Yeting Li

Ph.D Student at ISCAS

Short Bio

I am a Ph.D candidate working at State Key Laboratory of Computer Science (opens new window), Institute of Software, Chinese Academy of Sciences (ISCAS) (opens new window) under the supervision of Prof. Haiming Chen. Now I work as a visiting student at School of Computer Science and Engineering (SCSE) (opens new window), Nanyang Technological University Singapore (NTU) (opens new window) under the supervision of Prof. Yang Liu from August 2021.

I received my Bachelor Degree in School of Computer Science (opens new window), Shaanxi Normal University (opens new window) in June, 2016.

Research Interests

  • Formal Languages and Automata Theory
  • Database Theory and Systems
  • Program Synthesis and Analysis
  • Software Security

News

  • [Sep 2021] Our paper "SemMT: A Semantic-based Testing Approach for Machine Translation Systems" is accepted by TOSEM. Congrats Jialun!
  • [May 2021] Our paper "ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection" is accepted by USENIX Security 2021
  • [Dec 2020] Our paper "TransRegex: Multi-modal Regular Expression Synthesis by Generate-and-Repair" is accepted by ICSE 2021
  • [Jul 2020] Our paper "FlashRegex: Deducing Anti-ReDoS Regexes from Examples" is accepted by ASE 2020

Selected Publications

→ Full list

  • ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection
    Yeting Li, Zixuan Chen, Jialun Cao, Zhiwu Xu, Qiancheng Peng, Haiming Chen, Liyuan Chen, Shing-Chi Cheung:
    The 30th USENIX Security Symposium (USENIX Security 2021), 11 - 13 Aug 2021, Virtual
  • TransRegex: Multi-modal Regular Expression Synthesis by Generate-and-Repair
    Yeting Li, Shuaimin Li, Zhiwu Xu, Jialun Cao, Zixuan Chen, Yun Hu, Haiming Chen, Shing-Chi Cheung:
    The 43rd International Conference on Software Engineering (ICSE 2021), 25 - 28 May 2021, Virtual (originally in Madrid, Spain)
  • FlashRegex: Deducing Anti-ReDoS Regexes from Examples
    Yeting Li, Zhiwu Xu, Jialun Cao, Haiming Chen, Tingjian Ge, Shing-Chi Cheung, Haoren Zhao:
    The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE 2020), 21 - 25 Sep 2020, Melbourne, Australia
  • FlashSchema: Achieving High Quality XML Schemas with Powerful Inference Algorithms and Large-scale Schema Data
    Yeting Li, Jialun Cao, Haiming Chen, Tingjian Ge, Zhiwu Xu, Qiancheng Peng:
    The 36th IEEE International Conference on Data Engineering (ICDE 2020), 20 - 24 Apr 2020, Dallas, Texas

Awards & Honors

  • National Scholarship, Ministry of Education of the People's Republic of China, 2015, 2018.
  • Excellent Student, University of Chinese Academy of Sciences, 2017, 2018, 2019.
  • Excellent Student, Shaanxi Normal University, 2013, 2015.
  • Excellent Student Cadre, Shaanxi Normal University, 2014.

Contests

  • Excellence Award (7/1393), Third Big Data Competition, Baidu, Inc., 2017.

CVEs

We have found hundreds of ReDoS vulnerabilities in pypi/npm/maven packages, such as Python source code, postcss, ua-parser-js, etc. So far, 30+ vulnerabilities have been validated and assigned CVEs by the community, including snyk.io (e.g., CVE-2021-23354, CVE-2020-28493), MITRE Corporation (e.g., CVE-2020-29651), and package authors (e.g., CVE-2021-21317).

→ 36 CVEs

Last Updated: 06/24/2021, 08:59:35 PM