Basic Information

My name is Dongliang Mu. I am on the job market this year. Please feel free to download my CV.

  • Education
    • Undergraduate (2010.09 - 2014.06), Computer Science and Technology, Zhengzhou University
    • Ph.D (2014.09 - Now), Computer Science and Technology, Nanjing University
  • Major field : Software Security & System Security
    • Vulnerability Reproduction
    • Postmortem Program Analysis
    • Vulnerability Diagnose
    • Binary Analysis

Experience

  • Research Assistant in Pennsylvania State University (2016 - 2020)
    • Adviser: Dr. Xinyu Xing
    • Topic: Diagnose on process/OS crashes/panics
  • Talk in the GeekPwn China 2018 in Shanghai
    • Name: From Physical Security to Cyber Security: How to forge data spoofing personalized auto insurance
  • Organizer of 2018 Penn State Cybersecurity Competition in Pennsylvania State University

Publications

[1] Xu, J., Mu, D., Chen, P., Wang, P., Xing, X., Liu, P., “CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump”, In Proceedings of the 23nd ACM Conference on Computer and Communications Security (CCS 2016), Vienna, Austria, October 2016.

[2] Xu, J., Mu, D., Xing, X., Liu, P., Chen, P., Mao, B., “POMP: Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts”, In Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), Vancouver, Canada, August 2017.

[3] Mu, D., Guo, J., Ding, W., Wang, Z., Mao, B., Shi, L., “ROPOB: Obfuscating Binary Code via ReturnOriented Programming.”, In International Conference on Security and Privacy in Communication Systems (SecureCOMM 17), Niagara Falls, Canada, October 2017.

[4] Zhu, J., Zhou, W., Wang, Z., Mu, D., Mao, B., “DiffGuard: Obscuring Sensitive Information in Canary Based Protections.”, In International Conference on Security and Privacy in Communication Systems (SecureCOMM 17), Niagara Falls, Canada, October 2017.

[5] Mu, D., Cuevas, A., Yang, L., Hu, H., Wang, G., Xing, X., Mao, B., “Understanding the Reproducibility of Crowd-reported Security Vulnerabilities”, In Proceedings of the 27th USENIX Security Symposium (USENIX Security 18), 2018.

[6] Guo, W., Mu, D., Xu, J., Su, P., Wang, G. , Xing, X., “LEMNA: Explaining Deep Learning based Security Applications”, In Proceedings of The 25th ACM Conference on Computer and Communications Security (CCS 2018), Toronto, Canada, October 2018. (Outstanding paper award)

[7] Guo, W.*, Mu, D.*, Xing, X., Du, M., Song, D., “DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis”, In Proceedings of the 28th USENIX Security Symposium (USENIX Security 2019), Santa Clara, California, August 2019.

[8] Chen, Y.*, Mu, D.*, Sun, Z., Xu, J., Shen, W., Xing, X., Lu, L., Mao B., “Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary”, In Proceedings of the 14th ACM ASIA Conference on Computer and Communications Security (AsiaCCS 2019), Auckland, New Zealand, July 2019

[9] Mu, D.*, Guo, W.*, Cuevas, A., Chen, Y., Gai, J. Xing, X., Mao, B., Song, C., “RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis”, In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering (ASE 2019), San Diego, CA, November 2019.

[10] Mu, D., Du, Y., Xu, J., Xu, J., Xing, X., Mao, B., “POMP++: Facilitating Postmortem Program Diagnosis with Value-set Analysis”, In IEEE Transactions on Software Engineering (TSE), Accepted.

Note that * means equal contribution

CVEs discovered by me

CVE ID Vulnerability Type Vulnerable Software
CVE-2018-8816 Stack Exhaustion perl-5.26.1
CVE-2018-8881 Heap buffer overflow nasm-2.13.02rc2
CVE-2018-8882 Stack buffer overflow nasm-2.13.02rc2
CVE-2018-8883 Global buffer overflow nasm-2.13.02rc2
CVE-2018-10016 Division-by-zero nasm-2.14rc0
CVE-2018-9138 Stack Exhaustion binutils-2.29
CVE-2018-9996 Stack Exhaustion binutils-2.29
CVE-2018-10316 Denial-of-Service nasm-2.14rc0
CVE-2018-9251 Denial-of-Service libxml2-2.9.8

Open Source Projects

The following projects are Github / Bitbucket Repositories I maintained or contributed.

Research Projects:

Book-in-progress related with Linux Kernel