Yang Xiao

Orcid: 0009-0005-8009-2252

Affiliations:
  • Chinese Academy of Sciences, Institute of Information Engineering, School of Cyber Security, Beijing, China


According to our database1, Yang Xiao authored at least 33 papers between 2019 and 2026.

Collaborative distances:
  • Dijkstra number2 of four.
  • Erdős number3 of four.

Timeline

Legend:

Book  In proceedings  Article  PhD thesis  Dataset  Other 

Links

Online presence:

On csauthors.net:

Bibliography

2026
Through the Authentication Maze: Detecting Authentication Bypass Vulnerabilities in Firmware Binaries.
Proceedings of the 33rd Annual Network and Distributed System Security Symposium, 2026

LifeFuzz: Lifecycle-Guided Fuzzing for Windows Driver Cross-Handler Vulnerabilities.
Proceedings of the 21st European Conference on Computer Systems, 2026

2025
Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

Artifact for "ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency".
Dataset, June, 2025

Fine-Grained 1-Day Vulnerability Detection in Binaries via Patch Code Localization.
CoRR, January, 2025

ZIPPER: Static Taint Analysis for PHP Applications with Precision and Efficiency.
Proceedings of the 34th USENIX Security Symposium, 2025

VULCANBOOST: Boosting ReDoS Fixes through Symbolic Representation and Feature Normalization.
Proceedings of the 34th USENIX Security Symposium, 2025

From Constraints to Cracks: Constraint Semantic Inconsistencies as Vulnerability Beacons for Embedded Systems.
Proceedings of the 34th USENIX Security Symposium, 2025

A Large Scale Study of AI-based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners.
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

Advancing Binary Code Similarity Detection via Context-Content Fusion and LLM Verification.
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

Vulnerability-Affected Versions Identification: How Far Are We?
Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering, 2025

A Coverage-Guided Fuzzing Method for Non-Access Stratum Protocol.
Proceedings of the 31st International Conference on Telecommunications, 2025

RRCFuzzer: A 3GPP-Guided Fuzzing Method for Radio Resource Control Protocol.
Proceedings of the 31st International Conference on Telecommunications, 2025

2024
Asteria-Pro: Enhancing Deep Learning-based Binary Code Similarity Detection by Incorporating Domain Knowledge.
ACM Trans. Softw. Eng. Methodol., January, 2024

Leveraging Semantic Relations in Code and Data to Enhance Taint Analysis of Embedded Systems.
Proceedings of the 33rd USENIX Security Symposium, 2024

File Hijacking Vulnerability: The Elephant in the Room.
Proceedings of the 31st Annual Network and Distributed System Security Symposium, 2024

SCALE: Constructing Structured Natural Language Comment Trees for Software Vulnerability Detection.
Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2024

LibvDiff: Library Version Difference Guided OSS Version Identification in Binaries.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024

2023
Towards Practical Binary Code Similarity Detection: Vulnerability Verification via Patch Semantic Analysis.
ACM Trans. Softw. Eng. Methodol., November, 2023

Detecting API Post-Handling Bugs Using Code and Description in Patches.
Proceedings of the 32nd USENIX Security Symposium, 2023

Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Learning Program Semantics for Vulnerability Detection via Vulnerability-Specific Inter-procedural Slicing.
Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2023

Decompilation Based Deep Binary-Source Function Matching.
Proceedings of the Science of Cyber Security - 5th International Conference, 2023

ACETest: Automated Constraint Extraction for Testing Deep Learning Operators.
Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, 2023

Enhancing OSS Patch Backporting with Semantics.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
Unleashing the power of pseudo-code for binary code similarity analysis.
Cybersecur., 2022

RegexScalpel: Regular Expression Denial of Service (ReDoS) Defense by Localize-and-Fix.
Proceedings of the 31st USENIX Security Symposium, 2022

VERJava: Vulnerable Version Identification for Java OSS with a Two-Stage Analysis.
Proceedings of the IEEE International Conference on Software Maintenance and Evolution, 2022

2021
B2SMatcher: fine-Grained version identification of open-Source software in binary files.
Cybersecur., 2021

VIVA: Binary Level Vulnerability Identification via Partial Signature.
Proceedings of the 28th IEEE International Conference on Software Analysis, 2021

2020
MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures.
Proceedings of the 29th USENIX Security Symposium, 2020

2019
Open-Source License Violations of Binary Software at Large Scale.
Proceedings of the 26th IEEE International Conference on Software Analysis, 2019


  Loading...