Publications
You can also find my articles on my Google Scholar profile. (* for co-first author)
Ziqiao Kong, Cen Zhang, Maoyi Xie, Ming Hu, Yue Xue, Ye Liu, Haijun Wang, Yang Liu. Smart Contract Fuzzing Towards Profitable Vulnerabilities, FSE 2025.
Jiageng Li, Zhen Dong, Chong Wang, Haozhen You, Cen Zhang, Yang Liu, Xin Peng. LLM Based Input Space Partitioning Testing for Library APIs, ICSE 2025.
Xiaohan Zhang*, Cen Zhang*, Xinghua Li, Zhengjie Du, Bing Mao, Yuekang Li, Yaowen Zheng, Yeting Li, Li Pan, Yang Liu, Robert Deng. A Survey of Protocol Fuzzing, ACM Computing Surveys.
Baijun Cheng, Cen Zhang, Kailong Wang, Ling Shi, Yang Liu, Haoyu Wang, Yao Guo, Xiangqun Chen. Semantic-Enhanced Indirect Call Analysis with Large Language Models, ASE 2024.
Cen Zhang, Yaowen Zheng, Mingqiang Bai, Yeting Li, Wei Ma, Xiaofei Xie, Yuekang Li, Limin Sun, Yang Liu. How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation, ISSTA 2024.
Jiongchi Yu, Xiaofei Xie, Cen Zhang, Sen Chen, Yuekang Li, Wenbo Shen. Bugs in Pods: Understanding Bugs in Container Runtime Systems, ISSTA 2024.
Bohan Liu, Zong Cao, Zheng Wang, Yeqi Fu, Cen Zhang. Achilles' Heel of JS Engines: Exploiting Modern Browsers During WASM Execution, Black Hat USA 2024.
Maoyi Xie, Ming Hu, Ziqiao Kong, Cen Zhang, Yebo Feng, Haijun Wang, Yue Xue, Hao Zhang, Ye Liu, Yang Liu. DeFort: Automatic Detection and Analysis of Price Manipulation Attacks in DeFi Applications, ISSTA 2024.
Zhengjie Du, Yuekang Li, Yaowen Zheng, Xiaohan Zhang, Cen Zhang, Yi Liu, Sheikh Mahbub Habib, Xinghua Li, Linzhang Wang, Yang Liu, Bing Mao. Medusa: Unveil Memory Exhaustion DoS Vulnerabilities in Protocol Implementations, WWW 2024.
Yiming Liu, Cen Zhang, Feng Li, Yeting Li, Jianhua Zhou, Jian Wang, Lanlan Zhan, Yang Liu, Wei Huo. Semantic-Enhanced Static Vulnerability Detection in Baseband Firmware, ICSE 2024. Acceptance Rate: 8% (65/808), 10K+ USD Bug Bounty
ACM SIGSOFT Distinguished Paper Award
Yi Liu, Yuekang Li, Gelei Deng, Yao Du, Cen Zhang, Chengwei Liu, Yeting Li, Lei Ma, Yang Liu. Aster: Automatic Speech Recognition System Accessibility Testing for Stutterers, ASE 2023.
Yao Zhang, Xiaofei Xie, Yi Li, Sen Chen, Cen Zhang, Xiaohong Li. EndWatch: A Practical Method for Detecting Non-Termination in Real-World Software, ASE 2023.
ACM SIGSOFT Distinguished Paper Award
Xinyi Wang*, Cen Zhang*, Yeting Li, Zhiwu Xu, Shuailin Huang, Yi Liu, Yican Yao, Yang Xiao, Yanyan Zou, Yang Liu, and Wei Huo. Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation, IEEE S&P 2023.
Cen Zhang, Yuekang Li, Hao Zhou, Xiaohan Zhang, Yaowen Zheng, Xian Zhan, Xiaofei Xie,Xiapu Luo, Xinghua Li, Yang Liu, and Sheikh Mahbub Habib. Automata-Guided Control-Flow-Sensitive Fuzz Driver Generation, USENIX Security 2023.
Yaowen Zheng, Yuekang Li, Cen Zhang, Hongsong Zhu, Yang Liu, and Limin Sun. Efficient Greybox Fuzzing of Applications in Linux-Based IoT Devices via Enhanced User-Mode Emulation, ISSTA 2022.
Muhui Jiang, Lin Ma, Yajin Zhou, Qiang Liu, Cen Zhang, Zhi Wang, Xiapu Luo, Lei Wu, and Kui Ren. ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels, CCS 2021.
Cen Zhang, Xingwei Lin, Yuekang Li, Yinxing Xue, Jundong Xie, Hongxu Chen, Xinlei Ying, Jiashui Wang, and Yang Liu. APICraft: Fuzz Driver Generation for Closed-source SDK Libraries, USENIX Security 2021.
Most Influential Research Paper of Year 2021 in Ant Finance
Qiang Liu*, Cen Zhang*, Lin Ma, Muhui Jiang, Yajin Zhou, Lei Wu, Wenbo Shen, Xiapu Luo, Yang Liu, and Kui Ren. FirmGuide: Boosting the Capability of Rehosting Embedded Linux Kernels Through Model-Guided Kernel Execution, ASE 2021.
Yuekang Li, Guozhu Meng, Jun Xu, Cen Zhang, Hongxu Chen, Xiaofei Xie, Haijun Wang, and Yang Liu. Vall-nut: Principled anti-grey box fuzzing, ISSRE 2021.
Cen Zhang*, Yuekang Li*, Hongxu Chen, Xiaoxing Luo, Miaohua Li, Anh Quynh Nguyen, and Yang Liu. BIFF: Practical Binary Fuzzing Framework for Programs of IoT and Mobile Devices, ASE 2021 Industrial Track.
Yuekang Li, Hongxu Chen, Cen Zhang, Siyang Xiong, Chaoyi Liu, and Yi Wang. Ori: A Greybox Fuzzer for SOME/IP Protocols in Automotive Ethernet, APSEC 2020.
Best Paper Award in Early Research Achievement Track
Hongxu Chen, Shengjian Guo, Yinxing Xue, Yulei Sui, Cen Zhang, Yuekang Li, Haijun Wang, and Yang Liu. MUZZ: Thread-aware grey-box fuzzing for effective bug hunting in multithreaded programs, USENIX Security 20.
Cen Zhang, Yuekang Li, Hongxu Chen, Anh Quynh Nguyen, Yang Liu. BiFF: An Effective Binary Fuzzing Framework with Cross-Architecture Support, NASAC 2019.
First Award in Software Prototype Competition Free Track
Yuekang Li, Yinxing Xue, Hongxu Chen, Xiuheng Wu, Cen Zhang, Xiaofei Xie, Haijun Wang, and Yang Liu. Cerebro: context-aware adaptive fuzzing for effective vulnerability detection, ESEC/FSE 2019.