Wei Huo

Orcid: 0009-0000-7121-1196

Affiliations:
  • Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China


According to our database1, Wei Huo authored at least 56 papers between 2010 and 2026.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.

Timeline

Legend:

Book  In proceedings  Article  PhD thesis  Dataset  Other 

Links

Online presence:

On csauthors.net:

Bibliography

2026
Through the Authentication Maze: Detecting Authentication Bypass Vulnerabilities in Firmware Binaries.
Proceedings of the 33rd Annual Network and Distributed System Security Symposium, 2026

LifeFuzz: Lifecycle-Guided Fuzzing for Windows Driver Cross-Handler Vulnerabilities.
Proceedings of the 21st European Conference on Computer Systems, 2026

2025
Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency.
Proceedings of the 34th USENIX Security Symposium, 2025

VULCANBOOST: Boosting ReDoS Fixes through Symbolic Representation and Feature Normalization.
Proceedings of the 34th USENIX Security Symposium, 2025

From Constraints to Cracks: Constraint Semantic Inconsistencies as Vulnerability Beacons for Embedded Systems.
Proceedings of the 34th USENIX Security Symposium, 2025

State Significance-Guided Fuzzing for Stateful Protocol Program.
Proceedings of the Theoretical Aspects of Software Engineering, 2025

A Large Scale Study of AI-based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners.
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

Vulnerability-Affected Versions Identification: How Far Are We?
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

Understanding Resource Injection Vulnerabilities in Kubernetes Ecosystems.
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

Fuzzing for Stateful Protocol Programs Based on Constraints between States and Message Types.
Proceedings of the 16th International Conference on Internetware, 2025

A Coverage-Guided Fuzzing Method for Non-Access Stratum Protocol.
Proceedings of the 31st International Conference on Telecommunications, 2025

RRCFuzzer: A 3GPP-Guided Fuzzing Method for Radio Resource Control Protocol.
Proceedings of the 31st International Conference on Telecommunications, 2025

2024
SYNTONY: Potential-aware fuzzing with particle swarm optimization.
J. Syst. Softw., February, 2024

Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems.
Proceedings of the 33rd USENIX Security Symposium, 2024

Fuzzing for Stateful Protocol Implementations: Are We There Yet?
Proceedings of the Theoretical Aspects of Software Engineering, 2024

File Hijacking Vulnerability: The Elephant in the Room.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

Semantic-Enhanced Static Vulnerability Detection in Baseband Firmware.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

TGRop: Top Gun of Return-Oriented Programming Automation.
Proceedings of the Computer Security - ESORICS 2024, 2024

2023
PosFuzz: augmenting greybox fuzzing with effective position distribution.
Cybersecur., December, 2023

RSFuzzer: Discovering Deep SMI Handler Vulnerabilities in UEFI Firmware with Hybrid Fuzzing.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Decompilation Based Deep Binary-Source Function Matching.
Proceedings of the Science of Cyber Security - 5th International Conference, 2023

EBugDec: Detecting Inconsistency Bugs caused by RFC Evolution in Protocol Implementations.
Proceedings of the 26th International Symposium on Research in Attacks, 2023

Splendor: Static Detection of Stored XSS in Modern Web Applications.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

ACETest: Automated Constraint Extraction for Testing Deep Learning Operators.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

pAFL: Adaptive Energy Allocation with Upper Confidence Bound.
Proceedings of the 2023 13th International Conference on Communication and Network Security, 2023

2022
NDFuzz: a non-intrusive coverage-guided fuzzing framework for virtualized network devices.
Cybersecur., 2022

CAMFuzz: Explainable Fuzzing with Local Interpretation.
Cybersecur., 2022

RIBDetector: an RFC-guided Inconsistency Bug Detecting Approach for Protocol Implementations.
Proceedings of the IEEE International Conference on Software Analysis, 2022

Finding SMM Privilege-Escalation Vulnerabilities in UEFI Firmware with Protocol-Centric Static Analysis.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

A Sanitizer-centric Analysis to Detect Cross-Site Scripting in PHP Programs.
Proceedings of the IEEE 33rd International Symposium on Software Reliability Engineering, 2022

VERJava: Vulnerable Version Identification for Java OSS with a Two-Stage Analysis.
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2022

2021
ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities.
Cybersecur., 2021

B2SMatcher: fine-Grained version identification of open-Source software in binary files.
Cybersecur., 2021

VIVA: Binary Level Vulnerability Identification via Partial Signature.
Proceedings of the 28th IEEE International Conference on Software Analysis, 2021

SoFi: Reflection-Augmented Fuzzing for JavaScript Engines.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

2020
ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis.
Cybersecur., 2020

MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures.
Proceedings of the 29th USENIX Security Symposium, 2020

Exploiting the Trust Between Boundaries: Discovering Memory Corruptions in Printers via Driver-Assisted Testing.
Proceedings of the 21st ACM SIGPLAN/SIGBED International Conference on Languages, 2020

A large-scale empirical study on vulnerability distribution within projects and the lessons learned.
Proceedings of the ICSE '20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June, 2020

2019
Open-Source License Violations of Binary Software at Large Scale.
Proceedings of the 26th IEEE International Conference on Software Analysis, 2019

B2SFinder: Detecting Open-Source Software Reuse in COTS Software.
Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering, 2019

1dVul: Discovering 1-Day Vulnerabilities through Binary Patches.
Proceedings of the 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2019

SRFuzzer: an automatic fuzzing framework for physical SOHO router devices to discover multi-type vulnerabilities.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018
RARE: An Efficient Static Fault Detection Framework for Definition-Use Faults in Large Programs.
IEEE Access, 2018

αDiff: cross-version binary code similarity detection with DNN.
Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering, 2018

A Light-Weight and Accurate Method of Static Integer-Overflow-to-Buffer-Overflow Vulnerability Detection.
Proceedings of the Information Security and Cryptology - 14th International Conference, 2018

2017
Locating Software Faults Based on Minimum Debugging Frontier Set.
IEEE Trans. Software Eng., 2017

2013
Effective fault localization based on minimum debugging frontier set.
Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization, 2013

2012
Can We Make It Faster? Efficient May-Happen-in-Parallel Analysis Revisited.
Proceedings of the 13th International Conference on Parallel and Distributed Computing, 2012

Making it practical and effective: fast and precise may-happen-in-parallel analysis.
Proceedings of the International Conference on Parallel Architectures and Compilation Techniques, 2012

2011
Parallelizing a machine translation decoder for multicore computer.
Proceedings of the Seventh International Conference on Natural Computation, 2011

2010
Level by level: making flow- and context-sensitive pointer analysis scalable for millions of lines of code.
Proceedings of the CGO 2010, 2010


  Loading...