My current research focuses on Software and System Security. More specifically, my research interests span the areas of Software Failure Diagnosis, Vulnerability Reproduction, Vulnerability Fuzzing, and Binary Analysis. I am on the job market this year. Please feel free to download my CV.


  • Ph.D. (2014.09 - 2019.12), Computer Science and Technology, Nanjing University
  • B.E. (2010.09 - 2014.06), Computer Science and Technology, Zhengzhou University


  • Research Assistant in Software and System Security, Pennsylvania State University (2016 - 2020)
  • Organizer of 2018 Penn State Cybersecurity Competition, Pennsylvania State University
  • Graduate Research and Teaching Assistant, Nanjing University


* means equal contribution

Conference Papers

  • [USENIX Security 19] DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis [Paper]
    Wenbo Guo*, Dongliang Mu*, Xinyu Xing, Min Du, Dawn Song
    Proceedings of the 28th USENIX Security Symposium

  • [AsiaCCS 19] Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary [Paper]
    Yaohui Chen*, Dongliang Mu*, Jun Xu, Zhichuang Sun, Wenbo Shen, Xinyu Xing, Long Lu, Bing Mao
    Proceedings of the 14th ACM ASIA Conference on Computer and Communications Security

  • [ASE 19] RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis [Paper]
    Dongliang Mu*, Wenbo Guo*, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song
    Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering

  • [USENIX Security 18] Understanding the Reproducibility of Crowd-reported Security Vulnerabilities [Paper]
    Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, Gang Wang
    Proceedings of the 27th USENIX Security Symposium

  • [ACM CCS 18] LEMNA: Explaining Deep Learning based Security Applications [Paper]
    Wenbo Guo, Dongliang Mu, Jun Xu, Purui Su, Gang Wang, Xinyu Xing
    Proceedings of The 25th ACM Conference on Computer and Communications Security Outstanding paper award

  • [USENIX Security 17] POMP: Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts [Paper]
    Jun Xu, Dongliang Mu, Xinyu Xing, Peng Liu, Ping Chen, Bing Mao
    Proceedings of the 26th USENIX Security Symposium

  • [SecureCOMM 17] ROPOB: Obfuscating Binary Code via ReturnOriented Programming [Paper]
    Dongliang Mu, Jia Guo, Wenbiao Ding, Zhilong Wang, Bing Mao, Lei Shi
    International Conference on Security and Privacy in Communication Systems

  • [SecureCOMM 17] DiffGuard: Obscuring Sensitive Information in Canary Based Protections [Paper]
    Jun Zhu, Weiping Zhou, Zhilong Wang, Dongliang Mu, Bing Mao
    International Conference on Security and Privacy in Communication Systems

  • [ACM CCS 16] CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump [Paper]
    Jun Xu, Dongliang Mu, Ping Chen, Xinyu Xing, Pei Wang, Peng Liu
    Proceedings of the 23nd ACM Conference on Computer and Communications Security

Journal Papers

  • [TSE 19] POMP++: Facilitating Postmortem Program Diagnosis with Value-set Analysis [Paper]
    Dongliang Mu, Yunlan Du, Jianhao Xu, Jun Xu, Xinyu Xing, Bing Mao, Peng Liu
    IEEE Transactions on Software Engineering

Honors & Awards

  • Student Travel Grant of 14th ACM ASIACCS, 2019
  • Artificial Intelligence Scholarship at Nanjing University, 2018
  • ACM CCS Outstanding Paper Award (Top 1), 2018
  • Student Travel Grant of 38th IEEE Symposium on Security and Privacy, 2017


Open Source Projects

Research Projects:

Book-in-progress related with Linux Kernel

CVEs discovered by me

CVE ID Vulnerability Type Vulnerable Software
CVE-2018-8816 Stack Exhaustion perl-5.26.1
CVE-2018-8881 Heap buffer overflow nasm-2.13.02rc2
CVE-2018-8882 Stack buffer overflow nasm-2.13.02rc2
CVE-2018-8883 Global buffer overflow nasm-2.13.02rc2
CVE-2018-10016 Division-by-zero nasm-2.14rc0
CVE-2018-9138 Stack Exhaustion binutils-2.29
CVE-2018-9996 Stack Exhaustion binutils-2.29
CVE-2018-10316 Denial-of-Service nasm-2.14rc0
CVE-2018-9251 Denial-of-Service libxml2-2.9.8