Chengwei Liu's Homepage  [Publications]  [Google Scholar]  [ResearchGate]

Chengwei Liu (刘承威)
Research Assistant Professor, supported by Prof.Liu Yang (刘杨)
Nanyang Technological University, Singapore
College of Computing and Data Science
Cyber Security Lab
50 Nanyang Ave, #Block N4 #N4-B2C-06, Singapore 639798
chengwei.liu@ntu.edu.sg

I am a post-doc and received my Ph.D. degree at the College of Computing and Data Science (计算与数据科学学院) in Nanyang Technological University (南洋理工大学) under the supervision of Prof. Liu Yang (刘杨).

My research interest mainly lies in areas of Software Security (软件安全) including Program Analysis, Open Source Security, Software Supply Chain Security, Open Source Governance, etc. (程序分析、开源软件安全、软件供应链安全、开源治理等).

Before that, I received my bachelor's Degree in June 2016, and a Master's Degree in April 2019 from the Nanjing University of Aeronautics and Astronautics, China (南京航空航天大学), under the supervision of Prof Yang Zhibin (杨志斌) (NUAA).


News

  May 2024: I was honored to have been awarded the title of Research Assistant Professor at NTU! I extend my great appreciation to my supervisor, mentors, teammates, and collaborators for their recognition and support!

  January 2024: Our paper "FedMut: Generalized Federated Learning via Stochastic Mutation" is selected as Oral Presentation by AAAI 2024 (CCF-A)!

  December 2023: Our paper "Catch the Butterfly: Peeking into the Terms and Conflicts among SPDX Licenses" accepted by SANER 2024 (CCF-B)!

  December 2023: Our paper "Empirical Analysis of Vulnerabilities Life Cycle in Golang Ecosystem" accepted by ICSE 2024 (CCF-A)!

  December 2023: Our paper "ModuleGuard: Understanding and Detecting Module Conflicts in Python Ecosystem" accepted by ICSE 2024 (CCF-A)!

  December 2023: Our paper "FedMut: Generalized Federated Learning via Stochastic Mutation" accepted by AAAI 2024 (CCF-A)!

  November 2023: We released our proposal on "The Software Genome Project: Venture to the Genomic Pathways of Open Source Software and Its Applications" on Arxiv, and we are open for further corporation in this area!

  August 2023: Our paper "Demystifying Compiler Unstable Feature Usage and Impacts in the Rust Ecosystem" accepted by ICSE 2024 (CCF-A)!

  July 2023: Our paper "Software Architecture Recovery with Information Fusion" accepted by FSE 2023 (CCF-A)!

  July 2023: Our paper "Software Composition Analysis for Vulnerability Detection: An Empirical Study on Java Projects" accepted by FSE 2023 (CCF-A)!

  July 2023: Our paper "Demystifying the Composition and Code Reuse in Solidity Smart Contracts" accepted by FSE 2023 (CCF-A)!

  July 2023: Our paper "Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java" accepted by FSE 2023 (CCF-A)!

  July 2023: Our paper "Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem" accepted by ASE 2023 (CCF-A)!

  July 2023: Our paper "Who is the Real Hero? Measuring Developer Contribution via Multi-dimensional Data Integration" accepted by ASE 2023 (CCF-A)!

  July 2023: Our paper "An Empirical Study of Malicious Code In PyPI Ecosystem" accepted by ASE 2023 (CCF-A)!

  July 2023: Our paper "Aster: Automatic Speech Recognition System Accessibility Testing for Stutterers" accepted by ASE 2023 (CCF-A)!

  July 2023: I received my Ph.D. degree from NTU!

  March 2023: Our paper "Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines" accepted by TDSC (CCF-A)!

  February 2023: Our paper "Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects" received the ACM SIGSOFT Distinguished Paper Award at ICSE2023 (CCF-A).

  January 2023: Our paper "A Comprehensive Study on Quality Assurance Tools for Java" accepted by ISSTA 2023 (CCF-A)!

  December 2022: Our paper "Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects" accepted by ICSE 2023 (CCF-A)!

  October 2022: Our paper "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing" received the ACM SIGSOFT Distinguished Paper Award at ASE2022 (CCF-A).

  July 2022: Our paper "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing for Java" accepted by ASE 2022 (CCF-A)!

  July 2022: Our paper "Towards Understanding Third-party Library Dependency in C/C++ Ecosystem" conditionally accepted by ASE 2022 (CCF-A)!

  July 2022: Invited Talk on "Demystifying the security of open source supply chain in the NPM Ecosystem" (浅析NPM生态系统中的开源供应链安全) by CodeWisdom from Fudan University, China!

  December 2021: Our paper "Demystifying the Vulnerability Propagation and Its Evolution via Dependency Trees in the NPM Ecosystem" accepted by ICSE 2022 (CCF-A)!


Academic Services

Junior PC for MSR2024 research track

PC for ACSAC2024

Reviewer for TDSC

ERC and AEC for ECOOP2024

PC for ASE2024 Industry Showcase Track

Reviewer for TSE


Teaching

Tutorial of SZ2006 and CZ2006 in Fall 2023

Teaching assistant for SZ2002, SZ2006, CZ2006, CZ3003 from Fall 2019 to Fall 2021 (Lab supervision)