Associate Professor / Master's Supervisor at IIE, CAS
中国科学院信息工程研究所副研究员、硕士生导师
I work on software and system security, with a focus on AI-driven vulnerability discovery, exploit generation, program analysis, and security evaluation.
About / 个人简介
English
Yeting Li is an Associate Professor and master's supervisor at the Institute of Information Engineering, Chinese Academy of Sciences. His research focuses on software and system security, especially intelligent vulnerability discovery and automated exploitation. He has published 40+ papers in top security, systems, and software engineering venues, including IEEE S&P, USENIX Security, NDSS, EuroSys, ICSE, ASE, and ISSTA, with 17 papers as first author or corresponding author. Recent work has been accepted by EuroSys 2026 and NDSS 2026. His work has received the ICSE 2024 ACM SIGSOFT Distinguished Paper Award and a USENIX Security 2025 Distinguished Paper Honorable Mention.
中文
李页霆,中国科学院信息工程研究所副研究员、硕士生导师,长期从事软件与系统安全研究,主要聚焦智能化漏洞挖掘与自动化利用技术。围绕漏洞检测、利用生成与安全评测等方向,在网络安全、系统与软件工程领域国际顶级会议发表论文40余篇,其中以第一作者或通讯作者发表17篇,近年成果包括EuroSys 2026、NDSS 2026、USENIX Security 2025等。相关研究曾获得ICSE 2024最佳论文奖,并获USENIX Security 2025最佳论文提名。团队累计发现并报告CVE漏洞300余个,相关技术系统已在国家级安全评测与攻防任务中得到应用。
Research Focus / 研究方向
AI-driven Vulnerability Discovery
Combining program analysis, security testing, and learning-based techniques to discover real vulnerabilities. 结合程序分析、安全测试与智能化方法发现真实漏洞。
Exploit Generation
Building systematic methods from vulnerability detection to automated exploit generation and validation. 构建从漏洞检测到自动化利用生成与验证的系统化方法。
Software and System Security
Studying open-source ecosystems, embedded systems, protocol implementations, and real-world offensive and defensive settings. 面向开源生态、嵌入式系统、协议实现与真实攻防场景。
Prospective Students / 招生信息
Our group is continuously recruiting motivated master's students, PhD students, and postdoctoral researchers who are interested in software and system security. 课题组长期招收硕士生、博士生和博士后,欢迎对软件与系统安全、人工智能安全分析、漏洞挖掘与利用感兴趣的同学加入。
Real Security Problems / 真实安全问题
研究选题来自真实软件生态和攻防评测需求,强调可验证、可复现、可落地的安全能力。
Top-tier Publication Training / 顶会论文训练
围绕S&P、USENIX Security、NDSS、ICSE、ASE、ISSTA等顶级会议开展系统化科研训练。
Impactful Systems / 系统与平台积累
团队长期建设漏洞发现、利用生成与安全评测系统,支持学生做出有影响力的工具和成果。
Who Fits Well / 适合的同学
Students with interests in program analysis, compiler/runtime systems, binary analysis, fuzzing, LLM-based security, or hands-on vulnerability research are especially welcome. 欢迎喜欢动手做系统、读论文、复现漏洞、分析真实软件的同学。
How to Contact / 联系方式
Please email a CV, transcript, representative projects, and a short description of research interests to liyeting (at) iie (dot) ac (dot) cn. 有意向的同学可邮件联系,并简要说明研究兴趣、项目经历和希望加入的方向。
The group values curiosity, engineering taste, careful experimentation, and the ability to turn security ideas into working systems.
Selected Publications / 代表论文
Recent and representative work in software security, vulnerability discovery, security testing, and program analysis. See the full publication list for all papers.
- LifeFuzz: Lifecycle-Guided Fuzzing for Windows Driver Cross-Handler Vulnerabilities
Chendong Yu, Yuekang Li, Yang Xiao, Jie Lu, Yeting Li, Defang Bo, Wei Huo:
The 21st ACM European Conference on Computer Systems (EuroSys 2026, CCF-A)
Lifecycle-guided Windows driver fuzzing for cross-handler vulnerabilities. - User-Space Dependency-Aware Rehosting for Linux-Based Firmware Binaries
Chuan Qin, Cen Zhang, Yaowen Zheng, Puzhuo Liu, Jian Zhang, Yeting Li, Weidong Zhang, Yang Liu, Limin Sun:
The 33rd Network and Distributed System Security Symposium (NDSS 2026, CCF-A)
Dependency-aware firmware rehosting for scalable dynamic analysis. - Through the Authentication Maze: Detecting Authentication Bypass Vulnerabilities in Firmware Binaries
Nanyu Zhong, Yuekang Li, Yanyan Zou, Jiaxu Zhao, Jinwei Dong, Yang Xiao, Bingwei Peng, Yeting Li, Wei Wang, Wei Huo:
The 33rd Network and Distributed System Security Symposium (NDSS 2026, CCF-A)
Dynamic firmware analysis for authentication bypass vulnerabilities. - VULCANBOOST: Boosting ReDoS Fixes through Symbolic Representation and Feature Normalization
Yeting Li, Yecheng Sun, Zhiwu Xu, Haiming Chen, Xinyi Wang, Hengyu Yang, Huina Chao, Cen Zhang, Yang Xiao, Yanyan Zou, Feng Li, Wei Huo:
The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A) 🏆 Distinguished Paper Honorable Mention, 6% of accepted papers
Highlighted work on ReDoS repair through symbolic representation and feature normalization. - ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency
Xinyi Wang, Yeting Li*, Jie Lu, Shizhe Cui, Chenghang Shi, Qin Mai, Yunpei Zhang, Yang Xiao, Feng Li, Wei Huo:
The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A)
Precise and efficient static taint analysis for PHP web applications. - From Constraints to Cracks: Constraint Semantic Inconsistencies as Vulnerability Beacons for Embedded Systems
Jiaxu Zhao, Yuekang Li, Yanyan Zou, Yang Xiao, Naijia Jiang, Yeting Li, Nanyu Zhong, Bingwei Peng, Kunpeng Jian, Wei Huo:
The 34th USENIX Security Symposium (USENIX Security 2025, CCF-A)
Using constraint semantic inconsistencies as vulnerability signals in embedded systems. - CodeCleaner: Elevating Standards with A Robust Data Contamination Mitigation Toolkit
Jialun Cao, Songqiang Chen, Wuqi Zhang, Hau Ching Lo, Yeting Li*, Shing-Chi Cheung:
The 16th Asia-Pacific Symposium on Internetware (Internetware 2025, CCF-C)
Toolkit support for mitigating benchmark data contamination in LLM-based code evaluation. - A Large Scale Study of AI-based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners
Jingyi Shi, Yufeng Chen, Yang Xiao, Yuekang Li, Zhengzi Xu, Sihao Qiu, Chi Zhang, Keyu Qi, Yeting Li, Xingchu Chen, Yanyan Zou, Yang Liu, Wei Huo:
The 40th IEEE/ACM International Conference on Automated Software Engineering (ASE 2025, CCF-A)
Large-scale empirical study of AI-based binary function similarity detection for security practice. - Understanding Resource Injection Vulnerabilities in Kubernetes Ecosystems
Defang Bo, Jie Lu, Feng Li, Jingting Chen, Jinchen Wang, Chendong Yu, Yeting Li, Wei Huo:
The 40th IEEE/ACM International Conference on Automated Software Engineering (ASE 2025, CCF-A)
Security analysis of resource injection vulnerabilities in Kubernetes ecosystems. - Vulnerability-Affected Versions Identification: How Far Are We?
Xingchu Chen, Chengwei Liu, Jialun Cao, Yang Xiao, Xinyue Cai, Yeting Li, Jingyi Shi, Tianqi Sun, Haiming Chen, Wei Huo:
The 40th IEEE/ACM International Conference on Automated Software Engineering (ASE 2025, CCF-A)
Measurement of vulnerability-affected version identification and its practical limitations. - A Survey of Protocol Fuzzing
Xiaohan Zhang, Cen Zhang, Xinghua Li, Zhengjie Du, Bing Mao, Yuekang Li, Yaowen Zheng,
Yeting Li, Li Pan, Yang Liu, Robert Deng: ACM Computing Surveys (CSUR), 57(2): 35:1-35:36, 2025
Comprehensive survey of protocol fuzzing techniques, challenges, and future directions. - Fuzzing for Stateful Protocol Implementations: Are We There Yet?
Kunpeng Jian, Yanyan Zou, Yeting Li*, Jialun Cao, Menghao Li, Jian Sun, Jingyi Shi, Wei Huo:
The 18th Theoretical Aspects of Software Engineering Conference (TASE 2024, CCF-C), 29 July - 1 August, 2024, Guiyang, China
Study and benchmark of fuzzing techniques for stateful protocol implementations. - How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation
Cen Zhang, Yaowen Zheng, Mingqiang Bai, Yeting Li, Wei Ma, Xiaofei Xie, Yuekang Li, Limin Sun, Yang Liu:
The 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024, CCF-A), 16 - 20 September, 2024, Vienna, Austria
Evaluation of large language model based fuzz driver generation. - Semantic-Enhanced Static Vulnerability Detection in Baseband
Firmware
Yiming Liu, Cen Zhang, Feng Li, Yeting Li, Jianhua Zhou, Jian Wang, Lanlan Zhan, Yang Liu, Wei Huo:
The 46th International Conference on Software Engineering (ICSE 2024, CCF-A), 14 - 20 April 2024, Lisbon, Portugal 🏆ACM SIGSOFT Distinguished Paper Award
Semantic-enhanced static vulnerability detection for baseband firmware. - Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems
Jiaxu Zhao, Yuekang Li, Yanyan Zou, Zhaohui Liang, Yang Xiao, Yeting Li, Bingwei Peng, Nanyu Zhong, Xinyi Wang, Wei Wang, Wei Huo:
The 33rd USENIX Security Symposium (USENIX Security 2024, CCF-A), 14 - 16 August 2024, Philadelphia, PA, USA
Enhancing embedded-system taint analysis by modeling semantic relations in code and data. - File Hijacking Vulnerability: The Elephant in the Room
Chendong Yu, Yang Xiao, Jie Lu, Yuekang Li, Yeting Li, Lian Li, Yifan Dong, Jian Wang, Jingyi Shi, Defang Bo, Wei Huo:
The 31st Annual Network and Distributed System Security Symposium (NDSS 2024, CCF-A), 26 Feb - 1 March 2024, San Diego, California
Systematic study of file hijacking vulnerabilities and real-world security risks. - Aster: Automatic Speech Recognition System Accessibility Testing for Stutterers
Yi Liu, Yuekang Li, Gelei Deng, Felix Juefei-Xu, Yao Du, Cen Zhang, Chengwei Liu, Yeting Li, Lei Ma, Yang Liu:
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023, CCF-A), 11 - 15 Sep 2023, Kirchberg, Luxembourg
Accessibility testing framework for speech recognition systems used by stutterers. - ACETest: Automated Constraint Extraction for Testing Deep Learning Operators
Jingyi Shi, Yang Xiao, Yuekang Li, Yeting Li, Dongsong Yu, Chendong Yu, Hui Su, Yufeng Chen, Wei Huo:
The 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2023, CCF-A), 17 - 21 July 2023, Washington, United States
Automated constraint extraction for testing deep learning operators. - Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation
Xinyi Wang, Cen Zhang, Yeting Li*, Zhiwu Xu, Shuailin Huang, Yi Liu, Yican Yao, Yang Xiao, Yanyan Zou, Yang Liu, Wei Huo:
The 44th IEEE Symposium on Security and Privacy (S&P 2023, CCF-A), 22 - 25 May 2023, San Francisco, CA
Principled ReDoS vulnerability modeling and exploit generation. - RegexScalpel: Regular Expression Denial of Service (ReDoS)
Defense by Localize-and-Fix
Yeting Li, Yecheng Sun, Zhiwu Xu, Jialun Cao, Yuekang Li, Rongchen Li, Haiming Chen, Shing-Chi Cheung, Yang Liu, Yang Xiao:
The 31st USENIX Security Symposium (USENIX Security 2022, CCF-A), 10 - 12 Aug 2022, BOSTON, MA, USA
Localize-and-fix defense for ReDoS vulnerabilities in regular expressions. - SemMT: A Semantic-Based Testing Approach for Machine Translation Systems
Jialun Cao, Meiziniu Li, Yeting Li, Ming Wen, Shing-Chi Cheung, Haiming Chen:
ACM Transactions on Software Engineering and Methodology (TOSEM 2022, CCF-A)
Semantic-based testing approach for machine translation systems. - ReDoSHunter: A Combined Static and Dynamic Approach for Regular Expression DoS Detection
Yeting Li, Zixuan Chen, Jialun Cao, Zhiwu Xu, Qiancheng Peng, Haiming Chen, Liyuan Chen, Shing-Chi Cheung:
The 30th USENIX Security Symposium (USENIX Security 2021, CCF-A), 11 - 13 Aug 2021, Virtual
Combined static and dynamic detection for regular expression denial-of-service vulnerabilities. - TransRegex: Multi-modal Regular Expression Synthesis by Generate-and-Repair
Yeting Li, Shuaimin Li, Zhiwu Xu, Jialun Cao, Zixuan Chen, Yun Hu, Haiming Chen, Shing-Chi Cheung:
The 43rd International Conference on Software Engineering (ICSE 2021, CCF-A), 25 - 28 May 2021, Virtual (originally in Madrid, Spain)
Multi-modal regular expression synthesis through generate-and-repair. - FlashRegex: Deducing Anti-ReDoS Regexes from Examples
Yeting Li, Zhiwu Xu, Jialun Cao, Haiming Chen, Tingjian Ge, Shing-Chi Cheung, Haoren Zhao:
The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE 2020, CCF-A), 21 - 25 Sep 2020, Melbourne, Australia
Example-guided inference of anti-ReDoS regular expressions. - FlashSchema: Achieving High Quality XML Schemas with Powerful Inference Algorithms and
Large-scale Schema Data
Yeting Li, Jialun Cao, Haiming Chen, Tingjian Ge, Zhiwu Xu, Qiancheng Peng:
The 36th IEEE International Conference on Data Engineering (ICDE 2020, CCF-A), 20 - 24 Apr 2020, Dallas, Texas
High-quality XML schema inference using powerful algorithms and large-scale schema data.
Awards & Honors / 荣誉奖励
- National Scholarship, Ministry of Education of the People's Republic of China, 2015.
- National Scholarship, Ministry of Education of the People's Republic of China, 2018.
- CAS Presidential Scholarship (Excellence Award), Chinese Academy of Science (CAS), 2022.
- CAS Special Research Assistant (SRA) Program, Chinese Academy of Science (CAS), 2022.
- Excellence Award (7/1393), Third Big Data Competition, Baidu, Inc., 2017.
Professional Services / 学术服务
I actively serve the software security and software engineering communities as a reviewer and committee member for leading international conferences and journals, including:
- USENIX Security Symposium (USENIX Security) 2024, CCF-A top-tier security conference.
- IEEE Transactions on Dependable and Secure Computing (TDSC), CCF-A journal.
- IEEE Transactions on Mobile Computing (TMC), CCF-A journal.
- Computers & Security, CCF-B journal.
- Science of Computer Programming (SCP), CCF-B journal.
- Journal of Computer Science and Technology (JCST), CCF-B journal.
- Theoretical Aspects of Software Engineering (TASE) 2024, CCF-C conference.
- Workshop on the use of Large Language Models for Cybersecurity (LLM4Sec) @ IEEE ICDM 2025.
- 《计算机研究与发展》, CCF-A recommended Chinese journal and T1 high-quality journal in computing.
Security Impact / 漏洞发现
Our research is driven by real vulnerabilities and measurable security impact. We have found and reported 300+ CVE-class vulnerabilities, including ReDoS vulnerabilities in pypi/npm/maven packages such as Python source code, postcss, and ua-parser-js. Representative vulnerabilities have been validated and assigned CVEs by the community, including snyk.io (e.g., CVE-2021-23354, CVE-2020-28493), MITRE Corporation (e.g., CVE-2020-29651), and package authors (e.g., CVE-2021-21317).
团队研究以真实漏洞和可度量安全影响为牵引,累计发现并报告CVE级漏洞300余个,相关技术系统已在国家级安全评测与攻防任务中得到应用。
