Yueqi Chen 陈越琦

Home

	Yueqi Chen Incoming Assistant Professor Department of Computer Science College of Engineering and Applied Science University of Colorado Boulder [ CV ] [ Email ] [ Twitter ]
I am an incoming (join in August 2022) Assistant Professor in Computer Science at University of Colorado Boulder. I obtained my Ph.D. from the College of Information Sciences & Technology at the Pennsylvania State University in 2022, under the supervision of Dr. Xinyu Xing and Dr. Peng Liu. Before this, I received my B.Sc in Computer Science from Nanjing University in 2017. I was awarded the 2020-2022 IBM Ph.D Fellowship (1/24 globally). In general, my research area is system and software security. Especially, I have interest in weird machine, exploitability escalation & formalization, and advanced protection design for infrastructure cyber-systems (e.g., OS kernels and cryptography libraries). I am very happy that our works have received wide recognition in both academia and industry. Research Intern, Ph.D. Student, and Post-doc opportunities are available. Contact me if you are interested. News [ 2022-07-25 ] HotBPF is accepted to Linux Security Summit Europe 2022 [ 2022-06-07 ] I have successfully defended my Ph.D. dissertation. Cheers! [ 2022-05-19 ] I will serve as session chair for IEEE S&P 2022 [ 2022-05-19 ] We, the TUTELARY team at NU, rooted newest Ubuntu at Pwn2Own Vancouver 2022 [ Press ] [ 2022-04-08 ] I will join CU Bolder, CS department as Tenure Track Assistant Professor this August [ 2022-03-11 ] I will serve as PC for RAID 2022 [ 2022-03-03 ] I will serve as PC for IEEE S&P Poster 2022 [ 2022-02-14 ] Playing for K(H)eaps is accepted to USENIX SEC 2022 [ 2021-11-30 ] "An in-depth ..." is accepted to NDSS 2022 [ 2021-11-06 ] GREBE is accepted to IEEE S&P 2022 [ 2021-09-03 ] "Your Trash Kernel Bug, My Precious 0-day" is accepted to Black Hat Europe 2021 [ 2021-08-08 ] Nu1L team hit 7th at DEF CON CTF 2021 Finals [ 2021-08-03 ] "Finding Multiple ... Exploitability Estimation" is accepted to Linux Security Summit NA 2021 Talks Towards Exploitability Assessment for Linux Kernel Vulnerabilities Nov 2019, Amsterdam, Netherlands, Vrije Universiteit Amsterdam Nov 2019, Oxford, UK, University of Oxford [ Flyer ] [ Slides ] [ V2 in IBM S&P Seminar ] Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel Oct 2019, Hangzhou, China, CLK 2019 (中国Linux内核开发者大会) Publications Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability Yueqi Chen, Kyle Zeng, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao USENIX Security Symposium (Security)* 2022* [ Paper ] [ Slides ] [ Code ] * indicates equal contribution An In-depth Analysis of Duplicated Linux Kernel Bug Reports  Dongliang Mu, Yuhang Wu, Yueqi Chen, Zhenpeng Lin, Chensheng Yu, Xinyu Xing, Gang Wang Network and Distributed System Security Symposium (NDSS)* 2022* [ Paper ] [ Slides ] [ Code ] GREBE: Facilitating Security Assessment for Linux Kernel Bugs Zhenpeng Lin, Yueqi Chen, Dongliang Mu, Chengsheng Yu, Yuhang Wu, Xinyu Xing, Kang Li IEEE Symposium on Security and Privacy (SP)* 2022* [ Paper ] [ Slides ] [ Code ] (ELOISE) A Systematic Study of Elastic Objects in Kernel Exploitation Yueqi Chen, Zhenpeng Lin, Xinyu Xing ACM Conference on Computer and Communications Security (CCS)* 2020* [ Paper ] [ Slides ] [ Code] (Symo3) Exposing Cache Timing Side-channel Leaks through Out-of-order Symbolic Execution Yueqi Chen, Shengjian Guo, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng The Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA)* 2020* [ Paper ] [ Slides ] [ Code] * indicates equal contribution SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection Yueqi Chen, Shengjian Guo, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo International Conference on Software Engineering (ICSE)* 2020* [ Paper ] [ Slides ] [ Code ] * indicates equal contribution SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel Yueqi Chen, Xinyu Xing ACM Conference on Computer and Communications Security (CCS)* 2019* [ Paper ] [ Slides ] [ Code ] [ Video ] Towards the Detection of Inconsistencies in Public Security Vulnerability Reports Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang USENIX Security Symposium (Security)* 2019* [ Paper ] [ Slides ] [ Code ] [ Video ] RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song International Conference on Automated Software Engineering (ASE)* 2019* [ Paper ] [ Slides ] [ Code ] KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou USENIX Security Symposium (Security)* 2019* [ Paper ] [ Slides ] [ Code ] FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong USENIX Security Symposium (Security)* 2018* [ Paper ] [ Slides ] [ Code ] Other Publications A General Approach to Bypassing Many Kernel Protections and Its Mitigation Yueqi Chen, Zhenpeng Lin, Xinyu Xing BlackHat Asia 2021 Your Trash Kernel Bug, My Precious 0-day Zhenpeng Lin, Yueqi Chen, Xinyu Xing, Kang Li BlackHat Europe 2021 Finding Multiple Bug Effects for More Precise Exploitability Estimation Zhenpeng Lin, Yueqi Chen Linux Security Summit North America 2021 Bypassing Many Kernel Protections Using Elastic Objects Yueqi Chen, Zhenpeng Lin, Xinyu Xing Linux Security Summit Europe 2020 [ Slides ] Facilitate Linux Kernel Exploitation Step by Step Yueqi Chen BlueHat IL 2020 [ Slides ] Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox Yueqi Chen, Xinyu Xing, Jimmy Su Black Hat Europe 2019 [ Slides ] [ Video ] [ Demo1 ] [ Demo2 ] Honors & Awards The 7th place in DEFCON 29 CTF (Team Nu1L), Las Vegas, USA, Aug. 2021 Black Hat USA, Student Scholarship, 2021 IST Graduate Student Travel Grant Award, 2020 Black Hat USA, Student Scholarship, 2020 IBM PhD Fellowship Award, 2020 (1 out of 24 globally) [ Press 1 ] [ Press 2 ] IST Graduate Student Travel Grant Award, 2019 The 28th USENIX Security Symposium, Student Travel Grant Award, 2019 FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018 The 16th place in DEFCON 26 CTF (Team r3kapig), Las Vegas, USA, Aug. 2018 Black Hat USA, Student Scholarship, 2018 The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018 The 5th place in NSA codebreaker Challenge, 2017 Community Services Session Chair IEEE Symposium on Security and Privacy (S&P), 2022 Reviewer International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2022 IEEE Symposium on Security and Privacy (S&P) Poster, 2022 ACM Transactioins on Privacy and Security, 2021 Shadow PC IEEE Symposium on Security and Privacy (S&P), 2021 External reviewer IEEE Symposium on Security and Privacy (S&P), 2023 IEEE Symposium on Security and Privacy (S&P), 2022 USENIX Security, 2021 USENIX Security, 2020 ACM Conference on Computer and Communication Security (CCS), 2020 Annual Computer Security Applications Conference (ACSAC), 2020 ACM Conference on Computer and Communication Security (CCS), 2019 European Symposium on Research on Computer Security (ESORICS), 2019 Annual Computer Security Applications Conference (ACSAC), 2019 Information Security Conference (ISC), 2019 ACM Asia Conference on Information, Computer and Communication Security (ASIACCS), 2018 IEEE Conference on Communications and Network Security (CNS), 2019 Teaching Fall 2019 : Cyber Analysis Studio (CYBER 362), Teaching Assistant Spring 2019 : Information Security Management (IST 456), Teaching Assistant Fall 2018 : Overview of Information Security (SRA 221), Teaching Assistant

End