I am an Associate Professor in the School of Cyber Science and Engineering at Huazhong University of Science and Technology (HUST). I earned my Ph.D. in Computer Science from Nanjing University, where I collaborated extensively with Professor Xinyu Xing at Penn State University. My research focuses on Linux kernel security, with recent work published at top-tier conferences including IEEE S&P (Oakland), USENIX Security, ACM CCS, NDSS, and ASE. Additionally, I am actively exploring emerging areas at LLM for Security, as well as automotive operating system security, with a focus on real-world industrial applications. I am honored to be a recipient of the ACM CCS 2018 Outstanding Paper Award and the 2023 Google Open Source Peer Bonus Award for contributions to the Linux kernel and Syzkaller. Additionally, I was recognized in the 2022 and 2024 Wuhan Talent Programs for my research achievements.

[Prospective Students] I am looking for multiple Ph.D. students and undergraduate/graduate research interns who share my academic interests and have a solid background in System/Software Security. If you are interested, please send me emails about your information.

Research interest

My research centers on Software and System Security, with a focus on developing automated frameworks for vulnerability discovery and lifecycle management. I specialize in advancing fuzzing techniques to uncover zero-day vulnerabilities in complex systems, while also designing methodologies for Vulnerability Reproduction, Crash Deduplication, Vulnerability Root Cause Analysis, Vulnerability Assessment, Vulnerability Patching and etc. I am interested in the OS kernel security, the security of Internet of Vehicles (IoV) and LLMs for Security.

Education

  • Ph.D. (2014.09 - 2019.12), Computer Science and Technology, Nanjing University
  • B.E. (2010.09 - 2014.06), Computer Science and Technology, Zhengzhou University

Experience

  • Associate Professor, Huazhong University of Science and Technology (2020/08 - Now)
  • Research Fellow, Pennsylvania State University (2020/01 - 2020/07)
  • Organizer of 2018 Penn State Cybersecurity Competition, Pennsylvania State University
  • Research Assistant in Software and System Security, Pennsylvania State University (2016 - 2020)
  • Graduate Research and Teaching Assistant, Nanjing University (2014 - 2019)

Honors & Awards

  • Wuhan Talent Program, 2024
  • Google Open Source Peer Award, 2023
  • Wuhan Talent Program, 2022
  • ACM CCS Outstanding Paper Award (Top 1), 2018

Publications

* means equal contribution

Conference Papers

  • [USENIX Security 25] PatchAgent: A Practical Program Repair Agent Mimicking Human Expertise [Paper]
    Zheng Yu, Ziyi Guo, Yuhang Wu, Jiahao Yu, Meng Xu, Dongliang Mu, Yan Chen, Xinyu Xing
    Proceedings of the 34nd USENIX Security Symposium

  • [USENIX Security 23] Mitigating Security Risks in Linux with KLAUS : A Method for Evaluating Patch Correctness [Paper]
    Yuhang Wu, Zhenpeng Lin, Yueqi Chen, Dang Le, Dongliang Mu, Xinyu Xing
    Proceedings of the 32nd USENIX Security Symposium

  • [NDSS 22] An In-depth Analysis of Duplicated Linux Kernel Bug Reports [Paper]
    Dongliang Mu, Yuhang Wu, Yueqi Chen, Zhenpeng Lin, Chensheng Yu, Xinyu Xing, Gang Wang
    Proceedings of the Network and Distributed System Security Symposium

  • [Oakland SP 22] GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs [Paper]
    Zhenpeng Lin, Yueqi Chen, Dongliang Mu, Chensheng Yu, Yuhang Wu, Kang Li, Xinyu Xing
    Proceedings of the 43rd IEEE Symposium on Security and Privacy (CSAW 22 Finalist)

  • [TrustComm 21] RoBin: Facilitating the Reproduction of Configuration-Related Vulnerability [Paper]
    Ligeng Chen, Jian Guo, Zhongling He, Dongliang Mu, and Bing Mao
    Proceedings of the 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

  • [USENIX Security 19] DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis [Paper]
    Wenbo Guo*, Dongliang Mu*, Xinyu Xing, Min Du, Dawn Song
    Proceedings of the 28th USENIX Security Symposium

  • [AsiaCCS 19] Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary [Paper]
    Yaohui Chen*, Dongliang Mu*, Jun Xu, Zhichuang Sun, Wenbo Shen, Xinyu Xing, Long Lu, Bing Mao
    Proceedings of the 14th ACM ASIA Conference on Computer and Communications Security

  • [ASE 19] RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis [Paper]
    Dongliang Mu*, Wenbo Guo*, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
    Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering

  • [PRICAI 19] Building Adversarial Defense with Non-invertible Data Transformations [Paper]
    Wenbo Guo, Dongliang Mu, Ligeng Chen, Jinxuan Gai
    Proceedings of the 16th Pacific Rim International Conference on Artificial Intelligence

  • [USENIX Security 18] Understanding the Reproducibility of Crowd-reported Security Vulnerabilities [Paper]
    Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, Gang Wang
    Proceedings of the 27th USENIX Security Symposium

  • [ACM CCS 18] LEMNA: Explaining Deep Learning based Security Applications [Paper]
    Wenbo Guo, Dongliang Mu, Jun Xu, Purui Su, Gang Wang, Xinyu Xing
    Proceedings of The 25th ACM Conference on Computer and Communications Security Outstanding paper award

  • [USENIX Security 17] POMP: Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts [Paper]
    Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, Bing Mao
    Proceedings of the 26th USENIX Security Symposium

  • [SecureCOMM 17] ROPOB: Obfuscating Binary Code via ReturnOriented Programming [Paper]
    Dongliang Mu, Jia Guo, Wenbiao Ding, Zhilong Wang, Bing Mao, Lei Shi
    International Conference on Security and Privacy in Communication Systems

  • [SecureCOMM 17] DiffGuard: Obscuring Sensitive Information in Canary Based Protections [Paper]
    Jun Zhu, Weiping Zhou, Zhilong Wang, Dongliang Mu, Bing Mao
    International Conference on Security and Privacy in Communication Systems

  • [ACM CCS 16] CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump [Paper]
    Jun Xu, Dongliang Mu, Ping Chen, Xinyu Xing, Pei Wang, Peng Liu
    Proceedings of the 23nd ACM Conference on Computer and Communications Security

Journal Papers

  • [ToSEM 23] Characterizing and Detecting WebAssembly Runtime Bugs [Paper]
    Yixuan Zhang, Shangtong Cao, Haoyu Wang, Zhenpeng Chen, Xiapu Luo, Dongliang Mu, Yun Ma, Gang Huang, Xuanzhe Liu
    ACM Transactions on Software Engineering and Methodology

  • [TDSC 23] Towards Unveiling Exploitation Potential with Multiple Error Behaviors for Kernel Bugs [Paper]
    Ziqin Liu, Zhenpeng Lin, Yueqi Chen, Yuhang Wu, Yalong Zou, Dongliang Mu, and Xinyu Xing
    IEEE Transactions on Dependable and Secure Computing

  • [TSE 19] POMP++: Facilitating Postmortem Program Diagnosis with Value-set Analysis [Paper]
    Dongliang Mu, Yunlan Du, Jianhao Xu, Jun Xu, Xinyu Xing, Bing Mao, Peng Liu
    IEEE Transactions on Software Engineering

Talks

CVEs discovered by me

CVE ID Vulnerability Type Vulnerable Software
CVE-2018-8816 Stack Exhaustion perl-5.26.1
CVE-2018-8881 Heap buffer overflow nasm-2.13.02rc2
CVE-2018-8882 Stack buffer overflow nasm-2.13.02rc2
CVE-2018-8883 Global buffer overflow nasm-2.13.02rc2
CVE-2018-10016 Division-by-zero nasm-2.14rc0
CVE-2018-9138 Stack Exhaustion binutils-2.29
CVE-2018-9996 Stack Exhaustion binutils-2.29
CVE-2018-10316 Denial-of-Service nasm-2.14rc0
CVE-2018-9251 Denial-of-Service libxml2-2.9.8
CVE-2021-37159 Double Free Linux Kernel
CVE-2022-27950 Memory Leak Linux Kernel
CVE-2022-30868 Uninitialized Use Linux Kernel
CVE-2022-30869 Improper Input Valid. Linux Kernel
CVE-2022-2978 Use After Free Linux Kernel
CVE-2022-3239 Use After Free Linux Kernel
CVE-2022-3577 Out-of-Bound Write Linux Kernel
CVE-2023-2985 Use After Free Linux Kernel

Upstream Linux Kernel Patches

Become a Reviewer for Chinese Translation Subsystem in Linux Kernel

Ranking at #1900 in the whole Linux kernel contributors