發表論文
[1] Chenlin Wang, Wei Meng, Changhua Luo, and Penghui Li. Predator: Directed Web Application Fuzzing for Efficient Vulnerability Validation.
The 46th IEEE Symposium on Security and Privacy (Oakland), May 2025.
[2] Jiayi Lin, Qingyu Zhang, Junzhe Li, Chenxin Sun, Hao Zhou, Changhua Luo*, and Chenxiong Qian*. Automatic Library Fuzzing through API Relation Evolvement.
In Proceedings of The 32nd Annual Network and Distributed System Security Symposium (NDSS), Feb 2025.
[3] Changhua Luo, Penghui Li, Wei Meng, Chao Zhang. Test Suites Guided Vulnerability Validation for Node.js Applications. In Proceedings of The 31st ACM Conference on Computer and Communications Security (CCS), Oct 2024.
[4] Penghui Li, Wei Meng, Mingxue Zhang, Chenlin Wang, Changhua Luo. Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis. In Proceedings of The 45th IEEE Symposium on Security and Privacy (Oakland), May 2024.
[5] Changhua Luo, Wei Meng, Shuai Wang. Strengthening Supply Chain Security with Fine-grained Safe Patch Identification. In Proceedings of 46th International Conference on Software Engineering (ICSE), research track, April 2024.
[6] Changhua Luo, Wei Meng, Penghui Li. SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration. In Proceedings of The 44th IEEE Symposium on Security and Privacy (Oakland), May 2023.
[7] Changhua Luo, Penghui Li, Wei Meng. TChecker: Precise Static Inter-Procedural Analysis for Detecting Taint-Style Vulnerabilities in PHP Applications. In Proceedings of The 29th ACM Conference on Computer and Communications Security (CCS), Nov 2022. ACM CCS 2022 Best Paper Honorable Mention
[8] Penghui Li, Wei Meng, Kangjie Lu, Changhua Luo. On the Feasibility of Automated Built-in Function Modeling for PHP Symbolic Execution. In Proceedings of the 30th Web Conference (WWW), security track, Feb 2021.
