I am an Associate Professor in the Department of Computer Science and Engineering (CSE) at University at Buffalo, The State University of New York (SUNY). Before that, I was an Assistant Professor (2016-2022) and then Associate Professor (2022-2024) in the School of Electrical Engineering and Computer Science (EECS) at Washington State University, Pullman. I was previously advised by Dr. Barbara Ryder and Dr. Daphne Yao during my postodc and by Dr. Douglas Thain and Dr. Raul Santelices for my PhD study. My research generally lies in software engineering and software security, with a current focus on program analysis and machine/deep learning for security applications to multilingual software, distributed systems, and mobile apps. The main goal of my research is to develop practically scalable and cost-effective techniques and tools that improve the productivity of software developers and the quality of large-scale, complex real-world software systems.
Office hours: Monday 3:00pm-4:00pm Meeting ID with Zoom: https://buffalo.zoom.us/my/hcaiub
[2023/08] PyRTFuzz was accepted to CCS'23, Congrats to Wen and Haoran! PyRTFuzz discovered 61 new bugs in both the Python interpreter and the runtime libraries of the Python language.
[2023/05] Our work on static analysis of voice applications was accepted to CCS'23, Congrats to all especially Song and Long!
[2023/04] Congrats to Wen for winning the Best RA Award from EECS for the year of 2023!
[2022/12] VulGen was accepted to ICSE'23, Congrats to Yu and all! VulGen takes a first step in realistic vulnerability dataset generation.
[2022/12] Our study on multilingual software development was accepted to ICSE'23, Congrats to Haoran and Weile!
[2022/09] PolyFuzz was accepted to USENIX Security'23, Congrats to Wen and others! PolyFuzz revealed another batch of critical cross-language vulnerabilities with 5 unique CVEs assigned.
[2022/09] Our study on open science in software vulnerability analysis was accepted to TSE'22, Congrats to Yu and Rainy!
[2022/07] Our work on Android framework security was accepted to CCS'22, Congrats to all especially Hao and Xiapu!
[2022/07] Our work on Android app native code analysis received an ACM SIGSOFT Distinguished Paper Award at ISSTA'22, Congrats to all especially Hao and Xiapu!
[2022/06] Our work on characterizing vulnerability proneness of multilingual code was accepted to FSE'22, Congrats to Wen!
[2022/06] Our study on generating realistic vulnerability datasets was accepted to FSE'22, Congrats to Yu and all!
[2022/05] Congratulations to Xiaoqin for successfully passing his PhD dissertation defense and becoming Dr. Fu! The first PhD minted from our lab.
[2022/04] Humbled to receive the Junior Faculty Research Award from the Voliland College of Engineering and Architecture and EECS Early Career Award from the School of EECS; grateful to great colleagues, students, and mentors for their support!
[2022/02] PolyCruise was accepted to USENIX Security'22, Congrats to Wen! PolyCruise enabled the discovery of the first batch of high-severity cross-language security vulnerabilities with 8 unique CVEs assigned.
[2020/07] Seads was accepted to TOSEM'20, Congrats to Xiaoqin! This is our first work towards self-adaptive dynamic analysis in the application to dependence analysis of distributed systems.