 |
Chengwei Liu (刘承威)
Research Fellow, supervised by Prof.Liu Yang (刘杨) Nanyang Technological University, Singapore School of Computer Science and Engineering Cyber Security Lab 50 Nanyang Ave, #Block N4 #N4-B2C-06, Singapore 639798 chengwei.liu@ntu.edu.sg |
I am a post-doc and received my Ph.D. degree at the School of Computer Science and Engineering (计算机科学与工程学院) in Nanyang Technological University (南洋理工大学) under the supervision of Prof. Liu Yang (刘杨).
My research interest mainly lies in areas of Software Security (软件安全) including Program Analysis, Open Source Security, Software Supply Chain Security, Open Source Governance, etc. (程序分析、开源软件安全、软件供应链安全、开源治理等).
Before that, I received my bachelor's Degree in June 2016, and a Master's Degree in April 2019 from the Nanjing University of Aeronautics and Astronautics, China (南京航空航天大学), under the supervision of Prof Yang Zhibin (杨志斌) (NUAA).
January 2024: Our paper "FedMut: Generalized Federated Learning via Stochastic Mutation" is selected as Oral Presentation by AAAI 2024 (CCF-A)!
December 2023: Our paper "Catch the Butterfly: Peeking into the Terms and Conflicts among SPDX Licenses" accepted by SANER 2024 (CCF-B)!
December 2023: Our paper "Empirical Analysis of Vulnerabilities Life Cycle in Golang Ecosystem" accepted by ICSE 2024 (CCF-A)!
December 2023: Our paper "ModuleGuard: Understanding and Detecting Module Conflicts in Python Ecosystem" accepted by ICSE 2024 (CCF-A)!
December 2023: Our paper "FedMut: Generalized Federated Learning via Stochastic Mutation" accepted by AAAI 2024 (CCF-A)!
November 2023: We released our proposal on "The Software Genome Project: Venture to the Genomic Pathways of Open Source Software and Its Applications" on Arxiv, and we are open for further corporation in this area!
August 2023: Our paper "Demystifying Compiler Unstable Feature Usage and Impacts in the Rust Ecosystem" accepted by ICSE 2024 (CCF-A)!
July 2023: Our paper "Software Architecture Recovery with Information Fusion" accepted by FSE 2023 (CCF-A)!
July 2023: Our paper "Software Composition Analysis for Vulnerability Detection: An Empirical Study on Java Projects" accepted by FSE 2023 (CCF-A)!
July 2023: Our paper "Demystifying the Composition and Code Reuse in Solidity Smart Contracts" accepted by FSE 2023 (CCF-A)!
July 2023: Our paper "Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java" accepted by FSE 2023 (CCF-A)!
July 2023: Our paper "Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem" accepted by ASE 2023 (CCF-A)!
July 2023: Our paper "Who is the Real Hero? Measuring Developer Contribution via Multi-dimensional Data Integration" accepted by ASE 2023 (CCF-A)!
July 2023: Our paper "An Empirical Study of Malicious Code In PyPI Ecosystem" accepted by ASE 2023 (CCF-A)!
July 2023: Our paper "Aster: Automatic Speech Recognition System Accessibility Testing for Stutterers" accepted by ASE 2023 (CCF-A)!
July 2023: I received my Ph.D. degree from NTU!
March 2023: Our paper "Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines" accepted by TDSC (CCF-A)!
February 2023: Our paper "Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects" received the ACM SIGSOFT Distinguished Paper Award at ICSE2023 (CCF-A).
January 2023: Our paper "A Comprehensive Study on Quality Assurance Tools for Java" accepted by ISSTA 2023 (CCF-A)!
December 2022: Our paper "Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects" accepted by ICSE 2023 (CCF-A)!
October 2022: Our paper "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing" received the ACM SIGSOFT Distinguished Paper Award at ASE2022 (CCF-A).
July 2022: Our paper "Has My Release Disobeyed Semantic Versioning? Static Detection Based on Semantic Differencing for Java" accepted by ASE 2022 (CCF-A)!
July 2022: Our paper "Towards Understanding Third-party Library Dependency in C/C++ Ecosystem" conditionally accepted by ASE 2022 (CCF-A)!
July 2022: Invited Talk on "Demystifying the security of open source supply chain in the NPM Ecosystem" (浅析NPM生态系统中的开源供应链安全) by CodeWisdom from Fudan University, China!
December 2021: Our paper "Demystifying the Vulnerability Propagation and Its Evolution via Dependency Trees in the NPM Ecosystem" accepted by ICSE 2022 (CCF-A)!
Junior PC for MSR2024 research track
PC for ACSAC2024
Reviewer for TDSC
Tutorial of SZ2006 and CZ2006 in Fall 2023
Teaching assistant for SZ2002, SZ2006, CZ2006, CZ3003 from Fall 2019 to Fall 2021 (Lab supervision)