Keke Lian (廉轲轲)

Keke Lian (廉轲轲)

Ph.D. in Cyberspace Security

I’m working at Tencent in Shenzhen now. I received my PhD degree from the System Software and Security Laboratory at Fudan University in 2024, supervised by Professor Min Yang, Professor Yuan Zhang, and Assistant Professor Lei Zhang.

My research interests are centered on code security and mobile security, particularly in vulnerability detection, analysis, and exploitation. To address these challenges, my research utilizes a variety of multidisciplinary techniques, including program analysis and fuzzing. I am also actively exploring the integration of large language models to enhance these methodologies.

Up to now, I have published several papers in the world’s top conferences on cybersecurity and software engineering, such as S&P, USENIX Security, and FSE. My paper on Android component security was awarded the Distinguished Paper Award at ACM FSE 2024. Furthermore, I have identified 150+ 0-day vulnerabilities, with 70+ assigned CVE IDs, and received acknowledgments from leading mobile manufacturers like Google, Huawei, vivo, Xiaomi, and open-source organizations such as Apache, Eclipse, RedHat, VMWare, and Oracle, etc.

News

  • [2025/01] One paper accepted by USENIX Security 2025!
  • [2024/06] Our paper received the ACM SIGSOFT Distinguished Paper Award at FSE 2024!

Publications

  1. Careless Retention and Management: Understanding and Detecting Data Retention Denial-of-Service Vulnerabilities in Java Web Containers.
    Keke Lian, Lei Zhang, Haoran Zhao, Yinzhi Cao, Yongheng Liu, Fute Sun, Yuan Zhang, Min Yang.
    USENIX Security 2025, CCF A
  2. Component Security Ten Years Later: An Empirical Study of Cross-Layer Threats in Real-World Mobile Applications.
    Keke Lian, Lei Zhang, Guangliang Yang, Shuo Mao, Xinjie Wang, Yuan Zhang, Min Yang.
    FSE 2024, CCF A, [ACM SIGSOFT Distinguished Paper Award]
  3. Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction.
    Bofei Chen, Lei Zhang, Xinyou Huang, Yinzhi Cao, Keke Lian, Yuan Zhang, Min Yang.
    S&P 2024, CCF A, Acceptance rate: 17.8%
  4. TrustedDomain Compromise Attack in App-in-app Ecosystems.
    Zhibo Zhang, Zhangyue Zhang, Keke Lian, Guangliang Yang, Lei Zhang, Yuan Zhang, Min Yang.
    CCS Workshop 2023
  5. Exploit The Last Straw that Breaks Android System.
    Lei Zhang, Keke Lian (First Student Author), Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang, Min Yang, Haixin Duan.
    S&P 2022, CCF A, Acceptance rate: 14.5%
  6. TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
    Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang,
    S&P 2020, CCF A, Acceptance rate: 12.4%

Selected Honors and Awards

  • [2024] ACM SIGSOFT Distinguished Paper Award.
  • [2023 & 2024] Outstanding Student Award of Fudan University.
  • [2016] National Scholarship (Top 1%), Xiamen University.
  • [2015 & 2016] Outstanding Student Award of Xiamen University.