Home   

Yueqi Chen, 陈越琦
Ph.D Student
College of Information Sciences & Technology
The Pennsylvania State University
[ CV ] [ Email ]


I am a 1st/2nd/3rd/4th  final year Ph.D candidate in College of Information Sciences & Technology from The Pennsylvania State University. I am co-advised by Dr. Xinyu Xing and Dr. Peng Liu. I received my B.S in Computer Science & Technology from Nanjing University in 2017. I am awarded the 2020 IBM Ph.D Fellowship (1/24 globally).

I am interested in system and software security. In particular, my research focuses on the induction, deduction, and mitigation of attack surfaces especially in infrastructure software systems such as OS kernels and cryptography libraries. I am very happy that our works have received wide recognition in both academia and industry.

News

[ 2021-11-06 ] GREBE is accepted to IEEE S&P 2022
[ 2021-09-03 ] "Your Trash Kernel Bug, My Precious 0-day" is accepted to Black Hat Europe 2021
[ 2021-08-08 ] Nu1L team hit 7th at DEF CON CTF 2021 Finals
[ 2021-08-03 ] "Finding Multiple ... Exploitability Estimation" is accepted to Linux Security Summit NA 2021
[ 2021-05-06 ] Present "A General Approach ... " at Black Hat Asia 2021
[ 2021-05-02 ] Nu1L team enters DEF CON CTF 2021 Finals
[ 2021-01-28 ] "A General Approach ... " is accepted to Black Hat Asia 2021
[ 2020-12-18 ] I pass my thesis proposal and become a Ph.D candidate.
[ 2020-11-30 ] I will serve as Shadow PC for IEEE S&P 2021

Talks

  • Towards Exploitability Assessment for Linux Kernel Vulnerabilities
    Nov 2019, Amsterdam, Netherlands, Vrije Universiteit Amsterdam
    Nov 2019, Oxford, UK, University of Oxford [ Flyer ]
    [ Slides ] [ V2 in IBM S&P Seminar ]

  • Vulnerability Exploitabity Assessment and Mitigation Design Defects in Linux Kernel
    Oct 2019, Hangzhou, China, CLK 2019 (中国Linux内核开发者大会)

Publication

  1. GREBE: Facilitating Security Assessment for Linux Kernel Bugs
    Zhenpeng Lin, Yueqi Chen, Dongliang Mu, Chengsheng Yu, Yuhang Wu, Xinyu Xing, Kang Li
    IEEE Symposium on Security and Privacy (SP) 2022
    [ Paper ] [ Slides ] [ Code ]

  2. A General Approach to Bypassing Many Kernel Protections and Its Mitigation
    Yueqi Chen, Zhenpeng Lin, Xinyu Xing
    BlackHat Asia 2021

  3. Your Trash Kernel Bug, My Precious 0-day
    Zhenpeng Lin, Yueqi Chen, Xinyu Xing, Kang Li
    BlackHat Europe 2021

  4. Finding Multiple Bug Effects for More Precise Exploitability Estimation
    Zhenpeng Lin, Yueqi Chen
    Linux Security Summit North America 2021

  5. (ELOISE) A Systematic Study of Elastic Objects in Kernel Exploitation
    Yueqi Chen, Zhenpeng Lin, Xinyu Xing
    ACM Conference on Computer and Communications Security (CCS) 2020
    [ Paper ] [ Slides ] [ Code]

  6. Bypassing Many Kernel Protections Using Elastic Objects
    Yueqi Chen, Zhenpeng Lin, Xinyu Xing
    Linux Security Summit Europe 2020
    [ Slides ]

  7. Facilitate Linux Kernel Exploitation Step by Step
    Yueqi Chen
    BlueHat IL 2020
    [ Slides ]

  8. (Symo3) Exposing Cache Timing Side-channel Leaks through Out-of-order Symbolic Execution
    Yueqi Chen*, Shengjian Guo*, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng
    The Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA) 2020
    [ Paper ] [ Slides ] [ Code ]
    * indicates equal contribution

  9. SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
    Yueqi Chen*, Shengjian Guo*, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo
    International Conference on Software Engineering (ICSE) 2020
    [ Paper ] [ Slides ] [ Code ]
    * indicates equal contribution

  10. Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox
    Yueqi Chen, Xinyu Xing, Jimmy Su
    Black Hat Europe 2019
    [ Slides ] [ Video ] [ Demo1 ] [ Demo2 ]

  11. SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel
    Yueqi Chen, Xinyu Xing
    ACM Conference on Computer and Communications Security (CCS) 2019
    [ Paper ] [ Slides ] [ Code ] [ Video ]

  12. Towards the Detection of Inconsistencies in Public Security Vulnerability Reports
    Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang
    USENIX Security Symposium (Security) 2019
    [ Paper ] [ Slides ] [ Code ] [ Video ]

  13. RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis
    Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
    International Conference on Automated Software Engineering (ASE) 2019
    [ Paper ] [ Slides ] [ Code ]

  14. KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
    Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou
    USENIX Security Symposium (Security) 2019
    [ Paper ] [ Slides ] [ Code ]

  15. FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities
    Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong
    USENIX Security Symposium (Security) 2018
    [ Paper ] [ Slides ] [ Code ]

Honor & Award

  • The 7th place in DEFCON 29 CTF (Team Nu1L), Las Vegas, USA, Aug. 2021
  • Black Hat USA, Student Scholarship, 2021
  • IST Graduate Student Travel Grant Award, 2020
  • Black Hat USA, Student Scholarship, 2020
  • IBM PhD Fellowship Award, 2020 (1 out of 24 globally) [ Press 1 ] [ Press 2 ]
  • IST Graduate Student Travel Grant Award, 2019
  • The 28th USENIX Security Symposium, Student Travel Grant Award, 2019
  • FUZE is awarded one of the ten technical events of JD.COM (2018京东集团技术十件大事), 2018
  • The 16th place in DEFCON 26 CTF (Team r3kapig), Las Vegas, USA, Aug. 2018
  • Black Hat USA, Student Scholarship, 2018
  • The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018
  • The 5th place in NSA codebreaker Challenge, Nov.2017

Community Services

  • Shadow PC
    IEEE Symposium on Security and Privacy (S&P), 2021
  • External reviewer
    IEEE Symposium on Security and Privacy (S&P), 2022
    USENIX Security, 2021
    USENIX Security, 2020
    ACM Conference on Computer and Communication Security (CCS), 2020
    Annual Computer Security Applications Conference (ACSAC), 2020
    ACM Conference on Computer and Communication Security (CCS), 2019
    European Symposium on Research on Computer Security (ESORICS), 2019
    Annual Computer Security Applications Conference (ACSAC), 2019
    Information Security Conference (ISC), 2019
    ACM Asia Conference on Information, Computer and Communication Security (ASIACCS), 2018
    IEEE Conference on Communications and Network Security (CNS), 2019

Teaching

  • Fall 2019 : Cyber Analysis Studio (CYBER 362), Teaching Assistant
  • Spring 2019 : Information Security Management (IST 456), Teaching Assistant
  • Fall 2018 : Overview of Information Security (SRA 221), Teaching Assistant