 |
个人信息:Personal Information
讲师 研究生导师
性别:男
学历:博士研究生毕业
学位:工学博士学位
在职信息:在岗
所在单位:广州研究院
入职时间:2022-12-31
学科:计算机软件与理论 计算机科学与技术 软件工程
办公地点:广州市黄埔区新龙镇知明路83号西安电子科技大学广州研究院求真楼A714
联系方式:wencheng [at] xidian.edu.cn
Publications
1.Cheng Wen, Jaolun Cao*, Jie Su, Zhiwu Xu, Shengchao Qin*, Mengda He, Haokun Li, Shing-ChiCheung, CongTian.Enchanting Program Specification Synthesis by Large Language Models using Static Analysis and Program Verification.Accepted by 36th International Conference on Computer Aided Verification. 2024.(CCF A类)
2.Zhiwu Xu,Bohao Wu,Cheng Wen*, Bin Zhang, Shengchao Qin*,Mengda He.RPG: Rust Library Fuzzing with Pool-based Fuzz Target Generation and Generic Support.IEEE/ACM 46th International Conference on Software Engineering (ICSE). 2024. (CCF A)
3.Cheng Wen, Yuandao Cai, Bin Zhang, Jie Su*, Zhiwu Xu, Dugang Liu, Shengchao Qin*, Zhong Ming, Cong Tian.Automatically Inspecting Thousands of Static Bug Warnings with Large Language Model: How Far Are We?Accepted by Transactions on Knowledge Discovery from Data. 2024.(CCF B)
4.Cheng Wen, Mengda He*, Bohao Wu, Zhiwu Xu, Shengchao Qin*.Controlled Concurrency Testing via Periodical Scheduling.IEEE/ACM 44th International Conference on Software Engineering (ICSE). 2022. (CCF A)
5.Cheng Wen, Haijun Wang*, Yuekang Li, Shengchao Qin*, et al.MemLock: Memory Usage Guided Fuzzing.IEEE/ACM 42nd International Conference on Software Engineering (ICSE). 2020. (CCF A)
6. Haijun Wang, Xiaofei Xie, Yi Li,Cheng Wen, et al.Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities.IEEE/ACM 42nd International Conference on Software Engineering (ICSE). 2020*. (CCF A)
7. Zhiwu Xu,Cheng Wen, Shengchao Qin* and Mengda He.Extracting automata from neural networks using active learning.PeerJ Computer Science, April 2021. (JCR 二区)
8. Zhiwu Xu,Cheng Wen, and Shengchao Qin*.Type Learning for Binaries and its Applications.IEEE Transactions on Reliability (Volume: 68:893-912, Issue:3, Sep 2019). (SCI 二区)
9. Zhiwu Xu,Cheng Wen, and Shengchao Qin*.State-taint analysis for detecting resource bugs.Science of Computer Programming.Elsevier, 162:93-109, 15th Sep 2018. (SCI/ESI, CCF B)
10. Zhiwu Xu, Xiongya Hu,Cheng Wen, and Shengchao Qin*.Extracting Automata from Neural Networks Using Active Learning.National Conference on Formal Methods and Applications.2018. (Best Paper Award)
11. Zhiwu Xu,Cheng Wen, Shengchao Qin* and Zhong Ming.Effective malware detection based on behaviour and data features.International Conference on Smart Computing and Communication(SmartCom).Springer, 2017. (Best Student Paper Award)
12.Zhiwu Xu,Cheng Wen, and Shengchao Qin*.Learning types for binaries.International Conference on Formal Engineering Methods(ICFEM).Springer, 2017. (CCF C)
Practical Security Impact (73 CVEs)
I have found several security-critical vulnerabilities in widely used real-world programs.
CVE-2022-26291, CVE-2020-36375, CVE-2020-36374, CVE-2020-36373, CVE-2020-36372,CVE-2020-36371, CVE-2020-36370, CVE-2020-36369, CVE-2020-36368, CVE-2020-36367, CVE-2020-36366, CVE-2020-18900, CVE-2020-18899, CVE-2020-18898, CVE-2020-18897,CVE-2020-18395, CVE-2020-18392, CVE-2020-18382, CVE-2020-18378, CVE-2019-16166, CVE-2019-16165, CVE-2019-15140,CVE-2019-11471, CVE-2019-7704, CVE-2019-7703, CVE-2019-7702, CVE-2019-7701,CVE-2019-7700, CVE-2019-7699, CVE-2019-7698, CVE-2019-7697, CVE-2019-7665,CVE-2019-7664, CVE-2019-7663, CVE-2019-7662, CVE-2019-7154, CVE-2019-7153,CVE-2019-7152, CVE-2019-7151, CVE-2019-7150, CVE-2019-7149, CVE-2019-7148,CVE-2019-7147, CVE-2019-7146, CVE-2019-6293, CVE-2019-6292, CVE-2019-6291, CVE-2019-6290, CVE-2018-20712, CVE-2018-20657, CVE-2018-20652, CVE-2018-20651,CVE-2018-20593, CVE-2018-20592, CVE-2018-20591, CVE-2018-20002, CVE-2018-18701,CVE-2018-18700, CVE-2018-18607, CVE-2018-18606, CVE-2018-18605, CVE-2018-18521,CVE-2018-18520, CVE-2018-18484, CVE-2018-18483, CVE-2018-18310, CVE-2018-18309,CVE-2018-17985, CVE-2018-17795, CVE-2018-17794, CVE-2018-16403, CVE-2018-16402, CVE-2018-16062