Shuai Wang

Shuai Wang is an associate professor ("长聘副教授") at CSE, HKUST. Prior to that, he was an assistant professor at CSE, HKUST (2019-2024), and was a postdoctoral scholar in the AST lab at ETH Zurich (2018-2019). He received his Ph.D. from Penn State University, and B.S. from Peking University.

I belong to both the Cybersecurity group and the Software Engineering and Programming Languages group at HKUST.

My research focuses on Computer Security and Privacy and Software Engineering.

I am the recipient of a Google Research Scholar Award (2023), two CCF-Tencent Rhino-Bird Young Faculty Open Research Awards (2022 and 2020), and a HK-UGC Early Career Award (2020).

Postdoc/Ph.D/RA openings are available. We primarily work on two directions: 1) software and system security (e.g., fuzzing, static analysis, reverse engineering, side channels, privacy guarantees, and relevances on Web3), and 2) LLM security and privacy.
You could directly contact me to discuss the opportunities.

Teaching

COMP3632: Principles of Cybersecurity (Spring 2024)
COMP3632: Principles of Cybersecurity (Fall 2023)
COMP3632: Principles of Cybersecurity (Spring 2023)
COMP4971A: Independent Work on Systems Security (Spring 2023)
COMP4971B: Independent Work on Systems Security (Spring 2023)
COMP3632: Principles of Cybersecurity (Fall 2022)
COMP3632: Principles of Cybersecurity (Spring 2022)
COMP3632: Principles of Cybersecurity (Fall 2021)
COMP3632: Principles of Cybersecurity (Spring 2021)
COMP6613C: Topics in Computer Security and Privacy (Spring 2021)
COMP3632: Principles of Cybersecurity (Fall 2020)
COMP3632: Principles of Cybersecurity (Fall 2019)
COMP4971A: Independent Work on Software Fuzz Testing (Fall 2019)

Current Team Members

Postdoc

Dr. Zhibo Liu (2023 Fall)
Dr. Huaijin Wang (2023 Winter)

Ph.D. Students

Pingchuan Ma (2020 Fall)
Yuanyuan Yuan (2020 Fall)
Yanzuo Chen (2021 Fall)
Zhenlan Ji (2021 Fall)
Zongjie Li (2021 Fall)
Wai Kin WONG (2021 Fall)
Dongwei Xiao (2021 Fall)
Dong Chen (2022 Fall) Co-advised with Prof. Wei Wang
Hongyi Lu (2022 Fall) Co-advised with Prof. Fengwei Zhang
Sen Deng (2023 Fall)
Yiteng Peng (2023 Fall)
Ao Sun (2023 Fall)
Xunguang Wang (2023 Fall)
Zhaoyu Wang (2023 Fall)
Kuan Li (2023 Fall) Co-advised with Prof. Minhao Cheng

MPhil Students

Yichen Li (2022 Fall)
Sen Li (2022 Fall) Co-advised with Prof. Minhao Cheng

RA/Intern/UG

Zhiwei Lin (2024 Summer). Co-advised with Prof. Daoyuan Wu
Zimo Ji (2024 Summer). Co-advised with Prof. Daoyuan Wu
Yufan Chen (2024 Summer). Co-advised with Prof. Daoyuan Wu
Yigit Sen (2024 Summer) Final Year Thesis
Yuyang Gu (2024 Summer) Co-advised with Prof. Daoyuan Wu

Former Students

Huaijin Wang (Ph.D.^#2) 2019-2023. Thesis: Advanced Binary Similarity Analysis and Its Downstream Applications.
Zhibo Liu (Ph.D.^#1) 2019-2023. Thesis: Towards Assessing and Enhancing Modern Software Reverse Engineering. CSE Best PhD Dissertation Award - Honorable Mention.
Yuzhou Fang (UG@Sichuan University) 2022-2023. Co-advised with Prof. Daoyuan Wu. Smart Contract Security. Ph.D. student @ USC
Zhaoyu Wang (UG@Tongji University) 2022-2023. Co-advised with Pingchuan Ma. Thesis: Program Analysis. Ph.D. student @ HKUST
Ao Sun (UG@UIUC) 2023. Co-advised with Pingchuan Ma. Research on LLM Security. Ph.D. student @ HKUST
Yiteng Peng (UG@USTC) 2023. Co-advised with Yuanyuan Yuan. Membership Inference Attack. Ph.D. student @ HKUST
SINGHAL, Sarthak (2023 Spring UG@HKUST). COMP 4971 (Independent Work) on Intrusion Detection. Security Intern @ Deloitte
Qi Wu (UG@HKUST). 2022-2023. Thesis: NFT Security: Rug Pull Detection. MS student @ CMU.
Wenbo Li (UG@HKUST). 2022-2023. MS student @ USC.
Qihao He (UG@HKUST). 2022-2023. MS student @ TAMU.
Qi Pang (MPhil @ CSE HKUST). 2020-2022. Thesis: Testing Models Solving Markov Decision Processes. Ph.D. student @ CMU.
Wai Kin WONG (MPhil @ CSE HKUST). 2019-2021. Thesis on software security. Ph.D. student @ HKUST.
Kun Hung LUNG (MPhil @ CSE HKUST). Thesis on systems security. 2019-2021. Engineer @ a start-up cybersecurity company.
Wei Chen (MPhil @ CSE HKUST). 2019-2021. Thesis on systems security. RA @ HKUST.
Wangkai Jin (UG @ CSE UNottingham Ningbo). 2021 Summer intern on AI privacy projects. MSCS student @ Duke University.
Yujie Wang (UG @ CSE HKUST). 2020-2021 Thesis: Privacy-Preserving Security Analysis. Ph.D. student @ Washington University in St. Louis.
Xirui Nie (UG @ Fudan University). 2020 Summer intern on compiler & OS security projects. Ph.D. student @ CUHK.
Reiff Loris (UG @ ETH Zurich, co-advised with Prof. Zhendong Su). Thesis: Context-Aware Obfuscation: A Step Towards Defeating Adversary Symbolic Analysis. Continued Masters study @ ETH Zurich.
Nguyen Andy (UG @ ETH Zurich, co-advised with Prof. Zhendong Su). Thesis: Detecting Vulnerabilities in Real-World Software with Fuzz Testing. Information Security Engineer @ Google.

Organization

Co-chair AISTA 2022
Co-chair AISTA 2021

Program committees

2025: IEEE S&P
2024: IEEE S&P, USENIX Security, FSE, ISSTA
2023: IEEE S&P, USENIX Security, CCS, FSE, ISSTA, ASE, PoPETs/PETS, PRDC
2022: CCS, ASE, ICSE (SEET), AsiaCCS, NDSS (BAR), DBTest
2021: ICSE (AE), AsiaCCS

Selected Publications

MOAT: Towards Safe BPF Kernel Extension.
Hongyi Lu, Shuai Wang, Yechang Wu, Wanning He, and Fengwei Zhang. USENIX Security 2024
Scalable Differentiable Causal Discovery in the Presence of Latent Confounders with Skeleton Posterior.
Pingchuan Ma, Rui Ding, Qiang Fu, Jiaru Zhang, Shuai Wang, Shi Han, and Dongmei Zhang. KDD 2024
Are We There Yet? Filling the Gap Between ML-Based Binary Similarity Analysis and Binary Software Composition Analysis.
Huaijin Wang, Zhibo Liu, Shuai Wang, Ying Wang, Qiyi Tang, Sen Nie, and Shi Wu. IEEE EuroS&P 2024
LLM for Mobile: An Initial Roadmap.
Daihang Chen, Yonghui Liu, Mingyi Zhou, Yanjie Zhao, Haoyu Wang, Shuai Wang, Xiao Chen, Tegawende Bissyande, Jacques Klein, and Li Li. 2030 Software Engineering at FSE 2024
Provably Valid and Diverse Mutations of Real-World Media Data for DNN Testing.
Yuanyuan Yuan, Qi Pang, and Shuai Wang. TSE 2024
PP-CSA: Practical Privacy-Preserving Software Call Stack Analysis.
Zhaoyu Wang, Pingchuan Ma, Huaijin Wang, and Shuai Wang. OOPSLA 2024
Metamorphic Testing of Secure Multi-Party Computation (MPC) Compilers.
Yichen Li, Dongwei Xiao, Zhibo Liu, Qi Pang, and Shuai Wang. FSE 2024
DTD: Comprehensive and Scalable Testing for Debuggers.
Hongyi Lu, Zhibo Liu, Shuai Wang, and Fengwei Zhang. FSE 2024
Strengthening Supply Chain Security with Fine-grained Safe Patch Identification.
Changhua Luo, Wei Meng, and Shuai Wang. ICSE 2024
Testing Graph Database Systems via Graph-Aware Metamorphic Relations.
Zeyang Zhuang, Penghui Li, Pingchuan Ma, Wei Meng, and Shuai Wang. VLDB 2024
Evaluating C/C++ Vulnerability Detectability of Query-Based Static Application Security Testing Tools.
Zongjie Li, Zhibo Liu, Wai Kin Wong, Pingchuan Ma, and Shuai Wang. TDSC 2024
On Extracting Specialized Code Abilities from Large Language Models: A Feasibility Study.
Zongjie Li, Chaozheng Wang, Pingchuan Ma, Chaowei Liu, Shuai Wang, Daoyuan Wu, Cuiyun Gao, Yang Liu. ICSE 2024
BinAug: Enhancing Binary Similarity Analysis with Low-Cost Input Repairing.
Wai Kin Wong, Huaijin Wang, Zongjie Li, and Shuai Wang. ICSE 2024
Enabling Runtime Verification of Causal Discovery Algorithms with Automated Conditional Independence Reasoning.
Pingchuan Ma, Zhenlan Ji, Peisen Yao, Shuai Wang, and Kui Ren. ICSE 2024
MPCDiff: Testing and Repairing MPC-Hardened Deep Learning Models.
Qi Pang, Yuanyuan Yuan, and Shuai Wang. NDSS 2024
InsightPilot: An LLM-Empowered Automated Data Exploration System.
Pingchuan Ma, Rui Ding, Shuai Wang, Han Shi, and Dongmei Zhang. EMNLP 2023 (Demo Track)
Explain Any Concept: Segment Anything Meets Concept-Based Explanation.
Ao Sun, Pingchuan Ma, Yuanyuan Yuan, and Shuai Wang. NeurIPS 2023
Protecting Intellectual Property of Large Language Model-Based Code Generation APIs via Watermarks.
Zongjie Li, Chaozheng Wang, Shuai Wang, and Cuiyun Gao. CCS 2023
REEF: A Framework for Collecting Real-World Vulnerabilities and Fixes.
Chaozheng Wang, Li Zongjie, Yun Peng, Shuzheng Gao, Sirong Chen, Shuai Wang, Cuiyun Gao, and Michael Lyu. ASE 2023 (Industry Challenge Track) Distinguished Paper Award
Causality-Aided Trade-off Analysis for Machine Learning Fairness.
Zhenlan Ji, Pingchuan Ma, Shuai Wang, and Yanhui Li. ASE 2023
PerfCE: Performance Debugging on Databases with Chaos Engineering-Enhanced Causality Analysis.
Zhenlan Ji, Pingchuan Ma and Shuai Wang. ASE 2023
PHYFU: Fuzzing Modern Physics Simulation Engines.
Dongwei Xiao, Zhibo Liu and Shuai Wang. ASE 2023 ACM SIGSOFT Distinguished Paper Award
Towards Practical Federated Causal Structure Learning.
Zhaoyu Wang, Pingchuan Ma, and Shuai Wang. ECML-PKDD 2023
Precise and Generalized Robustness Certification for Neural Networks.
Yuanyuan Yuan, Shuai Wang, and Zhendong Su. USENIX Security 2023 [paper]
BTD: Unleashing the Power of Decompilation for x86 Deep Neural Network Executables.
Zhibo Liu, Yuanyuan Yuan, Xiaofei Xie, Tianxiang Li, Wenqiang Li, and Shuai Wang. Blackhat USA 2023
Exploiting Code Reuse Attacks from Obfuscated Programs.
Naiqian Zhang, Daroc Alden, Dongpeng Xu, Shuai Wang, Trent Jaeger, and Wheeler Ruml. DSN 2023
Beyond "Protected" and "Private": An Empirical Security Analysis of Custom Function Modifiers in Smart Contracts.
Yuzhou Fang, Daoyuan Wu, Xiao Yi, Shuai Wang, Yufan Chen, Mengjie Chen, Yang Liu, and Lingxiao Jiang. ISSTA 2023
Secure Federated Correlation Test and Entropy Estimation.
Qi Pang, Lun Wang, Shuai Wang, Wenting Zheng, and Dawn Song. ICML 2023
ADI: Adversarial Dominating Inputs in Vertical Federated Learning Systems.
Qi Pang, Yuanyuan Yuan, Shuai Wang, and Wenting Zheng. IEEE Security & Privacy 2023 [paper]
XInsight: eXplainable Data Analysis Through The Lens of Causality.
Pingchuan Ma, Rui Ding, Shuai Wang, Shi Han, and Dongmei Zhang. SIGMOD 2023[paper]
Byzantine-Robust Federated Learning with Optimal Statistical Rates.
Banghua Zhu, Lun Wang, Qi Pang, Shuai Wang, Jiantao Jiao, Dawn Song, and Michael Jordan. AISTATS 2023 [paper]
Exploring Missed Optimizations in WebAssembly Optimizers.
Zhibo Liu, Dongwei Xiao, Zongjie Li, Shuai Wang, and Wei Meng. ISSTA 2023
OBSan: An Out-Of-Bound Sanitizer to Harden DNN Executables.
Yanzuo Chen, Yuanyuan Yuan, and Shuai Wang. NDSS 2023 [paper]
Revisiting Neuron Coverage for DNN Testing: A Layer-Wise and Distribution-Aware Criterion.
Yuanyuan Yuan, Qi Pang, and Shuai Wang. ICSE 2023 [paper]
Metamorphic Shader Fusion for Testing Graphics Shader Compilers.
Dongwei Xiao, Zhibo Liu, and Shuai Wang. ICSE 2023 [paper]
CC: Causality-Aware Coverage Criterion for Deep Neural Networks.
Zhenlan Ji, Pingchuan Ma, Yuanyuan Yuan, and Shuai Wang. ICSE 2023 [paper]
CCTEST: Testing and Repairing Code Completion Systems.
Zongjie Li, Chaozheng Wang, Zhibo Liu, Haoxuan Wang, Dong Chen, Shuai Wang, and Cuiyun Gao. ICSE 2023 [paper]
CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software.
Yuanyuan Yuan, Zhibo Liu, and Shuai Wang. USENIX Security 2023 [paper]
CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations.
Sen Deng, Mengyuan Li, Yining Tang, Shuai Wang, Shoumeng Yan, and Yinqian Zhang. USENIX Security 2023 [paper]
Decompiling x86 Deep Neural Network Executables.
Zhibo Liu, Yuanyuan Yuan, Shuai Wang, Xiaofei Xie, and Lei Ma. USENIX Security 2023 [paper]
sem2vec: Semantics-Aware Assembly Tracelet Embedding.
Huaijin Wang, Pingchuan Ma, Shuai Wang, Qiyi Tang, Sen Nie, and Shi Wu. ACM TOSEM 2022 [paper]
Unveiling the Hidden Defection of DNN Testing with Decision-Based Metamorphic Oracle.
Yuanyuan Yuan, Qi Pang, and Shuai Wang. ASE 2022 [paper]
Cache Refinement Type for Side-channel Detection of Cryptographic Software.
Ke Jiang, Yuyan Bao, Shuai Wang, Zhibo Liu, and Tianwei Zhang. CCS 2022 [paper]
Deceiving Deep Neural Networks-Based Binary Code Matching with Adversarial Programs.
Wai Kin Wong, Huaijin Wang, Pingchuan Ma, Shuai Wang, Mingyue Jiang, Tsong Yueh Chen, Qiyi Tang, Sen Nie, and Shi Wu. ICSME 2022[paper]
NOLEAKS: Differentially Private Causal Discovery Under Functional Causal Model.
Pingchuan Ma, Zhenlan Ji, Qi Pang, and Shuai Wang. IEEE TIFS 2022 [paper]
On the Effectiveness of Testing Sentiment Analysis Systems with Metamorphic Testing.
Mingyue Jiang, Shuai Wang, and Tsong Yueh Chen. Elsevier IST 2022 [paper]
ML4S: Learning Causal Skeleton from Vicinal Graphs.
Pingchuan Ma, Rui Ding, Haoyue Dai, Yuanyuan Jiang, Shuai Wang, Shi Han, and Dongmei Zhang. KDD 2022 [paper]
Unlearnable Examples: Protecting Open-Source Software from Unauthorized Neural Code Learning.
Zhenlan Ji, Pingchuan Ma, and Shuai Wang. SEKE 2022 [paper]
MDPFuzz: Testing Models Solving Markov Decision Processes.
Qi Pang, Yuanyuan Yuan, and Shuai Wang. ISSTA 2022 [paper]
TORPEDO: A Fuzzing Framework for Discovering Adversarial Container Workloads.
Kent McDonough, Xing Gao, Shuai Wang, and Haining Wang. DSN 2022
NeuralD: Detecting Indistinguishability Violations of Oblivious RAM with Neural Distinguishers.
Pingchuan Ma, Zhibo Liu, Yuanyuan Yuan, and Shuai Wang. IEEE TIFS 2022 [paper]
Enhancing DNN-Based Binary Code Function Search With Low-Cost Equivalence Checking.
Huaijin Wang, Pingchuan Ma, Yuanyuan Yuan, Zhibo Liu, Shuai Wang, Qiyi Tang, Sen Nie, and Shi Wu. IEEE TSE 2022 [paper]
FED-X2: Privacy Preserving Federated Correlation Test.
Lun Wang*, Qi Pang*, Shuai Wang, Dawn Song. PPAI-22 co-located with AAAI 2022
Metamorphic Testing of Deep Learning Compilers.
Dongwei Xiao, Zhibo Liu, Yuanyuan Yuan, Qi Pang, and Shuai Wang. SIGMETRICS 2022 [paper]
Unleashing the Power of Compiler Intermediate Representation to Enhance Neural Program Embeddings.
Zongjie Li, Pingchuan Ma, Huaijin Wang, Shuai Wang, Qiyi Tang, Sen Nie, and Shi Wu. ICSE 2022 [paper]
MT-Teql: Evaluating and Augmenting Neural NLIDB on Real-world Linguistic and Schema Variations.
Pingchuan Ma and Shuai Wang. VLDB 2022 [paper]
Automated Side Channel Analysis of Media Software with Manifold Learning.
Yuanyuan Yuan, Qi Pang, and Shuai Wang. USENIX Security 2022 [paper]
SoK: Demystifying Binary Lifters Through the Lens of Downstream Applications.
Zhibo Liu, Yuanyuan Yuan, Shuai Wang, and Yuyan Bao. IEEE Security & Privacy 2022 [paper]
SanRazor: Reducing Redundant Sanitizer Checks in C/C++ Programs.
Jiang Zhang, Shuai Wang, Manuel Rigger, Pingjia He, and Zhendong Su. OSDI 2021 [paper]
Perception Matters: Detecting Perception Failures of VQA Models Using Metamorphic Testing.
Yuanyuan Yuan, Shuai Wang, Mingyue Jiang, and Tsong Yueh Chen. CVPR 2021 [paper]
Private Image Reconstruction from System Side Channels Using Generative Models.
Yuanyuan Yuan, Shuai Wang, and Junping Zhang. ICLR 2021 [paper]
F2ED-Learning: Good Fences Make Good Neighbors.
Lun Wang, Qi Pang, Shuai Wang, and Dawn Song. SpicyFL 2020 at NeurIPS 2020
Generating Effective Software Obfuscation Sequences with Reinforcement Learning.
Huaijin Wang, Shuai Wang, Dongpeng Xu, Xiangyu Zhang, and Xiao Liu. IEEE TDSC 2020 [preprint]
Metamorphic Object Insertion for Testing Object Detection Systems.
Shuai Wang and Zhendong Su. ASE 2020. [paper]
Metamorphic Testing and Certified Mitigation of Fairness Violations in NLP Models.
Pingchuan Ma, Shuai Wang, and Jin Liu. IJCAI 2020.
How Far We Have Come: Testing Decompilation Correctness of C Decompilers.
Zhibo Liu and Shuai Wang. ISSTA 2020.
Quantitative Assessment on the Limitations of Code Randomization for Legacy Binaries.
Pei Wang, Jinquan Zhang, Shuai Wang, and Dinghao Wu. IEEE EuroS&P 2020.
Detecting Nondeterministic Payment Bugs in Ethereum Smart Contracts.
Shuai Wang, Chengyu Zhang, and Zhendong Su. OOPSLA 2019.
Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation.
Shuai Wang, Yuyan Bao, Xiao Liu, Pei Wang, Danfeng Zhang, and Dinghao Wu. USENIX Security 2019. [Extended Version]
Automatic Grading of Programming Assignments: A Formal Semantics Based Approach.
Xiao Liu, Shuai Wang, Pei Wang, and Dinghao Wu. ICSE 2019, SEET Track.
Large-Scale Third-party Library Detection in Android Markets.
Menghao Li, Pei Wang, Wei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, Wei Huo and Wei Zou. IEEE TSE .
Software Protection on the Go: A Large-Scale Empirical Study on Mobile App Obfuscation.
Pei Wang, Qinkun Bao, Li Wang, Shuai Wang, Zhaofeng Chen, Tao Wei and Dinghao Wu. ICSE 2018.
RedDroid: Android Application Redundancy Customization Based on Static Analysis.
Yufei Jiang, Qinkun Bao, Shuai Wang, Xiao Liu and Dinghao Wu. ISSRE 2018.
Binary Code Retrofitting and Hardening Using SGX.
Shuai Wang, Wenhao Wang, Qinkun Bao, Pei Wang, XiaoFeng Wang, and Dinghao Wu. FEAST 2017, co-located with CCS 2017.
In-Memory Fuzzing for Binary Code Similarity Analysis.
Shuai Wang and Dinghao Wu. ASE 2017.
Turing Obfuscation.
Yan Wang, Shuai Wang, Pei Wang, and Dinghao Wu. SecureComm 2017.
Lambda Obfuscation.
Pengwei Lan, Pei Wang, Shuai Wang, and Dinghao Wu. SecureComm 2017.
Composite Software Diversification.
Shuai Wang, Pei Wang, and Dinghao Wu. ICSME 2017.
Semantics-Aware Machine Learning for Function Recognition in Binary Code.
Shuai Wang, Pei Wang, and Dinghao Wu. ICSME 2017.
CacheD: Identifying Cache-Based Timing Channels in Production Software.
Shuai Wang, Pei Wang, Xiao Liu, Danfeng Zhang, and Dinghao Wu. USENIX Security 2017.
LibD: Scalable and Precise Third-party Library Detection in Android Markets.
Menghao Li, Wei Wang, Pei Wang, Shuai Wang, Dinghao Wu, Jian Liu, Rui Xue, and Wei Huo. ICSE 2017.
From Physical to Cyber: Escalating Protection for Personalized Auto Insurance.
Le Guan, Jun Xu, Shuai Wang, Xinyu Xing, Lin Lin, Heqing Huang, Peng Liu, and Wenke Lee. SenSys 2016.
Uroboros: Instrumenting Stripped Binaries with Static Reassembling.
Shuai Wang, Pei Wang, and Dinghao Wu. SANER 2016.
Translingual Obfuscation.
Pei Wang, Shuai Wang, Jiang Ming, Yufei Jiang, and Dinghao Wu. EuroS&P 2016. [Extended Version]
Reassembleable Disassembling.
Shuai Wang, Pei Wang, and Dinghao Wu. USENIX Security '15. [Code Release]