Bio

My research primarily focuses on security areas such as web security, system security, and program analysis. My prior work focused on web tracking, but now is directed toward static/dynamic analysis and privacy -- trying to solve real-world challenging problems such as increasing the accuracy and efficiency of vulnerability detection, mobile APP analysis and privacy protection.

Education

Ph.D. in Computer Science, Aug. 2018 - Feb. 2022
Johns Hopkins University
M.S. in Computer Science and Engineering, Aug. 2015 - May. 2017
Lehigh University
B.S. in Software Engineering, Aug. 2011 - May. 2015
Beijing Institute of Technology

Publications

  • [IEEE S&P '25] Follow My Flow: Unveiling Client-Side Prototype Pollution Gadgets from One Million Real-World Websites
    Zifeng Kang, Muxi Lyu, Zhengyu Liu, Jianjia Yu, Runqi Fan, Song Li, Yinzhi Cao
    to appear in the Proceedings of the IEEE Symposium on Security and Privacy (Oakland), 2025.
  • [TIFS] Sensitive Behavioral Chain-focused Android Malware Detection Fused with AST Semantics
    Jiacheng Gong, Weina Niu, Song Li, Mingxue Zhang, Xiaosong Zhang
    IEEE Transactions on Information Forensics and Security
  • [TIFS] GraphTunnel: Robust DNS Tunnel Detection Based on DNS Recursive Resolution Graph
    Guangyuan Gao, Weina Niu, Jiacheng Gong, Dujuan Gu, Song Li, Mingxue Zhang, Xiaosong Zhang
    IEEE Transactions on Information Forensics and Security
  • [SoCC' 24] SQLStateGuard: Statement-Level SQL Injection Defense Based on Learning-Driven Middleware
    Xin Liu, Yuanyuan Huang, Tianyi Wang, Song Li, Weina Niu, Jun Shen, Qingguo Zhou, Xiaokang Zhou
    to appear in the Proceedings of the The 15th ACM Symposium on Cloud Computing (SoCC), 2024
  • [MM '24] What's the Real: A Novel Design Philosophy for Robust AI-Synthesized Voice Detection
    Xuan Hai, Xin Liu, Yuan Tan, Gang Liu, Song Li, Weina Niu, Rui Zhou, Xiaokang Zhou
    in the Proceedings of the ACM Multimedia 2024
  • [ICME '24] Ghost-in-Wave: How Speaker-Irrelative Features Interfere DeepFake Voice Detectors
    Xuan Hai, Xin Liu, Zhaorun Chen, Yuan Tan, Song Li, Weina Niu, Gang Liu, Rui Zhou, QINGGUO ZHOU
    in the Proceedings of the IEEE Conference on Multimedia Expo 2024
  • [CCS '23] CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation
    Jianjia Yu, Song Li, Junmin Zhu, and Yinzhi Cao,
    Distinguished Paper Award
    in the Proceedings of The ACM Conference on Computer and Communications Security (CCS), 2023
  • [IEEE S&P '23] Scaling JavaScript Abstract Interpretation to Detect and Exploit Node.js Taint-style Vulnerability
    Mingqing Kang, Yichao Xu, Song Li, Rigel Gjomemo, Jianwei Hou, V.N. Venkatakrishnan, and Yinzhi Cao
    in the Proceedings of the IEEE Symposium on Security and Privacy (Oakland), 2023.
    [paper]
    The research results in 21 CVEs, e.g., CVE-2023-25805.
  • [USENIX Security '22]Mining Node.js Vulnerabilities via Object Dependence Graph and Query
    Song Li, Mingqing Kang, Jianwei Hou, Yinzhi Cao
    in the Proceedings of the 31th USENIX Security Symposium, 2022
    [paper] [source code]
    The artifact is evaluated and the results are reproduced by the USENIX AE committee.
    Badges: Artifacts Available, Artifacts Functional, Results Reproduced
    The research results in 70 CVEs, e.g., CVE-2019-10777 in aws-lambda and CVE-2020-7625 in op-browser.
  • [NDSS '22]Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites
    Zifeng Kang, Song Li, Yinzhi Cao
    in the Proceedings of Network & Distributed System Security Symposium (NDSS), 2022
    [paper] [source code]
    The research results in 2,738 real-world websites, including ten among the top 1,000 Tranco websites, which are vulnerable to 2,917 zero-day, exploitable prototype pollution vulnerabilities. 48 vulnerabilities further lead to XSS, 736 to cookie manipulations, and 830 to URL manipulations. A detailed list of vulnerable websites(excluding some websites that cannot be reached or are still in the process of vulnerability patching) is here.
  • [AsiaCCS '22] GraphTrack: A Graph-based Cross-Device Tracking Framework
    Binghui Wang, Tianchen Zhou, Song Li, Yinzhi Cao, and Neil Gong
    in the Proceedings of ACM Asia Conference on Computer and Communications Security, 2022.
  • [ESEC/FSE '21]Detecting Node.js Prototype Pollution Vulnerabilities via Object Lookup Analysis
    Song Li, Mingqing Kang, Jianwei Hou, Yinzhi Cao
    in the Proceeding of the ACM Joint European Software Engineering Conference and Symposium on-the Foundations of Software Engineering (ESEC/FSE), 2021
    [paper] [DOI] [source code]
    The research results in 11 CVEs, e.g., CVE-2019-10795 in undefsafe (>5M weekly downloads) and CVE-2020-7643 in paypal-adaptive.
  • [IMC '20]Who Touched My Fingerprint? A Large-scale Measurement Study and Classification of Fingerprint Dynamics
    Song Li, Yinzhi Cao
    in the Proceeding of the Internet Measurement Conference (IMC), 2020
  • [USENIX Security '19]Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting
    Shujiang Wu, Song Li and Yinzhi Cao, Ningfei Wang
    in the Proceeding of the 28th USENIX Security Symposium, 2019
  • [CCS '17]Deterministic Browser
    Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu
    in the Proceeding of ACM Conference on Computer and Communications Security (CCS), 2017
  • [NDSS '17](Cross-)Browser Fingerprinting via OS and Hardware Level Features
    Yinzhi Cao, Song Li* and Erik Wijmans
    (* First student author)
    in the Proceeding of the Annual Network & Distributed System Security Symposium (NDSS), 2017
    The research is featured by many media outlets, such as

Professional Activities

Program Committee

  • IEEE S&P: IEEE S&P '25
  • USENIX Security: USENIX Security '24, '25
  • TheWebConf: TheWebConf '23
  • USENIX Security: USENIX Security '22 AE
  • Journal Reviewer

  • IEEE Transactions on Information Forensics and Security (TIFS)
  • IEEE Transactions on Dependable and Secure Computing (TDSC)
  • ACM Computing Surveys
  • Empirical Software Engineering
  • External Reviewer for

  • WWW: International World Wide Web Conference, Security and Privacy Track, 2018
  • TheWebConf (formerly known as WWW): The ACM Web Conference 2022, Security, Privacy, and Trust Track, 2022
  • TA and RA

  • Teaching Assistant: Web Security, Johns Hopkins University, Fall/2019
  • Research Assistant: Web Security, Lehigh University, advisor: Yinzhi Cao, 10/2015-04/2017
  • Research Mentoring

    PhD Students

  • Runqi Fan: Zhejiang University, 09/2023-Present
  • Fan Wu: Zhejiang University, 09/2023-Present
  • Jinhong Liu: Zhejiang University, 09/2022-Present
  • Master Students

    Current:
  • Xiuwen Shi: Zhejiang University, 09/2023-Present
  • Weisi Cao: Zhejiang University, 09/2023-Present
  • Da Huang: Zhejiang University, 09/2023-Present
  • Min Ni: Zhejiang University, 09/2024-Present
  • Jifeng Yao: Zhejiang University, 09/2024-Present
  • Xiaotian Wang: Zhejiang University, 09/2024-Present
  • Past:
  • Yichao Xu: Johns Hopkins University, 07/2021-07/2022
  • Siqi Cao: Johns Hopkins University, 12/2020-03/2021
  • Huangyin Chen: Johns Hopkins University, 12/2020-03/2021
  • Qingshan Zhang: Johns Hopkins University, 12/2020-03/2021
  • Mingqing Kang: Johns Hopkins University, now a PhD student at the Johns Hopkins University, 03/2019-08/2020
  • Queenie Gao: Johns Hopkins University, 12/2019-03/2020
  • Minjie Fu: Johns Hopkins University, First Job: Facebook, 12/2019-03/2020
  • Jingyi Li: Johns Hopkins University, 12/2019-03/2020
  • Guanlong Wu: Johns Hopkins University, now a PhD student at the University of Virginia, 04/2018-03/2019
  • Ningfei Wang: Lehigh University, now a PhD student at the University of California, Irvine, 10/2017-05/2018
  • BS Students

  • Rohan Jasani: Indian Institutes of Technology, 06/2020-09/2020
  • Tianchen Zhang: Beihang University, 06/2020-09/2020
  • Gongqi Huang: Johns Hopkins University, 08/2019-02/2020
  • Xueqi Ren: Lehigh University, then a Master student at the Columbia University, 10/2017-05/2018
  • Olivia Orrell-Jones: Brown University, 05/2017-08/2017
  • Erik Wijmans: Washington University in St. Louis, now a PhD student at the Georgia Institute of Technology, 05/2016-08/2016
  • High School Students:

  • Kylie Gong: 07/2021-09/2021
  • Kevin Yao: 07/2021-09/2021