电话 :010-62514510
个人主页:https://www.youwei.site, https://rucsesec.github.io
电子邮箱:youwei@ruc.edu.cn
2006年9月 - 2010年7月: 中国人民大学信息系 工学学士
2017年8月 - 2019月7月: 普度大学计算机系 博士后研究员
2016年8月 - 2017年7月: 印第安纳大学信息与计算学院 博士后研究员
恶意程序分析
移动安全
Web安全
程序设计I荣誉课程(本科生)
新生研讨课——网络空间的安全攻防(本科生)
Web安全(本科生)
软件安全分析(本科生)
操作系统内核分析及安全(研究生)
- 国家自然科学基金青年科学基金项目,“零知识条件下面向语言的模糊测试方法研究”(62002361),2021.01 ~ 2023.12.
- 中国人民大学重点人才项目,“程序分析与模糊测试的关键技术”,2022.01 ~ 2024.12.
- CCF-华为胡杨林基金软件工程专项项目,“基于导向型模糊测试的漏洞验证程序自动生成技术研究”,2023.09 ~ 2024.08.
- Dongnan He, Dongchen Xie, Yujie Wang, Wei You*, Bin Liang, Jianjun Huang Wenchang Shi, Zhuo Zhang, Xiangyu Zhang. Define-Use Guided Path Exploration for Better Forced Execution. In Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024). (CCF A, Accepted)
- Suyue Guo, Xinyu Wang, Wei You*, Bin Liang, Wenchang Shi, Yiwei Zhang, Jianjun Huang, Jian Zhang. Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers. In Proceedings of the 45th ACM/IEEE International Conference on Software Engineering (ICSE 2023). (CCF A, 录用率: 26%)
- Xuwei Liu, Wei You*, Zhuo Zhang, Xiangyu Zhang. TensileFuzz: Facilitating Seed Input Generation in Fuzzing via String Constraint Solving. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2022). (CCF A, 录用率: 24%)
- Zhuo Zhang, Yapeng Ye, Wei You*, Guanhong Tao, Wen-chuan Lee, Yonghwi Kwon, Yousra Aafer, Xiangyu Zhang. OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary. In Proceedings of the 42nd IEEE Symposiums on Security and Privacy (S&P 2021). (CCF A, 录用率: 12%)
- Zhuo Zhang, Wei You*, Guanhong Tao, Yousra Aafer, Xuwei Liu, Xiangyu Zhang. StochFuzz: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting. In Proceedings of the 42nd IEEE Symposiums on Security and Privacy (S&P 2021). (CCF A, 录用率: 12%) (CSAW Best Applied Security Paper Award TOP-10 Finalists)
- Yousra Aafer, Wei You*, Yi Sun, Yu Shi, Xiangyu Zhang, Heng Yin. Android SmartTVs Vulnerability Discovery via Log-guided Fuzzing. In Proceedings of the 30th Usenix Security Symposium (SECURITY 2021). (CCF A, 录用率: 19%)
- I Luk Kim, Yunhui Zheng, Hogun Park, Weihang Wang, Wei You, Yousra Aafer, Xiangyu Zhang. Finding Client-side Business Flow Tampering Vulnerabilities. In Proceedings of the 42nd ACM/IEEE Internatinoal Conference on Software Engineering (ICSE 2020). (CCF A, 录用率: 21%)
- Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Harmon, Xiangyu Zhang. PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning. In Proceedings of the 41st IEEE Symposiums on Security and Privacy (S&P 2020). (CCF A, 录用率: ~11%)
- Zhuo Zhang, Wei You *, Guanhong Tao, Guannan Wei, Yonghwi Kwon, Xiangyu Zhang. BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation. In Proceedings of the 34th ACM Conference on Object-Oriented Programming Systems, Languages and Applications (OOPSLA 2019). (CCF A, 录用率: 36%) (ACM SIGPLAN Distinguished Paper Award)
- Wei You, Xueqiang Wang, Shiqing Ma, Jianjun Huang, Xiangyu Zhang, XiaoFeng Wang, Bin Liang. ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery. In Proceedings of the 40th IEEE Symposiums on Security and Privacy (S&P 2019). (CCF A,录用率: 11%) (CSAW Best Applied Security Paper Award TOP-10 Finalists)
- Wei You, Xuwei Liu, Shiqing Ma, David Perry, Xiangyu Zhang, Bin Liang. SLF: Fuzzing without Valid Seed Inputs. In Proceedings of the 41st ACM/IEEE Internatinoal Conference on Software Engineering (ICSE 2019). (CCF A, 录用率: 21%)
- Wei You, Bin Liang, Wenchang Shi, Peng Wang, Xiangyu Zhang. TaintMan: An ART-compatible Dynamic Taint Analysis Framework on Unmodified and Non-rooted Android Devices. In IEEE Transactions on Dependable and Secure Computing (TDSC 2017). (CCF A)
- Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-concept Exploits. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS 2017). (CCF A, 录用率: 18%)
- Yi Chen, Wei You, Yeonjoon Lee, Kai Chen, XiaoFeng Wang, Wei Zou. Mass Discovery of Android Traffic Imprints through Instantiated Partial Execution. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS 2017). (CCF A, 录用率: 18%)
- Wei You, Bin Liang, Wenchang Shi, Shuyang Zhu, Peng Wang, Sikefu Xie, Xiangyu Zhang. Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016). (CCF A, 录用率: 19%)
- Bin Liang, Pan Bian, Yan Zhang, Wenchang Shi, Wei You, Yan Cai. AntMiner: Mining More Bugs by Reducing Noise Interference. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016). (CCF A, 录用率: 19%)
- Bin Liang, Miaoqiang Su, Wei You, Wenchang Shi, Gang Yang. Cracking Classifiers for Evasion: A Case Study on the Google’s Phishing Pages Filter. In Proceedings of the 25th International World Wide Web Conference (WWW 2016). (CCF A, 录用率: 16%)
- Wei You, Bin Liang, Jingzhe Li, Wenchang Shi, Xiangyu Zhang. Android Implicit Information Flow Demystified. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2015). (CCF C, 录用率: 18%)
- Bin Liang, Wei You, Liangkun Liu, Wenchang Shi, Mario Heiderich. Scriptless Timing Attacks on Web Browser Privacy. In Proceedings of the 44th International Conference on Dependable Systems and Networks (DSN 2014). (CCF B, 录用率: 30%)
- Bin Liang, Wei You, Wenchang Shi, Zhaohui Liang. Detecting Stealthy Malware with Inter-Structure and Imported Signatures. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011). (CCF C, 录用率: 16%)
期刊审稿人:
IEEE Transactions on Dependable and Secure Computing (TDSC)
IEEE Transactions on Software Engineering (TSE)
Journal of Computer & Security (JSC)
程序委员会委员:
33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024)
31st ACM Conference on Computer and Communications Security (CCS 2024)
26th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2023)
30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2021)
ACM SIGPLAN Distinguished Paper Award
CSAW Best Applied Security Paper Award TOP-10 Finalists
中国计算机学会科学技术奖自然科学奖一等奖
中国人民大学“杰出学者”
博士生国家奖学金
Google优秀奖学金