XIAO
profile photo

Xiao Cheng

I am a third-year PhD student at School of Computer Science and Engineering, University of New South Wales (UNSW), where I am advised by Scientia Associate Professor Yulei Sui. My research interests include Program Analysis, Secure Software Engineering and Intelligent Software Engineering (SE4AI, AI4SE). My papers have been published in top-tier conferences and journals in the field of program analysis and software engineering such as OOPSLA, TOSEM, TDSC, ICSE, FSE and ISSTA. Contact me at xiao Dot cheng AT unsw Dot edu Dot au.

CV  /  Google Scholar  /  CMS Profile  /  Github  /  ORCID

News

  • 01/2024, Our work on quantum speedups on dynamic transitive closure-based static analysis accepted at TOSEM.

  • 01/2024, Our work on path-sensitive typestate analysis accepted at FSE 2024.

  • 12/2023, Our work on cross-domain abstract execution accepted at ICSE 2024.

  • 07/2022, Our empirical study on learning-based vulnerability detection accepted at TDSC.

  • 04/2022, Our work on path-sensitive code embedding accepted at ISSTA 2022.

  • 04/2021, Our work on learning-based vulnerability detection accepted at TOSEM.

  • 11/2020, Our work on code embedding received a Distinguished Paper Award.

    • Publications

    I'm interested in devleoping fundamental static analysis and verification techniques to improve the reliability and security of modern software systems.

    1. CCF-A Dynamic Transitive Closure-Based Static Analysis through the Lens of Quantum Search
      Jiawei Ren, Yulei Sui, Xiao Cheng, Yuan Feng and Jianjun Zhao
      ACM Transactions on Software Engineering and Methodology (TOSEM) PDF Code Bib

    2. CCF-A Fast Graph Simplification for Path-Sensitive Typestate Analysis through Tempo-Spatial Multi-Point Slicing
      Xiao Cheng, Jiawei Ren, Yulei Sui
      Proceedings of the 32st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE '24) PDF Code Bib

    3. CCF-A Precise Sparse Abstract Execution via Cross-Domain Interaction
      Xiao Cheng, Jiawei Wang, Yulei Sui
      46th International Conference on Software Engineering (ICSE '24) PDF Code Bib

    4. CCF-C Vulnerability Detection via Typestate-Guided Code Representation Learning
      Xiao Cheng
      International Conference on Formal Engineering Methods (ICFEM '23) PDF Code Bib

    5. CCF-A How About Bug-Triggering Paths? - Understanding and Characterizing Learning-Based Vulnerability Detectors
      Xiao Cheng, Xu Nie, Ningke Li, Haoyu Wang, Zheng Zheng, Yulei Sui
      IEEE Transactions on Dependable and Secure Computing (TDSC) PDF Code Bib

    6. CCF-A Path-Sensitive Code Embedding via Contrastive Learning for Software Vulnerability Detection
      Xiao Cheng, Guanqin Zhang, Haoyu Wang and Yulei Sui
      The 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA '22) PDF Code Bib

    7. CCF-A DeepWukong: Statically Detecting Software Vulnerabilities using Deep Graph Neural Network
      Xiao Cheng, Haoyu Wang, Jiayi Hua, Guoai Xu and Yulei Sui
      ACM Transactions on Software Engineering and Methodology (TOSEM) PDF Code Bib

    8. CCF-A ACM SIGPLAN Distinguished Paper AWARD Flow2Vec: Value-Flow-Based Precise Code Embedding
      Yulei Sui, Xiao Cheng, Guanqin Zhang and Haoyu Wang
      Proceedings of ACM OOPSLA 2020 PDF Code Bib

    9. CORE-A Static Detection of Control-Flow-Related Vulnerabilities Using Graph Embedding
      Xiao Cheng, Haoyu Wang, Jiayi Hua, Miao Zhang, Guoai Xu, Li Yi and Yulei Sui
      The 24th International Conference on Engineering of Complex Computer Systems (ICECCS 2019) PDF Code Bib

    Services

  • Webchair of LCTES 2024.

  • (Co-)Reviewer of ICSE 2024/2021, ASE 2023/2022, FSE 2022, ISSTA 2024, ISSRE 2022, SCAM 2021, CSUR 2021, TOSEM, TOPLAS, TSE.

  • Artifact Evaluation Committee of ISSTA 2024/2023, SAS 2023, FormaliSE 2024/2023.

    • Teaching Experience

  • One of the major contributors, Teaching-Software-Analysis, an online open courses for learning software analysis via SVF.

  • Subject coordinator and lecturer, Software Analysis, SSTC Software Engineering Studio, UTS, 2022.

  • Subject lecturer, Software Analysis, SSTC Software Engineering Studio, UTS, 2021.

  • Subject lecturer, 41128 Software Analysis Studio, 2022.

  • Subject tutor, 41128 Software Analysis Studio, 2021.

    • Tools

  • One of the major contributors, SVF, a source code analysis framework that enables interprocedural dependence analysis for LLVM-based languages.

  • DeepWukong, a graph neural network based software vulnerability detector.

  • CounterfietAppClassify, a tool for detecting counterfiet applications.

    • Education

  • 2023-present, Ph.D. in Computer Science and Engineering, University of New South Wales (UNSW).

  • 2021-2023, Ph.D. in Computer Science and Engineering, University of Technology Sydney (UTS).

  • 2014-2021, B.Eng and M.Res in Engineering, Beijing University of Posts and Telecommunications (BUPT).

    • Awards

  • 2024, Development and Research Training Grant (DRTG), UNSW.

  • 2022, Apple Scholars in AI/ML PhD fellowship nomination.

  • 2021, International Research Training Program Scholarship (IRTP) Offer.

  • 2020, NASAC prototype competition third prize.

  • 2019, ACM SIGSOFT Distinguished Paper Award.

  • 2016, Interdisciplinary Contest in Modeling, Honorable Mention.

    • Misc

  • Tips on writing a research paper, Doing Research in Software Analysis Lessons and Tips.

  • Abstract Interpretation, Static Program Analysis, and more

  • LLVM, Z3, SVF, Tai-e, Qilin, IKOS, Crab, POCR.

  • Overleaf Tutorials, SimpleTex, Markdown Guide, Docker.

  • CPP/C, LLVM IR.

    • Welcome to use this website's source code, just add a link back to here. .