News

  • [2024/08/15]       I join the Program Commitee of The Web Conference'25 (security track), please consider to submit your work and attend the conference.
  • [2024/08/07]       Our work on log anomaly detection on web application is to appear in ASE'24. Congratulations to Yifan, Xu Ming, and Xiwen!
  • [2024/07/08]       I join the Program Commitee of USENIX Security'25, please consider to submit your work and attend the conference.
  • [2024/06/05]   Our work on LLM agent for detecting phishing websites is to appear in USENIX Security'24. Congratulations to Ruofan and Xiwen!
  • [2024/05/08]   Our work on decloaking and detecting CAPTCHA-cloaked phishing websites is to appear in USENIX Security'24. Congratulations to Xiwen and Ruofan!
  • [2024/04/17]   I join the Program Commitee of FSE'25, please consider to submit your work and attend the conference.
  • [2024/03/02]   Our work on LLM-based code editing and delta debugging are to apper in ISSTA'24. Congratulations to Chenyan, Yufan, Yuhuan, Yunrui, and Xuezhi!
  • [2023/12/23]   I join the Program Commitee of ICML'24, please consider to submit your work and attend the conference.
  • [2023/11/09]   I join the Program Commitee of ICSE'25, please consider to submit your work and attend the conference.
  • [2023/10/24]   I join the Program Commitee of WWW'24, please consider to submit your work and attend the conference.
  • [2023/10/03]   I join the Program Commitee of USENIX Security'24, please consider to submit your work and attend the conference.
  • [2023/09/22]   Our work "On-the-Fly Adapting Code Summarization on Trainable Cost-Effective Language Models" are to apper in NeurIPS'23. Congratulations to Yufan, Chenyan, Jinglian, and Yiming!
  • [2023/07/28]   Two papers on time-travelling debugger for deep classifier and software testing are to apper in ESEC/FSE'23. Congratulations to Xianglin, Yifan, and Xiaoxue!
  • [2023/06/16]   I join the Program Commitee of FSE'24, please consider to submit your work and attend the conference.
  • [2023/05/17]   Two papers on graph representation learning and graph learning explanation are to apper in KDD'23. Congratulations to Mengyue and Jihong!
  • [2023/05/09]   I join the Program Commitee of ISSTA'24, please consider to submit your work and attend the conference.
  • [2023/05/05]   I join the Program Commitee of SEETA'23, please consider to submit your work and attend the conference.
  • [2023/05/01]   Our work "Knowledge Expansion and Counterfactual Interaction for Reference-Based Phishing Detection" has been accepted by USENIX Security'23. Congratuations to Ruofan and Yifan!
  • [2023/03/09]   I serve as the Challenge Advisor for the Phishing Intention Detection Prize Challenge in AISG.
  • [2023/01/08]   I serve as the Program Co-chair in the 28th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2023). Please submit your work and see you in Singapore!
  • [2022/12/09]   Our work "DeepArc: Modularizing Neural Networks for the Model Maintenance" has been accepted by ICSE'23. Congratuations to Xiaoning!
  • [2022/11/28]   We won the first prize in the Research Prototype Competition in ChinaSoft with "Deep Classifier Oriented Interactive Debugger". Congratuations to Xianglin and Yifan!
  • [2022/09/15] Our work "Debugging and Explaining Metric Learning Approaches: An Influence Function Based Perspective" has been accepted by NeurIPS'22. Congratuations to Ruofan and Xianglin!
  • [2022/08/11]   Our work "RegMiner: Mining Replicable Regression Dataset from Code Repositories" has been accepted by FSE'22 (demo track), Congratuations to Xuezhi and Yifan!
  • [2022/08/03]   I join the Program Commitee of AAAI'23, please consider to submit your work and attend the conference.
  • [2022/07/21]   Our work "Repairing Failure-inducing Inputs with Input Reflection" has been accepted by ASE'22, Congratuations to Yan, Ivan, and Changsheng!
  • [2022/07/17]   Three papers are to apper in TDSC journal, Congratuations to Yan, Siqi, Huasong, and Rajdeep!
  • [2022/06/23]   I join the Program Commitee of ESEC/FSE'23, please consider to submit your work and attend the conference.
  • [2022/06/22]   I am invited as a representative alumni in Software Engineering School, ECNU, to give a speech in the graduation ceremony. Congratuations to all the graduates!
  • [2022/06/13]   Our FYP student Ng Siang Hwee (topic: automated software debugging) is awarded with the NUS SoC Outstanding Computing Project Prize for AY2021/22. Congratuations to Siang Hwee!
  • [2022/06/05]   I accept the interview from the Singapore Zaobao (https://www.zaobao.com.sg/), introducing the social impact of phishing attack and our continuous monitoring defense solution (link).
  • [2022/05/16]   Our work "RegMiner: Towards Constructing a Large Regression Dataset from Code Evolution History" is to appear by ISSTA'22. Congratuations to Xuezhi and Siang Hwee!
  • [2022/04/21]   Our work "Temporality Spatialization: A Scalable and Faithful Time-Travelling Visualization for Deep Classifier Training" is to appear by IJCAI'22. Congratuations to Xianglin and Ruofan!
  • [2022/02/17]   Our work "Inferring Phishing Intention via Webpage Appearance and Dynamics: A Deep Vision Based Approach" is to appear by USENIX Security'22. Congratuations to Ruofan and Xianglin!
  • [2021/01/30]   I am invited to serve as reviewer in ICML 2022.
  • [2021/01/20]   Our work "gDefect4DL: A Dataset of General Real-World Deep Learning Program Defects" is to appear by ICSE'22 (Demonstration Track). Congratuations to Yunkai and Xuezhi!
  • [2021/12/01]   Our work "DeepVisualInsight: Time-Travelling Visualization for Spatio-Temporal Causality of Deep Classification Training" is to appear by AAAI'22. Congratuations to Xianglin and Ruofan!
  • [2021/08/01]   Our proposal "An Explainable Framework for Network Anomaly Detection Based on Graph-based Neural Network" (PI: Prof. Dong Jin Song, Collaborator: Dr. Lin Yun) has been awarded by Cisco-NUS Lab Grant, S$435,500 (based on our malware traffic analysis project.).
  • [2021/07/22]   I am invited to give a talk on our Phishpedia work in 1st Huawei Innovation Workshop on Artificial Intelligence for Cyber-Security.
  • [2021/06/02]   Our work "Graph-based Seed Object Synthesis for Search-Based Unit Testing" is to appear by ESEC/FSE'21.
  • [2021/02/23]   Our work "Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages" is to appear by USENIX Security'21. Congratuations to Rofan!
  • [2020/09/16]   Our proposal "An Execution Trace Alignment Based Approach to Locating Regression Bug with Explanation" (PI: Prof. Dong Jin Song, Collaborator: Dr. Lin Yun) has been awarded by MOE T2 Grant (No. T2EP20120-0019), S$657,828 (based on ICSE'17, ASE'18, and TSE'19 work). The news link can be checked here.
  • [2020/07/30]   Our work "Cross-Contract Static Analysis for Detecting Practical Reentrancy Vulnerabilities in Smart Contracts" is to appear by ASE'20.
  • [2020/07/21]   I gave a talk on our gradient-recovering testing work on ISSTA'20 research track (online stream video (with Q&A)prepared media).
  • [2020/07/08]   I gave a talk on our trace-alignment based regression localization work on ICSE'20 journal-frst track (online video).
  • [2020/04/16]   Our work "Recovering Fitness Gradients for Interprocedural Boolean Flags in Search-Based Testing" is to appear by ISSTA'20.
  • [2020/04/13]   I am invited to serve as a PC member of OOPSLA AEC 2020. Please consider submitting your work.
  • [2020/02/20]   I am invited to serve as a PC member of ICECCS 2020. Please consider submitting your work.
  • [2020/02/03]   Our Journal-First TSE paper "Explaining Regressions via Alignment Slicing and Mending" is to appear in Journal First Track in ICSE'2020.
  • [2019/11/18]   I am invited to serve as a PC member of COMPSAC 2020. Please consider submitting your work.
  • [2019/11/18]   I am invited to serve as a PC member of ICSE 2021 (NIER Track). Please consider submitting your work.
  • [2019/10/18]   Our work "Explaining Regressions via Alignment Slicing and Mending" is to appear by IEEE Transaction on Software Engineering (impact factor: 3.33).
  • [2019/01/11]   Our work "Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues" is to appear by IEEE Communications Surveys and Tutorials (impact factor: 20.23).
  • [2018/11/03]   I attended the conference of ASE'18 in Montpellier, France, and presented our work of "Break the Dead End of Dynamic Slicing: Localizing Data and Control Omission Bug".
  • [2018/07/27]   Our work "Break the Dead End of Dynamic Slicing: Localizing Data and Control Omission Bug" is to appear by ASE'18.
  • [2018/04/30]   Our work "Towards Optimal Concolic Testing" won the ACM Distinguished Paper Award in ICSE'18.
  • [2017/11/30]   I attended the conference of ASE'17 in UIUC, USA, and presented our work"Mining Implicit Design Templates for Actionable Code Reuse".
  • [2017/07/18]   Our work "Mining Implicit Design Templates for Actionable Code Reuse" is to appear by ASE'17.
  • [2017/05/26]   I attended the conference of ICSE'17 in Buenos Aires, Argentina, and presented our work "Feedback-Based Debugging".
  • [2016/12/15]   Our work "Feedback-based Debugging" is to appear by ICSE'17.
  • [2016/11/29]   I was invited to give a talk on 49th CREST Open Workshop in London, Britain, and presented our work "Interactive and Guided Architectural Refactoring with Search-Based Recommendation".
  • [2016/11/16]   I attended the conference of FSE 2016 in Seattle, USA, and presented our work "Interactive and Guided Architectural Refactoring with Search-Based Recommendation".
  • [2016/09/06]   I visited SE Lab of SE Lab of Fudan University and gaven a talk on "Feedback-Based Debugging".
  • [2016/07/01]   Our work "Interactive and Guided Architectural Refactoring with Search-Based Recommendation" is to appear by FSE'16.
  • [2016/05/02]   I joined PAT group in SoC, National University of Singapore, under the supervision of Prof. Dong, Jinsong.
  • [2015/10/03]   I started working as a visiting researcher in SUTD under the supervision of Prof. Sun, Jun.
  • [2015/10/03]   I worked as a Research Fellow in Division of Software and Information Systems (SIS), School of Computer Science and Engineering, Nanyang Technological University, under the supervision of Prof. Liu, Yang.
  • [2015/08/31]   I attended the conference of FSE/ESEC 2015 in Bergamo, Italy, and presented our work "Clone-Based and Interactive Recommendation for Modifying Pasted Code".
  • [2015/07/01]   I graduated from Fudan Unverisity, and finished the academic work in SE Lab of Fudan University.

Active Projects

Tregression (Interactive Trace Comparison Tool)

Tregression stands for trace-based regression bug localization technique. Given a regression bug (i..e, the code was correct yesterday but failed now), our tool can visualize the buggy trace and correct trace, and match the steps between two traces. In our tool, a click on any trace step will show the user (i..e, programmer) (1) the corresponding step on the other trace and (2) a code comparison editor of the two versions of the code. Moreover, we build control and data flow on the trace steps so that user can track the control and data flow on the buggy trace and correct trace to understand the root cause of a regression bug. More details can be checked here.

Evosuite++ (Software Testing Tool)

of this project aims to improve Evosuite from the perspective of gradient recovering, a paramount assumption of the effectiveness of SBST (Search-based Software Testing). The traditional SBST approaches defines the measurement (e.g., branch distance) for evaluating how far a generated test is away from covering a branch. Such a measurement is considered as a loss function (or fitness function) to guide test generation to cover specific branches with various search algorithm e.g., GA (Genetic Algorithm), Hill Climbing, etc. However, more often than not, the landscape of the search space is not continuous, which makes SBST approaches degrade to random testing. The project (Evosuite++) aims to pinpoint when the landscape is not conitinuous and propose various approaches to restore the effectiveness of SBST, e.g., recovering gradients for inteprocedural flag problem and constructing shortcut seeds to facilitate test generation. In this project, we enhance Evosuite in terms of branch distance gradient recovering, object construction, smarter mutation, etc. More details can be checked here.

Phishing Identification with Visual Explanation

In this work, we propose an explainable phishing identification system, Phishpedia, which (1) achieves both high identification accuracy and low runtime overhead, (2) provides causal visual annotation on the phishing webpage screenshot, and (3) does not require training on any phishing samples Phishpedia infers the intended brand from the webpage screenshot of an URL, and reports phishing based on alignment of intended brand domain and the landing domain of the URL. Phishpedia significantly outperforms baseline identification approaches (URLNet, StackModel, PhishCatcher, EMD, PhishZoo, and LogoSENSE) with respect to identification accuracy and runtime overhead. We deployed Phishpedia with emerging new domains fed from CertStream service and discovered 1704 phishing websites (including 1133 new zero-day phishing websites) within one month, significantly outperforming existing solutions. More details can be checked here.

Microbat (Interactive Trace Travelling Tool)

A feedback-based debugger for interactively recommending suspicious step in buggy program execution. It records the trace of the execution of a buggy program and allow developers to provide light-weight feedback on trace steps. Microbat is able to learn, analyze, and reason based on developers' feedback and program information and recommend suspicious step in buggy program. A demo video and more details can be checked here.