kernel conference), Hangzhou, China.
  • Aug 16th, 2019. Officially ended internship at Baidu X-Lab
  • Aug 15th, 2019. Presented VIEM at USENIX Security 2019: [ Slides ] [ Video ]

Invited Talks

  • Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel
    CLK2019 (The China Linux Kernel conference), Oct 19th 2019, Hangzhou, China
    [ Slides available upon request ]


  • SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
    Shengjian Guo, Yueqi Chen (equal contribution), Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo
    [ arXiv:1911.00507 ]


    OS Security

  • Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox
    Yueqi Chen, Xinyu Xing, Jimmy Su
    Black Hat Europe, London, UK, Dec 3rd - 5th 2019, Highly-anticipated Talk
    [ Paper ] [ Slides ] [ Video ] [ Demo1 ] [ Demo2 ]

  • SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
    Yueqi Chen, Xinyu Xing
    The 26th ACM Conference on Computer and Communications Security (ACM CCS'19)
    [ Paper ] [ Slides ] [ Repo ] [ Video ]
    Building a database of kernel objects and proposing a systematic fengshui approach.
    Bridging the gap between memory corruption and primitives can escalate exploitability.
    Considering alternatives along the exploitation chain drives exploitability assessment towards ground-truth.

  • KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
    Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
    The 28th USENIX Security Symposium (USENIX Security'19)
    [ Paper ] [ Slides ] [ Repo ]
    Given control flow hijacking, generally bypassing all default enabled mitigation techniques in Linux distros.
    Kernel Self-Protect Project (KSPP) ought to take action to this new exploitation.
    More importantly, instead of keeping attack-mitigation-new attack cycle, we should secure a system in a proactive way.

  • FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
    Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
    The 27th USENIX Security Symposium (USENIX Security'18)
    [ Paper ] [ Slides ] [ Repo ]
    Fuzzing to diversify “use” part of a UAF vulnerability; Symbolic execution to identify more, stronger primitives.
    As far as we know, FUZE is the first paper exploring the capability of a vulnerability.
    Going beyond the capability disclosed in PoC is essential for exploitability assessment and automatic exploit generation.

   Vulnerability Analysis

  • Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
    Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
    The 28th USENIX Security Symposium (USENIX Security'19)
    [ Paper ] [ Slides ] [ Repo ] [ Video ]
    Automatically extract vulnerable software names and version for a large-scale measurement, showing that
    Inconsistent information among vulnerability report websites is highly prevalent.
    We should standardize reporting procedure and fully automate vulnerability report verification.

  • RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
    Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
    The 34th IEEE/ACM International Conference on Automated Software Engineering (IEEE/ACM ASE'19)
    [ Paper ] [ Slides ] [ Repo ]

Honor & Award

  • IST Graduate Student Travel Grant Award, 2019
  • The 28th USENIX Security Symposium, Student Travel Grant Award, 2019
  • FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018
  • DEF CON 26 CTF, Team r3kapig, Final, 2018
  • Black Hat USA, Student Scholarship, 2018
  • The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
  • 2017 NSA codebreaker Challenge, Team member, Rank 5, 2017
  • Compiler Optimization Contest in Nanjing University, Individual, Rank 2, 2015

Community Services

  • Sub-reviewer of
    USENIX Security 2020, ACM CCS 2019, ESORICS 2019, ACSAC 2019, ISC 2019, ACM AsiaCCS 2018, IEEE CNS 2018


  • CYBER 362 - Cyber Analysis Studio, Teaching Assistant, Fall 2019
  • IST 456 - Information Security Management, Teaching Assistant, Spring 2019
  • SRA 221 - Overview of Information Security, Teaching Assistant, Fall 2018