Jie Lu 陆杰
About Me 👋
I am an Associate Professor at The Institute of Computing Technology of the Chinese Academy of Sciences. My research interests include software security and program analysis, with a focus on improving software reliability and security through advanced program analysis techniques.
News 📰
- NEW! April 2025: One paper is accepted by CCS2025
- NEW! April 2025: One paper is accepted by FSE2025
- NEW! April 2025: One paper is accepted by internetware2025
Research Interests 🔬
I am broadly interested in computer security, and my research frequently intersects with:
- Software Security:
- Vulnerability detection and prevention
- Security enhancement in open-source software
- Bug detection and analysis
- Program Analysis:
- Static and dynamic analysis techniques
- Context-sensitive pointer analysis
- IFDS analysis optimization
- Cloud Systems:
- Distributed system security
- Crash-recovery bug detection
- Concurrency bug detection
Recruiting 🎓
We’re actively seeking talented researchers!
Who We’re Looking For
- 🔍 Potential Ph.D. candidates
- 📚 Master students
- 🌱 Research interns
How to Apply
- Visit our research group page: https://ict-pag.github.io/
- Check detailed application information: https://ict-pag.github.io/joining/
- Feel free to contact me directly if you’re passionate about our research areas!
Selected Publications 📚
2025
VulPA: Detecting Semantically Recurring Vulnerabilities with Multi-Object Typestate Analysis
Liqing Cao, Haofeng Li, Chenghang Shi, Jie Lu, Haining Meng, Lian Li, Jingling Xue
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’25)SLVHound: Static Detection of Session Lingering Vulnerabilities in Modern Java Web Applications
Haining Meng, Jie Lu✉, Yongheng Huang, Lian Li✉
The 16th International Conference on Internetware (Internetware’25)Module-Aware Context Sensitive Pointer Analysis
Haofeng Li, Chenghang Shi, Jie Lu, Lian Li, Zixuan Zhao
International Conference on Software Engineering (ICSE’25)Sheep’s Clothing, Wolf’s Data: Detecting Server-Induced Client Vulnerabilities in Windows Remote IPC
Fangming Gu, Qingli Guo✉, Jie Lu✉, Qinghe Xie, Beibei Zhao, Kangjie Lu, Hong Li, Xiaorui Gong
Network and Distributed System Security Symposium (NDSS’25)
2024
- Detecting Broken Object-Level Authorization Vulnerabilities in Database-Backed Applications
Yongheng Huang, Chenghang Shi, Jie Lu✉, Haofeng Li, Haining Meng, Lian Li✉
ACM Conference on Computer and Communications Security (CCS’24) - Boosting the Performance of Alias-Aware IFDS Analysis with CFL-based Environment Transformers
Haofeng Li, Chenghang Shi, Jie Lu, Lian Li, Jingling Xue
ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA’24) - Better Not Together: Staged Solving for Context-Free Language Reachability
Chenghang Shi, Haofeng Li, Jie Lu, Lian Li
International Symposium on Software Testing and Analysis (ISSTA’24) - PEARL: A Multi-Derivation Approach to Efficient CFL-Reachability Solving
Chenghang Shi, Haofeng Li, Yulei Sui, Jie Lu, Lian Li, Jingling Xue
IEEE Transactions on Software Engineering (TSE’24) - Generic Sensitivity: Generics-Guided Context Sensitivity for Pointer Analysis
Haofeng Li, Tian Tan, Yue Li, Jie Lu, Haining Meng, Liqing Cao, Yongheng Huang, Lian Li, Lin Gao, Peng Di, Liang Lin, and ChenXi Cui
IEEE Transactions on Software Engineering (TSE’24) - Boosting the Performance of Multi-Solver IFDS Algorithms with Flow-sensitivity Optimizations
Haofeng Li, Jie Lu, Haining Meng, Liqing Cao, Lian Li, Lin Gao
International Symposium on Code Generation and Optimization (CGO’24) - File Hijacking Vulnerability: The Elephant in the Room
Chendong Yu, Yang Xiao, Jie Lu, Yuekang Li, Yeting Li, L. Li, Y. Dong, J. Wang, J. Shi, D. Bo, W. Huo
Network and Distributed System Security Symposium (NDSS’24) - AutoWeb: Automatically Inferring Web Framework Semantics via Configuration Mutation
Haining Meng, Haofeng Li, Jie Lu, Chenghang Shi, Liqing Cao, Lian Li, lin Gao
International Conference on Engineering of Complex Computer Systems (ICECCS’24)
2023
- Two Birds with One Stone: Multi-Derivation for Fast Context-Free Language Reachability Analysis
Chenghang Shi, Haofeng Li, Yulei Sui, Jie Lu, Lian Li, Jingling Xue
IEEE/ACM International Conference on Automated Software Engineering (ASE’23)
2022
- Detecting Missing-Permission-Check Vulnerabilities in Distributed Cloud Systems 🏆
Jie Lu, Haofeng Li, Chen Liu, Lian li, Kun Cheng
Best Paper Honorable Mention
ACM Conference on Computer and Communications Security (CCS’22) - Generic Sensitivity: Customizing Context-Sensitive Pointer Analysis for Generics
Haofeng Li, Jie Lu, Haining Meng, Liqing Cao, Yongheng Huang, Lian Li, Lin Gao
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’22)
2021
- Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution
Guangwei Li, Ting Yuan, Jie Lu, Lian Li, Xiaobin Zhang, Xu Song, Kejun Zhang
Asia-Pacific Software Engineering Conference (APSEC’21) - Detecting TensorFlow Program Bugs in Real-World Industrial Environment
Chen Liu, Jie Lu✉, Guangwei Li, Ting Yuan, Lian Li✉, Feng Tan, Jun Yang, Liang You, Jingling Xue
IEEE/ACM International Conference on Automated Software Engineering (ASE’21) - Scaling Up the IFDS Algorithm with Efficient Disk-assisted Computing
Haofeng Li, Haining Meng, Hengjie Zheng, Liqing Cao, Jie Lu, Lian Li, Lin Gao
International Symposium on Code Generation and Optimization (CGO’21) - GoBench: a Benchmark Suite of Real-World Go Concurrency Bugs
Ting Yuan, Guangwei Li, Jie Lu✉, Chen Liu, Lian Li✉, Jingling Xue
International Symposium on Code Generation and Optimization (CGO’21)
2018-2020
- CloudRaid: Detecting Distributed Concurrency Bugs via Log Mining and Enhancement
Jie Lu, Feng Li, Chen Liu, Lian Li, Xiaobing Feng, Jingling Xue
IEEE Transactions on Software Engineering (TSE’20) - CrashTuner: Detecting Crash-Recovery Bugs in Cloud Systems via Meta-Info Analysis
Jie Lu, Chen Liu, Lian Li, Xiaobing Feng, Feng Tan, Jun Yang, Liang You
ACM Symposium on Operating Systems Principles (SOSP’19) - Understanding Node Change Bugs for Distributed Systems
Jie Lu, Liu Chen, Lian Li and Xiaobing Feng
IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER’19) - CloudRaid: Hunting Concurrency Bugs in the Cloud via Log-Mining
Jie Lu, Feng Li, Lian Li and Xiaobing Feng
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE’18)