目前就职于腾讯安全平台部（深圳）。2024年于复旦大学系统软件与安全实验室获得博士学位，导师为杨珉教授、张源教授和张磊助理教授。 截至目前，已在 S&P、USENIX Security、FSE 等世界顶尖网络安全和软件工程会议上发表多篇论文，并获得 ACM FSE 2024 杰出论文奖（第一作者）。 研究兴趣聚焦代码安全和移动安全领域，包括：

• 漏洞挖掘；程序分析；模糊测试；
• LLM for Security

此外，已成功挖掘 150+ 0-day 漏洞，并获得了 70+ CVE ID，获得了来自Google、华为、vivo、小米等领先移动厂商以及Apache、Eclipse、RedHat、VMWare、Oracle等知名开源组织的致谢。

新闻

• [2025/01] 一篇论文被 USENIX Security 2025 接收！
• [2024/06] 我们的论文荣获 ACM FSE 2024 杰出论文奖!

发表论文

1. Careless Retention and Management: Understanding and Detecting Data Retention Denial-of-Service Vulnerabilities in Java Web Containers.

   Keke Lian, Lei Zhang, Haoran Zhao, Yinzhi Cao, Yongheng Liu, Fute Sun, Yuan Zhang, Min Yang.

   USENIX Security 2025, CCF A

2. Component Security Ten Years Later: An Empirical Study of Cross-Layer Threats in Real-World Mobile Applications.

   Keke Lian, Lei Zhang, Guangliang Yang, Shuo Mao, Xinjie Wang, Yuan Zhang, Min Yang.

   FSE 2024, CCF A, [ACM SIGSOFT Distinguished Paper Award]

3. Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction.

   Bofei Chen, Lei Zhang, Xinyou Huang, Yinzhi Cao, Keke Lian, Yuan Zhang, Min Yang.

   S&P 2024, CCF A, Acceptance rate: 17.8%

4. TrustedDomain Compromise Attack in App-in-app Ecosystems.

   Zhibo Zhang, Zhangyue Zhang, Keke Lian, Guangliang Yang, Lei Zhang, Yuan Zhang, Min Yang.

   CCS Workshop 2023

5. Exploit The Last Straw that Breaks Android System.

   Lei Zhang, Keke Lian (First Student Author), Haoyu Xiao, Zhibo Zhang, Peng Liu, Yuan Zhang, Min Yang, Haixin Duan.

   S&P 2022, CCF A, Acceptance rate: 14.5%

6. TextExerciser: Feedback-driven Text Input Exercising for Android Applications.

   Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang,

   S&P 2020, CCF A, Acceptance rate: 12.4%

部分荣誉与奖项

• [2024] ACM SIGSOFT 杰出论文奖。
• [2023 & 2024] 复旦大学优秀学生。
• [2016] 国家奖学金 (Top 1%), 厦门大学。
• [2015 & 2016] 厦门大学优秀学生。