NJU SecLab: Home

The System and Software Security Laboratory is a research group led by Professor Bing Mao and affiliated with the School of Computer Science at Nanjing University, exploring multiple respects in software security. Our core research areas include:

Reverse Engineering: Locate vulnerabilities with precision through binary analysis, crash log/core dump analysis, and dynamic taint analysis.

Vulnerability Detection: Advance fuzzing strategies (black/grey-box), symbolic execution with constraint solving, and LLM-assisted techniques to enhance vulnerability detection and path depth across targets.

Compiler Security: Identify security risks introduced during compiler optimization/transformation. Develop validation techniques (e.g., differential testing, path-coverage test generation) to ensure trustworthiness.

AI for Security Analysis: Explore AI (deep learning, large language models) to learn program behavior patterns and augment security analysis tasks.

Our research is consistently published at top-tier conferences including S&P, USENIX Security, ISSTA, and ICSE.

Graduates pursue careers at leading companies (e.g., Huawei, Alibaba, NetEase) and academic institutions (e.g., HUST, SEU) worldwide.

We cordially invite motivated Master's and Ph.D. candidates passionate about software security to join us in exploring the boundaries of system security!

Research

Reverse Engineering

Explore new techniques in reverse engineering to help security research.

Software Security

This research is about to find ways to protect software and make it more secure.

Vulnerability mining

This project is about to explore techiniques to find vulnerabilities in software automatically,including fuzzing, symbolic execution and so on.

Deep learning assisted program analysis

Deep learning is a powerful tool to overcome the awkward situation of extracting endless rules from real world. We propose some novel approach in program analysis.