Welcome! I am a first-year Computer Science Ph.D. student at Indiana University Bloomington, advised by Prof. Luyi Xing. Previously, I received my B.Eng. and M.Eng. degree(advised by Prof. Guojun Peng ) from Wuhan University in 2020 and 2023, respectively. In general, my research area is system and software security. I mainly focus on vulnerability discovery and exploitation, with a broad interest in machine learning security and program analysis techniques. I have done a lot of hackings on IoT devices, including routers, smart speakers, etc. Recently, I am learning programming languages and deep learning :)

News

[2023-08-14] Asus acknowledged my name on their product hall of fame :) [link] [2023-08-08] Lenovo patched the vulnerabilities I reported early this year. [link] [2023-08-02] Arrived at USA! Starting a new journey! [2023-06-20] Received first class Graduate Outstanding Scholarship, awarded for 4,000¥. [2023-05-24] I am awarded as an Outstanding Graduate Student from WHU. [2023-05-20] Successfully defended my master thesis! Thanks for all my professors! Cheers! [2023-01-30] One paper accepted to China Communication. [2022-12-21] Found three more vulnerabilities in UEFI, reported to vendors! [2022-12-19] We, the 10TG team, got 7th at Datacon 2022 IoT Security Track and 5,000¥ prizes. [press] [2022-09-21] Got first class scholarship for Graduate Student, awarded for 4,000¥. [2022-02-17] I am nominated as an annual oustanding member(ranked 1st, my ID: 呆毛王与咖喱棒) in 52pojie(the biggest security forum in China). [link] [2021-11-09] We, the 10TG team, got 1st at Datacon 2021 Email Security Track and 50,000¥ prizes. [press]

Show More

Publications

[4] Research on Firmware Vulnerability Discovery Technology Based on Reaching Definition Analysis Runyuan Mei, Yanhao Wang, Zichuan Li, Guojun Peng Journal of Cyber Security, (Accepted)

[3] EN-Bypass: a security assessment method on e-mail user interface notification Jingyi Yuan, Zichuan Li, Guojun Peng Chinese Journal of Network and Information Security, 2023, 9(3): 90-101

[2] A Survey on the Evolution of Bootkits Attack and Defense Techniques Yilin Zhou, Guojun Peng, Zichuan Li, Side Liu China Communication, (Accepted)

[1] Research on entity recognition and alignment of APT attack based on Bert and BiLSTM-CRF Xiuzhang Yang, Guojun Peng, Zichuan Li, Yangqi Lv, Side Liu, Chenguang Li Journal on Communications, 2022, Vol. 43 Issue (6)

Vulnerability Credits

• Acer: CVE-2022-30426, CVE-2022-41415, CVE-2022-40080

• Asus: Product Security Hall of Fame, July 2023

• Lenovo: CVE-2022-48181, CVE-2022-48188, CVE-2023-34419, CVE-2023-4028, CVE-2023-4029, CVE-2023-43577, CVE-2023-43578, CVE-2023-43579, CVE-2023-43580, CVE-2023-43581, CVE-2023-43575, CVE-2023-43576, CVE-2023-43571, CVE-2023-43572, CVE-2023-43573, CVE-2023-43574, CVE-2023-43567, CVE-2023-43568, CVE-2023-43569, CVE-2023-43570, CVE-2023-5075

• Netgear: CVE-2022-30079, CVE-2022-30078

Honors & Awards

05/2023, Outstanding Graduate Student, Wuhan University. 12/2022, 7th at Datacon Data Security Analytics Competition: IoT security Track. ($700) 09/2022, 1st rank scholarship for graduate students in Wuhan University. ($600) 12/2021, 1st at Datacon Data Security Analytics Competition: Email Security Track. ($7000) 09/2021, 1st rank scholarship for graduate students in Wuhan University. ($600) 05/2021, 1st rank scholarship for research excellent in Wuhan University 11/2020, 3rd Prize at Coremail Email Security Competition. ($1500) 09/2019, 3rd Prize at Chinese Information Hiding Competition.

Teaching & Services

• Teaching experience Software Security, Wuhan University, Teaching Assistant, 2020 fall Software Security, Online Mooc, Teaching Assistant, 2021 Spring

• Sub-reviewer Workshop on Secure and Trustworthy Superapps, 2023 Mobile Networks and Applications, 2021 Journal of Cybersecurity, 2021

• Organizing Committee 9th XDef Network and Information Security Protection Summit 8th XDef Network and Information Security Protection Summit