Basic Information

My name is Dongliang Mu.

  • Education
    • Undergraduate(2010.09 - 2014.06), Computer Science and Technology, Zhengzhou University
    • Ph.D (2014.09 - Now), Computer Science and Technology, Nanjing University
  • Major field : Software Security & System Security
    • Vulnerability Reproduction
    • Postmortem Program Analysis
    • Vulnerability Diagnose
    • Binary Analysis

Experience

  • Research Assistant in The Pennsylvania State University
    • Adviser: Dr. Xinyu Xing
    • Topic: Diagnose on process/OS crashes/panics
  • Orangizers of 2018 Penn State Cybersecurity Competition in The Pennsylvania State University

Publications

[1] Xu, J., Mu, D., Chen, P., Wang, P., Xing, X., Liu, P., “CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump”, In Proceedings of the 23nd ACM Conference on Computer and Communications Security (CCS 2016), Vienna, Austria, October 2016.

[2] Xu, J., Mu, D., Xing, X., Liu, P., Chen, P., Mao, B., “POMP: Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts”, In Proceedings of the 26th USENIX Security Symposium (USENIX Security 17), VANCOUVER, BC, CANADA, AUGUST 2017.

[3] Mu, D., Guo, J., Ding, W., Wang, Z., Mao, B., Shi, L., “ROPOB: Obfuscating Binary Code via ReturnOriented Programming.” In International Conference on Security and Privacy in CommunicationSystems (SecureCOMM 17), Niagara Falls, Canada, October 2017.

[4] Mu, D., Cuevas, A., Yang, L., Hu, H., Wang, G., Xing, X., Mao, B., “Understanding the Repro-ducibility of Crowd-reported Security Vulnerabilities”, In Proceedings of the 27th USENIX SecuritySymposium (USENIX Security 18), BALTIMORE, MD, USA, AUGUST 2018.

[5] Guo, W., Mu, D., Xu, J., Su, P., Wang G. , Xing X., “LEMNA: Explaining Deep Learning based Security Applications”, In Proceedings of The 25th ACM Conference on Computer and Communications Security (CCS 2018), Toronto, Canada, October 2018.

CVEs discovered by me

CVE ID Vulnerability Type Vulnerable Software and Version
CVE-2018-8816 Stack Exhaustion perl-5.26.1
CVE-2018-8881 Heap buffer overflow nasm-2.13.02rc2
CVE-2018-8882 Stack buffer overflow nasm-2.13.02rc2
CVE-2018-8883 Global buffer overflow nasm-2.13.02rc2
CVE-2018-10016 Division-by-zero nasm-2.14rc0
CVE-2018-9138 Stack Exhaustion binutils-2.29
CVE-2018-9996 Stack Exhaustion binutils-2.29
CVE-2018-10316 Denial-of-Service nasm-2.14rc0
CVE-2018-9251 Denial-of-Service libxml2-2.9.8

Open Source Projects

The following projects are Github / Bitbucket Repositories I maintained or contributed.

Research Projects:

Book-in-progress related with Linux Kernel

Translation Projects:

Misc Projects:

If you need my full CV, please email me.