Yeting Li
Yeting Li | 李页霆

Associate Professor at IIE, CAS|中国科学院信息工程研究所副研究员

I work on software and system security, with a focus on AI-driven vulnerability discovery, exploit generation, and program analysis.

Software Security AI for Security Vulnerability Discovery Exploit Generation Program Analysis
Publications Join the Group UCAS Profile Email
Openings / 招生

Recruiting master's students, PhD students, postdoctoral researchers, and research interns interested in AI-driven vulnerability discovery, automated exploit generation, program analysis, fuzzing, and software/system security. 欢迎对智能化漏洞挖掘、自动化漏洞利用、程序分析、模糊测试与软件系统安全感兴趣的同学联系。

Recent Recognition / 近期亮点
  • ICSE 2024 ACM SIGSOFT Distinguished Paper Award
  • USENIX Security 2025 Distinguished Paper Honorable Mention

About / 个人简介

English

Yeting Li is an Associate Professor at the Institute of Information Engineering, Chinese Academy of Sciences. His research focuses on software and system security, especially intelligent vulnerability discovery and automated exploitation. He has published 40+ papers in top security, systems, and software engineering venues, including IEEE S&P, USENIX Security, NDSS, EuroSys, ICSE, ASE, and ISSTA, with 21 papers as first author or corresponding author. Recent work has been accepted by EuroSys 2026 and NDSS 2026. His work has received the ICSE 2024 ACM SIGSOFT Distinguished Paper Award and a USENIX Security 2025 Distinguished Paper Honorable Mention.

中文

李页霆,中国科学院信息工程研究所副研究员,长期从事软件与系统安全研究,主要聚焦智能化漏洞挖掘与自动化利用技术。围绕漏洞检测、利用生成与安全评测等方向,在网络安全、系统与软件工程领域国际顶级会议发表论文40余篇,其中以第一作者或通讯作者发表21篇,近年成果包括EuroSys 2026、NDSS 2026、USENIX Security 2025等。相关研究曾获得ICSE 2024 ACM SIGSOFT Distinguished Paper Award,并获USENIX Security 2025 Distinguished Paper Honorable Mention。团队累计发现并报告CVE漏洞300余个,相关技术系统已在国家级安全评测与攻防任务中得到应用。

Research Focus / 研究方向

AI-driven Vulnerability Discovery

Combining program analysis, security testing, and learning-based techniques to discover real vulnerabilities. 结合程序分析、安全测试与智能化方法发现真实漏洞。

Exploit Generation

Building systematic methods from vulnerability detection to automated exploit generation and validation. 构建从漏洞检测到自动化利用生成与验证的系统化方法。

Software and System Security

Studying open-source ecosystems, embedded systems, protocol implementations, and real-world offensive and defensive settings. 面向开源生态、嵌入式系统、协议实现与真实攻防场景。

Fuzzing and Program Analysis

Developing testing and analysis techniques for complex software, protocols, firmware, and system components. 面向复杂软件、协议、固件与系统组件开展测试和分析。

Binary and Firmware Security

Finding vulnerabilities in low-level binaries and embedded firmware through scalable analysis and rehosting. 关注二进制程序与嵌入式固件中的真实安全缺陷。

LLM for Security

Exploring how large language models can support vulnerability discovery, security evaluation, and code analysis. 探索大模型在漏洞挖掘、安全评测与代码分析中的应用。

Prospective Students / 招生信息

Our group is continuously recruiting motivated master's students, PhD students, and postdoctoral researchers who are interested in software and system security. 课题组长期招收硕士生、博士生和博士后,欢迎对软件与系统安全、人工智能安全分析、漏洞挖掘与利用感兴趣的同学加入。

Research Directions / 研究方向

研究选题来自真实软件生态和攻防评测需求,强调可验证、可复现、可落地的安全能力。

Student Training / 科研训练

围绕S&P、USENIX Security、NDSS、ICSE、ASE、ISSTA等顶级会议开展系统化科研训练。

Systems and Impact / 系统与影响

团队长期建设漏洞发现、利用生成与安全评测系统,支持学生做出有影响力的工具和成果。

Who Fits Well / 适合的同学

Students with interests in program analysis, compiler/runtime systems, binary analysis, fuzzing, LLM-based security, or hands-on vulnerability research are especially welcome. 欢迎喜欢动手做系统、读论文、复现漏洞、分析真实软件的同学。

How to Contact / 联系方式

Please email a CV, transcript, representative projects, and a short description of research interests to liyeting (at) iie (dot) ac (dot) cn. 有意向的同学可邮件联系,并简要说明研究兴趣、项目经历和希望加入的方向。

The group values curiosity, engineering taste, careful experimentation, and the ability to turn security ideas into working systems.

Publications / 发表论文

Peer-reviewed publications in software and system security, vulnerability discovery, fuzzing, program analysis, ReDoS defense, and software engineering. 以下展示近年的代表性成果。

View Full Publications Google Scholar DBLP
41peer-reviewed papers listed in reverse chronological order
21first-author or corresponding-author publications
Top venuesIEEE S&P, USENIX Security, NDSS, EuroSys, ICSE, ASE, ISSTA
AwardsICSE 2024 Distinguished Paper; USENIX Security 2025 Honorable Mention

Recent Highlights / 近期亮点

  • Themis: Bridging Documentation and Code to Uncover Access Control Vulnerabilities in GitLab
    Yujie Sun, Huina Chao, Yeting Li*, Xinyi Wang, Yiming Liu, Jialun Cao, Qin Mai, Hengyu Yang, Feng Li, Wei Huo, Baoxu Liu: 2026 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP 2026, CCF-B)
    LLM-assisted consistency checking between documentation-derived permissions and code-level enforcement for GitLab access control vulnerabilities.
  • LifeFuzz: Lifecycle-Guided Fuzzing for Windows Driver Cross-Handler Vulnerabilities
    Chendong Yu, Yuekang Li, Yang Xiao, Jie Lu, Yeting Li, Defang Bo, Wei Huo: The 21st ACM European Conference on Computer Systems (EuroSys 2026, CCF-A)
    Lifecycle-guided Windows driver fuzzing for cross-handler vulnerabilities.
  • User-Space Dependency-Aware Rehosting for Linux-Based Firmware Binaries
    Chuan Qin, Cen Zhang, Yaowen Zheng, Puzhuo Liu, Jian Zhang, Yeting Li, Weidong Zhang, Yang Liu, Limin Sun: The 33rd Network and Distributed System Security Symposium (NDSS 2026, CCF-A)
    Dependency-aware firmware rehosting for scalable dynamic analysis.
  • Through the Authentication Maze: Detecting Authentication Bypass Vulnerabilities in Firmware Binaries
    Nanyu Zhong, Yuekang Li, Yanyan Zou, Jiaxu Zhao, Jinwei Dong, Yang Xiao, Bingwei Peng, Yeting Li, Wei Wang, Wei Huo: The 33rd Network and Distributed System Security Symposium (NDSS 2026, CCF-A)
    Dynamic firmware analysis for authentication bypass vulnerabilities.
  • VULCANBOOST: Boosting ReDoS Fixes through Symbolic Representation and Feature Normalization
    Yeting Li, Yecheng Sun, Zhiwu Xu, Haiming Chen, Xinyi Wang, Hengyu Yang, Huina Chao, Cen Zhang, Yang Xiao, Yanyan Zou, Feng Li, Wei Huo: The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A) AwardDistinguished Paper Honorable Mention, 6% of accepted papers
    Highlighted work on ReDoS repair through symbolic representation and feature normalization.
  • ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency
    Xinyi Wang, Yeting Li*, Jie Lu, Shizhe Cui, Chenghang Shi, Qin Mai, Yunpei Zhang, Yang Xiao, Feng Li, Wei Huo: The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A)
    Precise and efficient static taint analysis for PHP web applications.
  • From Constraints to Cracks: Constraint Semantic Inconsistencies as Vulnerability Beacons for Embedded Systems
    Jiaxu Zhao, Yuekang Li, Yanyan Zou, Yang Xiao, Naijia Jiang, Yeting Li, Nanyu Zhong, Bingwei Peng, Kunpeng Jian, Wei Huo: The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A)
    Using constraint semantic inconsistencies as vulnerability signals in embedded systems.
  • Semantic-Enhanced Static Vulnerability Detection in Baseband Firmware
    Yiming Liu, Cen Zhang, Feng Li, Yeting Li, Jianhua Zhou, Jian Wang, Lanlan Zhan, Yang Liu, Wei Huo: The 46th International Conference on Software Engineering (ICSE 2024, CCF-A) AwardACM SIGSOFT Distinguished Paper Award
    Semantic-enhanced static vulnerability detection for baseband firmware.

Awards & Honors / 荣誉奖励

  • ICSE 2024 ACM SIGSOFT Distinguished Paper Award.
  • USENIX Security 2025 Distinguished Paper Honorable Mention.
  • National Scholarship, Ministry of Education of the People's Republic of China, 2015.
  • National Scholarship, Ministry of Education of the People's Republic of China, 2018.
  • CAS Presidential Scholarship (Excellence Award), Chinese Academy of Science (CAS), 2022.
  • CAS Special Research Assistant (SRA) Program, Chinese Academy of Science (CAS), 2022.
  • Excellence Award (7/1393), Third Big Data Competition, Baidu, Inc., 2017.

Professional Services / 学术服务

I actively serve the software security and software engineering communities as a reviewer and committee member for leading international conferences and journals, including:

Conferences & Workshops

  • USENIX Security Symposium (USENIX Security) 2024, CCF-A top-tier security conference.
  • Theoretical Aspects of Software Engineering (TASE) 2024/2026, CCF-C conference.
  • Workshop on the use of Large Language Models for Cybersecurity (LLM4Sec) @ IEEE ICDM 2025.

Journals

  • IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A journal.
  • IEEE Transactions on Mobile Computing (TMC), CCF-A journal.
  • ACM Transactions on Software Engineering and Methodology (TOSEM), CCF-A journal.
  • Computers & Security, CCF-B journal.
  • Science of Computer Programming (SCP), CCF-B journal.
  • Journal of Computer Science and Technology (JCST), CCF-B journal.
  • 《计算机研究与发展》, CCF-A recommended Chinese journal and T1 high-quality journal in computing.

Last Updated: 04/27/2026