About Me

Dr. Guozhu Meng obtained his Ph.D degree from the School of Computer Science and Engineering, Nanyang Technological University, Singapore at 2017. His supervisors are Full Prof. Liu Yang and Full Prof. Zhang Jie.

He joined Institute of Information Engineering of Chinese Academy of Sciences as Associate Professor in 2018. His research focuses on system security and artificial intelligence security as follows:

Android security. We employ multiple techniques such as static analysis and machine learning to detect Android malware (ISSTA 2016, IJCNN 2016). With evolutionary algorithms, we conduct a work to evaluate existing anti-malware tools (AsiaCCS 2016, TIFS 2017). Another work has been done, with regard to Android ecosystem, to analyze the spread model of Android malware across multiple markets (TIFS 2019), security analysis of third-party libraries (C&S 2019), and security patches of apps across versions.

Big data analysis. We have collected millions of Android apps and malware, and conducted a work to try to learn knowledge from the big data such as bug detection and crash analysis (FSE 2017, ICSE 2018), automated GUI code generation (ICSE 2018), malware characteristics (ASE 2019), evolution and trend.

Vulnerability detection. We attempt to detect weaknesses existing in Android apps, especially in security-critical apps such as financial apps (FSE 2019, ICSE 2020). In addition, we perform a large-scale analysis of vulnerabilities in five C projects and identify around four thousand security bugs among them (ICSE 2020), of which the data is released at https://github.com/twelveand0/CarrotsBlender.

AI Security and Privacy. We have conducted a comprehensive survey on security and privacy of deep learning systems which has been accepted by IEEE Transactions on Software Engineering (https://arxiv.org/abs/1911.12562). We are also interested in protecting deep learning system from model stealing (USENIX Sec 2021), backdoor and model inversion.

Recent news

  • :star2: [03/06/2023] Our paper “Differential Testing of Cross Deep Learning Framework APIs: Revealing Inconsistencies and Vulnerabilities” is accepted by USENIX Security 2023. Congratulations to Zizhuang, Liu Tong and Xiang Lu!
  • :star2: [09/05/2023] Our paper “Good-looking but Lacking Faithfulness: Understanding Local Explanation Methods through Trend-based Testing” is accepted by CCS 2023. Congratulations to Jinwen and Congyi!
  • :star2: [30/04/2023] Our paper “Aliasing Backdoor Attacks on Pre-trained Models” is accepted by USENIX Security 2023. Congratulations to Chengan and Peizhuo!
  • :star2: [09/12/2022] Our paper “ContraBERT: Enhancing Code Pre-trained Models via Contrastive Learning” is accepted by ICSE 2023. Congratulations to Shangqing!
  • :star2: [04/11/2022] I was awared as Beijing Nova 2023, a very competing award for young researchers from both academia and industry in Beijing.
  • :star2: [24/04/2022] Our paper “Understanding Real-world Threats to Deep Learning Models in Android Apps” is accepted by CCS 2022. Congratulations to Zizhuang and Xiaodong!
  • :star2: [18/12/2021] Our paper “Learning Program Semantics with Code Representations: An Empirical Study” is accepted by SANER 2022.
  • [31/7/2021] Our paper “VALL-NUT: Principled Anti-Greybox-Fuzzing” is accepted by ISSRE 2021.
  • [02/07/2021] The 4th International Workshop on Advances in Mobile App Analysis is open for submission, please submit your paper at the following link: https://easychair.org/conferences/?conf=amobile2021 (A-Mobile: https://a-mobile.github.io/)
  • [16/1/2021] Our two papers “SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization” and “Have You been Properly Notified? Automatic Compliance Analysis of Privacy Policy Text with GDPR Article 13” are accepted by WWW 2021.
  • [8/12/2020] Our paper “DRMI: A Dataset Reduction Technology based on Mutual Information for Black-box Attacks” is accepted by USENIX Security 2021.
  • Our paper “Towards Security Threats of Deep Learning Systems: A Survey” is accepted by IEEE TSE 2020.
  • Our paper “A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices” is accepted by IEEE TIFS 2020.
  • Our paper “A3IDENT: A Two-phased Approach to Identify the Leading Authors of Android Apps” is accepted by ICSME 2020.
  • Our two papers have been accepted for publication in ICSE 2020: “A Large-Scale Empirical Study on Vulnerability Distribution within Projects and the Lessons Learned” and “An Empirical Assessment of Security Risks of Global Android Banking Apps”.
  • Our paper “RoLMA: A Practical Adversarial Attack against Deep Learning-based LPR Systems” has been accepted for publication in Inscrypt 2019.
  • Won 2019 ACM SIGSAC China Arising Star Award.
  • Our paper “Characterizing Android Signature Issues” has been accepted for publication in ASE 2019.
  • We are organizing an issus on “Data-driven Security” for Cybersecurity journal with Dr. Liu Yang, Dr. Ou xinming, and Dr. Xing Xinyu. Please refer to the following link about this issue. https://mp.weixin.qq.com/s/hn8wUtyTnpay_yDcuWj5KA. All the initiative and empirical artifacts on security are welcome.
  • The 2nd International Workshop on Advances in Mobile App Analysis is open, please submit your paper at the following link: https://2019.ase-conferences.org/home/a-mobile-2019#Call-for-Papers (A-Mobile: https://a-mobile.github.io/)
  • Our paper “Securing Android App Markets via Modelling and Predicting Malware Spread between Markets” has been accepted for publication in the IEEE Transactions on Information Forensics and Security.
  • We are organizing an exciting workshop on mobile app analysis (A-Mobile: https://a-mobile.github.io/ as a satellite event of the prestigious software engineering conference ASE 2018. We welcome all relevant submissions via easychair link: https://easychair.org/conferences/?conf=amobile2018
  • Our ICSE 2018 paper "Large-Scale Analysis of Framework-Specific Exceptions in Android Apps" won ACM SIGSOFT Distinguished Paper Award
  • Our two research papers on empirical study of framework exception in Android, and deep learning based code generation from Android GUI designs is accepted by ICSE 2018
  • Our Automated Android App Testing tool-Stoat won the First Prize of Tool Demo in NASAC 2017
  • Our research paper on mining design templates for Java projects is accepted by ASE 2017
  • Our research paper on model-based Android app testing is accepted by ESEC/FSE 2017