Xiangkun Jia

Xiangkun Jia

贾相堃

I obtained my B.E. degree in Information Security from Harbin Institute of Technology (HIT) in 2012. During college, I was transferred to Feng Chia University (Taiwan) in 2010. I obtained my Ph.D. degree in Computer Applications Technology from the TCA lab at Institute of Software Chinese Academy of Sciences (ISCAS) in 2012-2018, was co-advised by Professor Purui Su and Professor Dengguo Feng . After, I worked as a Postdoc at the Software Systems Security lab headed by Professor Dinghao Wu in The Pennsylvania State University (PSU) in 2018-2019.

My research interests focus on software engineering and software security, including program analysis, vulnerability analysis and malware detection. I am now working on several projects, including:

  • Dynamic program analysis
  • Vulnerability discovery based on fuzzing
  • Patch analysis and software supply chain security

📝 Publications

  • AirTaint: Making Dynamic Taint Analysis Faster and Easier.
    Qian Sang, Yanhao Wang, Yuwei Liu, Xiangkun Jia*, Tiffany Bao, Purui Su
    The 45th IEEE Symposium on Security and Privacy (S&P 2024, CCF-A)

  • AFGen: Whole-Function Fuzzing for Applications and Libraries.
    Yuwei Liu, Yanhao Wang, Xiangkun Jia, Zheng Zhang, Purui Su
    The 45th IEEE Symposium on Security and Privacy (S&P 2024, CCF-A)

  • LGBRoot: Local Graph-Based Automated Vulnerability Root Causes Analysis.📃
    Yuanping Yu, Purui Su, Huafeng Huang, Xiangkun Jia
    Journal of Software. (CCF-T1, in Chinese)

  • A fine-grained assessment method of vulnerability impact scope for PyPI ecosystem.
    Zibo Wang, Xiangkun Jia*, Lingyun Ying, Purui Su
    Journal of Software. (CCF-T1, in Chinese)

  • Research Progress and Trends in Software Supply Chain Security.📂Online
    Xiangkun Jia, Yuan Zhang, Jia Yan, Purui Su, Min Yang, Dengguo Feng
    2021-2022 China Computer Science and Technology Development Report. (in Chinese)

  • Understanding and Mitigating Label Bias in Malware Classification: An Empirical Study.
    Jia Yan, Xiangkun Jia*, Lingyun Ying, Jia Yan, Purui Su
    The 22nd IEEE International Conference on Software Quality, Reliability and Security (QRS 2022, CCF-C)

  • DitDetector: Bimodal Learning based on Deceptive Image and Text for Macro Malware Detection.📂Code
    Jia Yan, Ming Wan, Xiangkun Jia, Lingyun Ying, Purui Su, Zhanyi Wang
    The Annual Computer Security Applications Conference (ACSAC 2022, CCF-B)

  • HTFuzz: Heap Operation Sequence Sensitive Fuzzing.📂Code
    Yuanping Yu, Xiangkun Jia*, Yuwei Liu, Yanhao Wang, Qian Sang, Chao Zhang, Purui Su
    The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2022, CCF-A)

  • Automatic exploitation generation method of write-what-where vulnerability.
    Huafeng Huang, Purui Su, Yi Yang, Xiangkun Jia
    Journal on Communications. Vol. 43 No. 1, 2022. (CCF-T1, in Chinese)

  • InstruGuard: Find and Fix Instrumentation Errors for Coverage-based Greybox Fuzzing.📂Code
    Yuwei Liu, Yanhao Wang, Purui Su, Yuanping Yu, Xiangkun Jia*
    The 37th IEEE/ACM International Conference on Automated Software Engineering (ASE 2021, CCF-A)
  • Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization.📂Code
    Yanhao Wang, Xiangkun Jia, Yuwei Liu, Kyle Zeng, Tiffany Bao, Dinghao Wu, Purui Su
    The Network and Distributed System Security Symposium (NDSS 2020, CCF-A)

  • Towards Efficient Heap Overflow Discovery.
    Xiangkun Jia, Chao Zhang, Purui Su, Yi Yang, Huafeng Huang, Dengguo Feng
    Proceedings of the 26th USENIX Security Symposium (Security 2017, CCF-A)

  • Automatically assessing crashes from heap overflows.
    Liang He, Yan Cai, Hong Hu, Purui Su, Zhenkai Liang, Yi Yang, Huafeng Huang, Jia Yan, Xiangkun Jia, Dengguo Feng
    The 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE 2017, CCF-A)

  • Safety analysis and evaluation of security protocol implementation.
    Xiangkun Jia, Jia Yan, Purui Su
    Bulletin of Chinese Association for Cryptologic Research. Issue 6, 2014. (in Chinese)

🏆 Honors and Awards

  • Supported by Youth Innovation Promotion Association CAS
  • Supported by the Outstanding Science and Technology Talent Program of ISCAS
  • The First Prize of “ZongHengBei” RHG AUTOPWN
  • The Third Prize of BCTF AUTOPWN (20200807), founded by Baidu
  • Internet security scholarship of CHINA Internet Development Foundation in 2017
  • National Scholarship in 2017
  • Excellent graduate of Heilongjiang Province in China in 2012

💻 Professional Activities

  • PC for Conferences including CCS 2025, FC 2025, AsiaCCS 2025, USENIX Security 2024, CCS 2024, ASE 2024, SANER 2024
  • Sub-reviewer/Student PC for Conferences including SecureComm’2023, ACNS’2023, AsiaCCS’2021, ICICS’2021, ICICS’2020, CCS’2019, CNS’2019, S&P 2018, CSET’17, RAID’17, VARA’17, CODASPY’16
  • Youth Editor for the Chinese Journal of Network and Information Security
  • Sub-reviewer for Journals including IEEE Transactions on Network and Service Management, Transactions on Software Engineering, Chinese Journal of Computers, Journal of Software, Chinese Journal of Electronics