Keke Lian (廉轲轲)

Keke Lian (廉轲轲)

Ph.D. in Cyberspace Security

I am currently leading the WuKong Code Security team at Tencent, Shenzhen. My current research focuses on the intersection of AI and code security, including LLM- and agent-driven vulnerability detection, systematic evaluation of AI/Agents, and secure code generation. I also have broad interests in program analysis, fuzzing, and mobile security.

I received my PhD degree from the System Software and Security Laboratory at Fudan University in 2024, supervised by Professor Min Yang, Professor Yuan Zhang, and Assistant Professor Lei Zhang.

Up to now, I have published several papers at top-tier conferences in cybersecurity and software engineering, including S&P, USENIX Security, and FSE. One of my papers received the Distinguished Paper Award at ACM FSE 2024. Furthermore, I have identified 150+ 0-day vulnerabilities, with 70+ assigned CVE IDs, and received acknowledgments from leading mobile manufacturers like Google, Huawei, vivo, Xiaomi, and open-source organizations such as Apache, Eclipse, RedHat, VMWare, and Oracle, etc.

🔥 News

  • [2026.04]  🎉 Our A.S.E paper accepted by ACL Findings 2026!
  • [2025.07]  🎉 We open-sourced A.S.E, the first repository-level benchmark for AI-generated code security evaluation!
  • [2025.02]  🎉 Joined Tencent!
  • [2025.01]  🎉 One paper accepted by USENIX Security 2025!
  • [2024.12]  🎉 Obtained my Ph.D. degree from Fudan University!
  • [2024.06]  🎉 Our paper received the ACM SIGSOFT Distinguished Paper Award at FSE 2024!
  • [2024.05]  🎉 One paper accepted by FSE 2024!
  • [2024.01]  🎉 One paper accepted by S&P 2024!
  • [2023.06]  🎉 One paper accepted by CCS Workshop 2023!
  • [2021.12]  🎉 One paper accepted by S&P 2022!
  • [2019.12]  🎉 One paper accepted by S&P 2020!

📝 Publications

ACL’26   A.S.E: A Repository-Level Benchmark for Evaluating Security in AI-Generated Code.
              Keke Lian, Bin Wang, Lei Zhang, Libo Chen, Junjie Wang, Ziming Zhao, Yujiu Yang et al.
              In Findings of the Association for Computational Linguistics (ACL Findings), 2026. (CCF-A)

ASE’25   Exploring Static Taint Analysis in LLMs: A Dynamic Benchmarking Framework for Measurement and Enhancement.
              Haoran Zhao, Lei Zhang, Keke Lian et al.
              In Proceedings of the 40th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2025. (CCF-A)

USENIX Security’25   Careless Retention and Management: Understanding and Detecting Data Retention Denial-of-Service Vulnerabilities in Java Web Containers.
              Keke Lian, Lei Zhang, Haoran Zhao, Yinzhi Cao, Yongheng Liu, Fute Sun, Yuan Zhang, Min Yang.
              In Proceedings of the 34th USENIX Security Symposium (USENIX Security), 2025. (CCF-A)

FSE’24   Component Security Ten Years Later: An Empirical Study of Cross-Layer Threats in Real-World Mobile Applications.
              Keke Lian, Lei Zhang, Guangliang Yang, Shuo Mao, Xinjie Wang, Yuan Zhang, Min Yang.
              In Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering (FSE), 2024. (CCF-A)
              ★ ACM SIGSOFT Distinguished Paper Award

S&P’24   Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction.
              Bofei Chen, Lei Zhang, Xinyou Huang, Yinzhi Cao, Keke Lian, Yuan Zhang, Min Yang.
              In Proceedings of the 45th IEEE Symposium on Security and Privacy (S&P), 2024. (CCF-A)

CCS Workshop’23   TrustedDomain Compromise Attack in App-in-app Ecosystems.
              Zhibo Zhang, Zhangyue Zhang, Keke Lian, Guangliang Yang, Lei Zhang, Yuan Zhang, Min Yang.
              In Proceedings of the ACM Conference on Computer and Communications Security Workshop (CCS Workshop), 2023.

S&P’22   Exploit The Last Straw that Breaks Android System.
              Lei Zhang, Keke Lian (First Student Author), Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang, Min Yang, Haixin Duan.
              In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P), 2022. (CCF-A)

S&P’20   TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
              Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang.
              In Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P), 2020. (CCF-A)

🎖 Honors and Awards

  • 2024 ACM SIGSOFT Distinguished Paper Award.
  • 2023 & 2024 Outstanding Student Award of Fudan University.
  • 2016 National Scholarship (Top 1%), Xiamen University.
  • 2015 & 2016 Outstanding Student Award of Xiamen University.

📖 Educations

  • 2018.09 - 2024.06, Ph.D. in Cyberspace Security, Fudan University, Shanghai, China.
  • 2014.09 - 2018.06, B.E. in Software Engineering, Xiamen University, Xiamen, China.