News

  • [2021/08/01]     Our proposal "An Explainable Framework for Network Anomaly Detection Based on Graph-based Neural Network" (PI: Prof. Dong Jin Song, Collaborator: Dr. Lin Yun) has been awarded by Cisco-NUS Lab Grant, S$435,500 (based on our malware traffic analysis project.).
  • [2021/07/22]     I am invited to give a talk on our Phishpedia work in 1st Huawei Innovation Workshop on Artificial Intelligence for Cyber-Security.
  • [2021/06/02]     Our paper "Graph-based Seed Object Synthesis for Search-Based Unit Testing" is accepted by ESEC/FSE'21.
  • [2021/02/23]   Our paper "Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages" is accepted by USENIX'21.
  • [2020/09/16]   Our proposal "An Execution Trace Alignment Based Approach to Locating Regression Bug with Explanation" (PI: Prof. Dong Jin Song, Collaborator: Dr. Lin Yun) has been awarded by MOE T2 Grant (No. T2EP20120-0019), S$657,828 (based on ICSE'17, ASE'18, and TSE'19 work).
  • [2020/07/30]   Our paper "Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts" is accepted by ASE'20.
  • [2020/07/21]   I gave a talk on our gradient-recovering testing work on ISSTA'20 research track (online stream video (with Q&A)prepared media).
  • [2020/07/08]   I gave a talk on our trace-alignment based regression localization work on ICSE'20 journal-frst track (online video).
  • [2020/04/16]   Our paper "Recovering Fitness Gradients for Interprocedural Boolean Flags in Search-Based Testing" is accepted by ISSTA'20.
  • [2020/04/13]   I am invited to serve as a PC member of OOPSLA AEC 2020. Please consider submitting your work.
  • [2020/02/20]   I am invited to serve as a PC member of ICECCS 2020. Please consider submitting your work.
  • [2020/02/03]   Our Journal-First TSE paper "Explaining Regressions via Alignment Slicing and Mending" is accepted in Journal First Track in ICSE'2020.
  • [2019/11/18]   I am invited to serve as a PC member of COMPSAC 2020. Please consider submitting your work.
  • [2019/11/18]   I am invited to serve as a PC member of ICSE 2021 (NIER Track). Please consider submitting your work.
  • [2019/10/18]   Our paper "Explaining Regressions via Alignment Slicing and Mending" is accepted by IEEE Transaction on Software Engineering (impact factor: 3.33).
  • [2019/01/11]   Our paper "Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues" is accepted by IEEE Communications Surveys and Tutorials (impact factor: 20.23).
  • [2018/11/03]   I attended the conference of ASE'18 in Montpellier, France, and presented our work of "Break the Dead End of Dynamic Slicing: Localizing Data and Control Omission Bug".
  • [2018/07/27]   Our work "Break the Dead End of Dynamic Slicing: Localizing Data and Control Omission Bug" is accepted by ASE'18.
  • [2018/04/30]   Our work "Towards Optimal Concolic Testing" won the ACM Distinguished Paper Award in ICSE'18.
  • [2017/11/30]   I attended the conference of ASE'17 in UIUC, USA, and presented our work"Mining Implicit Design Templates for Actionable Code Reuse".
  • [2017/07/18]   Our paper "Mining Implicit Design Templates for Actionable Code Reuse" is accepted by ASE'17.
  • [2017/05/26]   I attended the conference of ICSE'17 in Buenos Aires, Argentina, and presented our work "Feedback-Based Debugging".
  • [2016/12/15]   Our paper "Feedback-based Debugging" is accepted by ICSE'17.
  • [2016/11/29]   I was invited to give a talk on 49th CREST Open Workshop in London, Britain, and presented our work "Interactive and Guided Architectural Refactoring with Search-Based Recommendation".
  • [2016/11/16]   I attended the conference of FSE 2016 in Seattle, USA, and presented our work "Interactive and Guided Architectural Refactoring with Search-Based Recommendation".
  • [2016/09/06]   I visited SE Lab of SE Lab of Fudan University and gaven a talk on "Feedback-Based Debugging".
  • [2016/07/01]   Our paper "Interactive and Guided Architectural Refactoring with Search-Based Recommendation" is accepted by FSE'16.
  • [2016/05/02]   I joined PAT group in SoC, National University of Singapore, under the supervision of Prof. Dong, Jinsong.
  • [2015/10/03]   I started working as a visiting researcher in SUTD under the supervision of Prof. Sun, Jun.
  • [2015/10/03]   I worked as a Research Fellow in Division of Software and Information Systems (SIS), School of Computer Science and Engineering, Nanyang Technological University, under the supervision of Prof. Liu, Yang.
  • [2015/08/31]   I attended the conference of FSE/ESEC 2015 in Bergamo, Italy, and presented our work "Clone-Based and Interactive Recommendation for Modifying Pasted Code".
  • [2015/07/01]   I graduated from Fudan Unverisity, and finished the academic work in SE Lab of Fudan University.

Active Projects

Tregression (Interactive Trace Comparison Tool)

Tregression stands for trace-based regression bug localization technique. Given a regression bug (i..e, the code was correct yesterday but failed now), our tool can visualize the buggy trace and correct trace, and match the steps between two traces. In our tool, a click on any trace step will show the user (i..e, programmer) (1) the corresponding step on the other trace and (2) a code comparison editor of the two versions of the code. Moreover, we build control and data flow on the trace steps so that user can track the control and data flow on the buggy trace and correct trace to understand the root cause of a regression bug. More details can be checked here.

Evosuite++ (Software Testing Tool)

of this project aims to improve Evosuite from the perspective of gradient recovering, a paramount assumption of the effectiveness of SBST (Search-based Software Testing). The traditional SBST approaches defines the measurement (e.g., branch distance) for evaluating how far a generated test is away from covering a branch. Such a measurement is considered as a loss function (or fitness function) to guide test generation to cover specific branches with various search algorithm e.g., GA (Genetic Algorithm), Hill Climbing, etc. However, more often than not, the landscape of the search space is not continuous, which makes SBST approaches degrade to random testing. The project (Evosuite++) aims to pinpoint when the landscape is not conitinuous and propose various approaches to restore the effectiveness of SBST, e.g., recovering gradients for inteprocedural flag problem and constructing shortcut seeds to facilitate test generation. In this project, we enhance Evosuite in terms of branch distance gradient recovering, object construction, smarter mutation, etc. More details can be checked here.

Phishing Identification with Visual Explanation

In this work, we propose an explainable phishing identification system, Phishpedia, which (1) achieves both high identification accuracy and low runtime overhead, (2) provides causal visual annotation on the phishing webpage screenshot, and (3) does not require training on any phishing samples Phishpedia infers the intended brand from the webpage screenshot of an URL, and reports phishing based on alignment of intended brand domain and the landing domain of the URL. Phishpedia significantly outperforms baseline identification approaches (URLNet, StackModel, PhishCatcher, EMD, PhishZoo, and LogoSENSE) with respect to identification accuracy and runtime overhead. We deployed Phishpedia with emerging new domains fed from CertStream service and discovered 1704 phishing websites (including 1133 new zero-day phishing websites) within one month, significantly outperforming existing solutions. More details can be checked here.

Microbat (Interactive Trace Travelling Tool)

A feedback-based debugger for interactively recommending suspicious step in buggy program execution. It records the trace of the execution of a buggy program and allow developers to provide light-weight feedback on trace steps. Microbat is able to learn, analyze, and reason based on developers' feedback and program information and recommend suspicious step in buggy program. A demo video and more details can be checked here.