师资队伍
Faculty
详细资料
Details
梁彬
梁彬,教授,博士生导师。中国科学院软件研究所博士,清华大学博士后。中国人民大学十大教学标兵。
电话 :010-82500680
个人主页:https://rucsesec.github.io/
电子邮箱:liangb(at)ruc(dot)edu(dot)cn
更多
教育经历
中国科学院软件研究所工学博士
工作经历
中国人民大学讲师、副教授、教授
清华大学博士后
清华大学博士后
研究方向
1. 软件安全分析:软件智能分析、缺陷漏洞检测、模糊测试;
2. 人工智能安全:针对人工智能/机器学习系统的攻击与防御方法研究;
3. 移动安全:移动应用分析、移动安全攻防、新型威胁识别;
4.系统软件安全机制:主要研究以操作系统为代表的系统软件中的安全增强机制;
欢迎有志于信息安全研究的同学报考我的博士和硕士研究生。也欢迎本科生进入实验室,参与研究和开发工作。
2. 人工智能安全:针对人工智能/机器学习系统的攻击与防御方法研究;
3. 移动安全:移动应用分析、移动安全攻防、新型威胁识别;
4.系统软件安全机制:主要研究以操作系统为代表的系统软件中的安全增强机制;
欢迎有志于信息安全研究的同学报考我的博士和硕士研究生。也欢迎本科生进入实验室,参与研究和开发工作。
讲授课程
1.网络空间安全导论(本科)
2.程序设计安全(本科)
3.软件安全分析与测试(研究生)
2.程序设计安全(本科)
3.软件安全分析与测试(研究生)
科研项目
- 国家自然科学基金项目:针对目标检测模型中对抗补丁攻击的检测和防御 —— 一种基于局部性的方法(项目负责人);
- 国家自然科学基金通用技术基础研究联合基金重点支持项目:漏洞相关数据集中的知识发现及在漏洞检测中的应用(项目负责人)
- 国家科技重大专项课题 ******(项目负责人);- 国家自然科学基金重点项目分课题:软件安全性分析的关键技术与工具(项目负责人);
- “核高基”重大专项课题任务:新一代Android应用安全性分析(项目负责人);
- “核高基”重大专项课题任务:浏览器执行环境安全(项目负责人);
- “核高基”重大专项课题任务:Android缺陷检测及攻击验证(项目负责人);
- “核高基”重大专项课题任务:Android/Linux及Chrome/Chromium新型桌面/浏览器的安全性分析(项目负责人);
- 国家自然科学基金项目:动态污点分析中的隐式信息流分析方法研究(项目负责人);
- 国家自然科学基金项目:基于数据挖掘的安全漏洞静态检测方法研究(项目负责人);
- 国家自然科学基金项目:结合系统结构特征的系统软件安全脆弱性静态检测方法研究(项目负责人);
- 北京市自然科学基金项目:基于静态检测的Web信息系统安全漏洞发掘方法研究(项目负责人);
- ...
科研成果
近年主要论文:
近年主要专利:
-Changqing Miao, Jianan Feng, Wei You, Wenchang Shi, Jianjun Huang∗, Bin Liang∗. A Good Fishman Knows All the Angles: A Critical Evaluation of Google’s Phishing Page Classifier. Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS 2023). (CCF-A)
-Suyue Guo, Xinyu Wang, Wei You*, Bin Liang, Wenchang Shi, Yiwei Zhang, Jianjun Huang, Jian Zhang. Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers. Proceedings of the 45th ACM/IEEE Internatinoal Conference on Software Engineering (ICSE 2023). (CCF-A)
-Xiaohui Zhang, Yuanjun Gong, Bin Liang*, Jianjun Huang, Wei You, Wenchang Shi, Jian Zhang. Hunting Bugs with Accelerated Optimal Graph Vertex Matching. The 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2022). (CCF-A).
-Bin Liang, Hongcheng Li, Miaoqiang Su, Xirong Li, Wenchang Shi and Xiaofeng Wang. Detecting Adversarial Image Examples in Deep Neural Networks with Adaptive Noise Reduction. IEEE Transactions on Dependable and Secure Computing (TDSC). vol. 18, no. 01, pp. 72-85, 2021. (CCF-A).
-Jianjun Huang, Songming Han, Wei You, Wenchang Shi, Bin Liang*, Jingzheng Wu and Yanjun Wu. Hunting Vulnerable Smart Contracts via Graph Embedding Based Bytecode Matching. IEEE Transactions on Information Forensics and Security. (TIFS), vol. 16, pp. 2144-2156, 2021. (CCF-A).
-Shilei Bai, Bin Liang*, Jianjun Huang, Wei You, Jiachun Li, Yaping Li, Wenchang Shi. Detecting the Capacitance-based Gamepad for Protecting Mobile Game Fairness. IEEE Transactions on Computers (ToC). vol. 70, no. 9, pp. 1374-1386, 2021. (CCF-A).
-Jianjun Huang, Jiasheng Jiang, Wei You, Bin Liang*. Precise Dynamic Symbolic Execution for Nonuniform Data Access in Smart Contracts. IEEE Transactions on Computers (ToC). online, 2021. (CCF-A).
-Pan Bian, Bin Liang*, Jianjun Huang, Wenchang Shi, Xidong Wang, Jian Zhang. SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed. In Proceedings of the 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’20), pages 11011113, 2020. (CCF-A).
-Jiwei Yan, Hao Liu, Linjie Pan, Jun Yan, Jian Zhang, Bin Liang. Multiple-Entry Testing of Android Applications by Constructing Activity Launching Contexts. In Proceedings of the 42nd International Conference on Software Engineering (ICSE 2020). (CCF-A).
-Wei You, Bin Liang*, Wenchang Shi, Peng Wang and Xiangyu Zhang. TaintMan: An ART-Compatible Dynamic Taint Analysis Framework on Unmodified and Non-Rooted Android Devices. IEEE Transactions on Dependable and Secure Computing (TDSC), vol. 17, no. 1, pp. 209-222, 1 Jan.-Feb. 2020. (CCF-A).
-Hongcheng Li, Jiangjun Huang, Bin Liang, Wenchang Shi, Yifang Wu, Shilei Bai. Identifying Parasitic Malware as Outliers by Code Clustering. Journal of Computer Security (JCS), vol.28, no.2, pp.157-189. Jan. 2020. (CCF-B).
-Yifang Wu, Jiangjun Huang, Bin Liang, Wenchang Shi. Do Not Jail My App: Detecting the Android Plugin Environments by Time Lag Contradiction. Journal of Computer Security (JCS), vol.28, no.2, pp.269-293. Jan. 2020. (CCF-B).
-Pan Bian, Bin Liang*, Yan Zhang, Chaoqun Yang, Wenchang Shi, and Yan Cai. Detecting Bugs by Discovering Expectations and Their Violations. IEEE Transactions on Software Engineering (TSE), 45(10): 9841001, 2019. (CCF-A).
-Wei You, Xuwei Liu, Shiqing Ma, David Perry, Xiangyu Zhang, Bin Liang. SLF: Fuzzing without Valid Seed Inputs. In Proceedings of the 41st International Conference on Software Engineering (ICSE 2019). (CCF-A).
-Wei You, Xueqiang Wang, Shiqing Ma, Jianjun Huang, Xiangyu Zhang, XiaoFeng Wang, Bin Liang. ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Detection. In Proceedings of the 40th IEEE Symposium on Security and Privacy (S&P 2019). (CCF-A).
-Yan Cai, Biyun Zhu, Ruijie Meng, Hao Yun, Liang He, Purui Su, Bin Liang. Detecting Concurrency Memory Corruption Vulnerabilities. In Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2019). (CCF-A).
-Bin Liang, Hongcheng Li, Miaoqiang Su, Pan Bian, Xirong Li, Wenchang Shi. Deep Text Classification Can Be Fooled. Proc. 27th International Joint Conference on Artificial Intelligence (IJCAI 2018), pp.4208-4215. (CCF-A).
-Pan Bian, Bin Liang*, Wenchang Shi, Jianjun Huang, and Yan Cai. NARMiner: Discovering Negative Association Rules from Code for Bug Detection. In Proceedings of the 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’18), pages 411422, 2018. (CCF-A).
-Yuanjun Gong, Bin Liang*, Jianjun Huang. Fooling Image Search Engine. DEF CON, China. 2018.
-Wei You, Peiyuan Zong, Kai Chen, XiaoFeng Wang, Xiaojing Liao, Pan Bian, Bin Liang. SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits. In Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS 2017). (CCF-A).
-Bin Liang, Pan Bian, Yan Zhang, Wenchang Shi, Wei You, Yan Cai. AntMiner: Mining More Bugs by Reducing Noise Interference. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016), May 2016. (CCF-A).
-Wei You, Bin Liang*, Wenchang Shi, Shuyang Zhu, Peng Wang, Sikefu Xie, Xiangyu Zhang. Reference Hijacking: Patching, Protecting and Analyzing on Unmodified and Non-Rooted Android Devices. In Proceedings of the 38th International Conference on Software Engineering (ICSE 2016), May 2016. (CCF-A).
-Bin Liang, Miaoqiang Su, Wei You, Wenchang Shi, Gang Yang. Cracking Classifiers for Evasion: A Case Study on the Google’s Phishing Pages Filter. In Proceedings of the 25th International World Wide Web Conference (WWW 2016), April 2016. (CCF-A).
-Wei You, Bin Liang*, Jingzhe Li, Wenchang Shi, Xiangyu Zhang. Android Implicit Information Flow Demystified. ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2015). (CCF-C).
-Bin Liang, Wei You, Liangkun Liu, Wenchang Shi, Mario Heiderich. Scriptless Timing Attacks on Web Browser Privacy. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2014). (CCF-B)
-Jianjun Huang, Xiangyu Zhang, Lin Tan, Peng Wang, Bin Liang. AsDroid: detecting stealthy behaviors in Android applications by user interface and program behavior contradiction. In Proceedings of the 36th International Conference on Software Engineering (ICSE 2014), pp.1036-1046 . (CCF-A).
-Bin Liang, Wei You, Wenchang Shi, Zhaohui Liang. Detecting stealthy malware with inter-structure and imported signatures. ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2011) . (CCF-C)
-李赞, 边攀, 石文昌, 梁彬*. 一种利用补丁的未知漏洞发现方法. 软件学报, 2018, v.29(05):27-40.
......
近年主要专利:
-梁彬, 李红程. 一种深度神经网络图像对抗样本检测方法和系统. CN202010111521.X
-梁彬, 韩松明, 黄建军, 石文昌. 一种以太坊智能合约漏洞检测方法及装置. CN201911316138.1
-梁彬, 白石磊, 黄建军, 游伟, 李佳纯, 石文昌. 一种电容游戏手柄的检测方法和系统. CN201911323783.6
-梁彬,李赞,边攀,石文昌. 一种利用补丁信息进行未知漏洞发现的相似性检测方法. ZL201810047837.X
-梁彬, 游伟, 李赞, 石文昌. 一种基于动态污点分析的按需跟踪方法及装置. ZL201510802094.9.
......
社会兼职
中国电子学会软件定义推进委员会委员
中国计算机学会软件工程专委委员
GSP政府安全计划微软源代码查看授权专家
荣誉获奖
2021年中国计算机学会自然科学一等奖(高精度智能化的软件分析与测试方法)
2017年中国人民大学十大教学标兵