Contact:
Peng Li
Email:
poppeter1982 at gmail dot com
Peng Li is a security engineer at ByteDance.
He received his PH.D. degree from school of computing in University of Utah under the surpervision of
Prof. Ganesh Gopalakrishnan.
His development & research concentrate on but not limited to:
Scalable static analysis for Objective-C, GoLang etc
Practical fuzzing for GoLang etc
Bug driven hybrid fuzzing leveraging greybox fuzzing and concolic execution in C/C++
News
Hiring interns with strong backgrounds in static analysis and dynamic analysis,
if you are interested, please send me an e-mail.
2019/12: Paper accepted by ICSE 2020 — on SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection
(PDF).
2019/11: Invited to be committee member in SPAI 2020 — please consider submitting
your work.
Projects
SAVIOR:
A practical bug driven hybrid fuzzing framework leveraging greybox fuzzing and concolic execution.
[Source Code]
SymJS:
A symbolic executor and test case generator for JavaScript prograrms and JavaScript-based web application.
I significantly extended it to scale to realistic web applications and hybrid selendroid web applications.
KLOVER:
A symbolic executor and test case generator for c++ prograrms, it was built on top of KLEE.
I combined KLOVER and a C++ unit test generator to intensively test Fujitsu router systems.
GKLEE:
A symbolic analysis assisted checker and test generator for C++ CUDA programs.
IOC:
An integer overflow checker for C/C++, integrated into Clang/LLVM as part of Undefined Behavior Sanitizer.
T-Check:
A bug finding framework leveraging bounded model checking and random testing for sensor networks.
Zhenxiao Qi, Qian Feng, Yueqiang Cheng, Mengjia Yan, Peng Li, Heng Yin, and Tao Wei
SpecTaint: Speculative Taint Analysis for Discovering Spectre Gadgets,
In Proceedings of the Network and Distributed System Security Symposium, (NDSS 2021).
Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo, Rundong Zhou, Yulong Zhang, Tao Wei, Long Lu.
SAVIOR: Towards Bug-Driven Hybrid Testing,
In Proceedings of the 41st IEEE Symposium on Security and Privacy, (S&P 2020).
Alastair F. Donaldson, Ganesh Gopalakrishnan, Nathan Chong, Jeroen Ketema, Guodong Li, Peng Li, Anton Lokhmotov,
Shaz Qadeer.
Formal Analysis Techniques for Reliable GPU Programming: Current Solutions and Call to Action.
Book chapter in Advances in GPU Research and Practice, pp. 3-21 (Morgan Kaufmann), 2017
Will Dietz, Peng Li, John Regehr, and Vikram Adve.
Understanding Integer Overflow in C/C++,
ACM Transactions on Software Engineering and Methodology (TOSEM), 2015.
Peng Li, Guodong Li, Ganesh Gopalakrishnan,
Practical Symbolic Race Checking of GPU Programs,
In Proceedings of the 26th ACM/IEEE International Conference on High Performance Computing, Networking, Storage and Analysis Conference (SC'14).
New Orlean, LA, 2014.
Guodong Li, Peng Li, Geof Sawaya, Ganesh Gopalakrishnan, Indradeep Ghosh and Sreeranga P. Rajan,
GKLEE: Concolic Verification and Test Generation for GPUs,
In Proceedings of 17th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPoPP'12).
New Orlean, LA, USA, 2012, pp. 215-224.
Will Dietz, Peng Li, John Regehr, and Vikram Adve,
Understanding Integer Overflow in C/C++,
In Proceedings of the 34th International Conference on Software Engineering (ICSE'12).
Zurich, Switzerland, June 2012.
ACM SIGSOFT Distinguished Paper Award
Peng Li and John Regehr,
T-Check: Bug Finding for Sensor Networks,
In Proceedings of the 9th ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN'10).
SPOTS track, Stockholm, Sweden, April 2010.
It is my great honor to receive the
2012 NVIDIA graduate fellowship to
fund my research on extending our symbolic assisted checker for C++ CUDA programs: GKLEE.
