Yunhui Zheng

zheng16.cs (at) gmail.com

ABOUT

I was a Research Staff Member at IBM T. J. Watson Research Center working on projects related to AI for Code, AI for business process optimizaion, Web API summerization & recommendation, program vulnerability detection, etc.

I received my PhD from Purdue University where I was advised by Professor Xiangyu Zhang. For my thesis, I investigated techniques for static web application analysis and string constraint solving.

EDUCATION

PhD, Computer Science, 2014
Purdue University, West Lafayette, IN, USA

TOOLS

Z3str SMT String Constraint Solver

Z3str3, Z3str2 and Z3str are SMT constraint solvers for the quantifier-free theory of string equations, the regular-expression membership predicates, and linear arithmetic over the length functions. Z3str3 is now part of the Z3 theorem prover's main codebase, and is the primary string solver in Z3.

PUBLICATIONS

Empir. Softw. Eng.

Analyzing Source Code Vulnerabilities in the D2A Dataset With ML Ensembles and C-BERT

S. Pujar, Y. Zheng, L. Buratti, B. Lewis, Y. Chen, J. Laredo, A. Morari, E. Epstein, T. Lin, B. Yang, Z. Su
Empirical Software Engineering, 2024

TOSEM

Incorporating Signal Awareness in Source Code Modeling: an Application to Vulnerability Detection

Sahil Suneja, Yufan Zhuang, Yunhui Zheng, Jim Laredo, Alessandro Morari, Udayan Khurana
ACM Transactions on Software Engineering and Methodology, 2023

EUROS&P '23

Code Vulnerability Detection via Signal-Aware AI

Sahil Suneja, Yufan Zhuang, Yunhui Zheng, Jim Laredo, Alessandro Morari, Udayan Khurana
The 8th IEEE European Symposium on Security and Privacy, 2023

ICSE '23

AdHere: Automated Detection and Repair of Intrusive Ads

Yutian Yan, Yunhui Zheng, Xinyue Liu, Nenad Medvidovic, Weihang Wang
The 45th ACM/IEEE International Conference on Software Engineering, 2023
Acceptance Rate: 26% (208/796)

MSR '22

Varangian: A Git Bot for Augmented Static Analysis

Saurabh Pujar, Yunhui Zheng, Luca Buratti, Burn L. Lewis, Alessandro Morari, Jim Laredo, Kevin Postlethwait, Christoph Görn
The 19th International Conference on Mining Software Repositories, Industry Track, 2022

SANER '22

VELVET: a noVel Ensemble Learning approach to automatically locate VulnErable sTatements

Yangruibo Ding, Sahil Suneja, Yunhui Zheng, Jim Laredo, Alessandro Morari, Gail E. Kaiser, Baishakhi Ray
The 29th IEEE International Conference on Software Analysis, Evolution and Reengineering, 2022

ICSE '22

Hiding Critical Program Components via Ambiguous Translation

Chijung Jung, Doowon Kim, An Chen, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, Yonghwi Kwon
The 44th ACM/IEEE International Conference on Software Engineering, 2022
Acceptance Rate: 26% (197/751)

SoCC '21

Towards Reliable AI for Source Code Understanding

Sahil Suneja, Yunhui Zheng, Yufan Zhuang, Jim Laredo, Alessandro Morari
ACM Symposium on Cloud Computing, vision paper, 2021
Acceptance Rate: 31.7% (46/145)

ASE-NIER '21

Defeating program analysis techniques via Ambiguous Translation

Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, Yonghwi Kwon
The 36th ACM/IEEE International Conference on Automated Software Engineering, New Ideas and Emerging Results Track, 2021
Acceptance Rate: 33.3% (18/54)

FSE '21

Probing Model Signal-Awareness via Prediction-Preserving Input Minimization

Sahil Suneja*, Yunhui Zheng*, Yufan Zhuang*, Jim Laredo, Alessandro Morari
The 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021
Acceptance Rate: 24.5% (97/396)
* The authors contributed equally to the work and were sorted alphabetically.

ICSE-SEIP '21

D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis

Yunhui Zheng, Saurabh Pujar, Burn Lewis, Luca Buratti, Edward Epstein, Bo Yang, Jim Laredo, Alessandro Morari, Zhong Su
The 43rd International Conference on Software Engineering: Software Engineering in Practice, 2021
Acceptance Rate: 34% (41/121)

ASE '20

MinerRay: Semantics-Aware Analysis for Ever-Evolving Cryptojacking Detection

Alan Romano, Yunhui Zheng, Weihang Wang
The 35th IEEE/ACM International Conference on Automated Software Engineering, 2020
Acceptance Rate: 22.5% (93/414)

ICSE '20

Finding Client-side Business Flow Tampering Vulnerabilities

I Luk Kim, Yunhui Zheng, Hogun Park, Weihang Wang, Wei You, Yousra Aafer, Xiangyu Zhang
The 42nd International Conference on Software Engineering, 2020
Acceptance Rate: 21% (129/617)

ICSE '19

AdJust: Runtime Mitigation of Resource Abusing Third-Party Online Ads

Weihang Wang, I Luk Kim, Yunhui Zheng
The 41st International Conference on Software Engineering, 2019
Acceptance Rate: 21% (109/529)

CAV '18

StringFuzz: A Fuzzer for String Solvers

Dmitry Blotsky, Federico Mora, Murphy Berzish, Yunhui Zheng, Ifaz Kabir, Vijay Ganesh
The 30th International Conference on Computer Aided Verification, Tool paper, 2018

WWW '18

AdBudgetKiller: Online Advertising Budget Draining Attack

I Luk Kim, Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, Weijie Meng and Xiangyu Zhang
The Web Conference 2018, 2018
Acceptance Rate: 14.8% (171/1155)

ICDM '17

GaDei: On Scale-up Training As A Service For Deep Learning

Wei Zhang, Minwei Feng, Yunhui Zheng, Yufei Ren, Yandong Wang, Ji Liu, Peng Liu, Bing Xiang, Li Zhang, Bowen Zhou
The IEEE International Conference on Data Mining, 2017
Acceptance Rate: 19.9% (155/778)

ASE '17

PAD: Programming Third-party Web Advertisement Censorship

Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, I-Luk Kim, Wen-Chuan Lee, Yingqi Liu, Weijie Meng, Xiangyu Zhang, Patrick Eugster
The 32nd IEEE/ACM International Conference on Automated Software Engineering, 2017
Acceptance Rate: 21% (65/314)

FMCAD '17

Z3str3: A String Solver with Theory-aware Branching

Murphy Berzish, Vijay Ganesh, Yunhui Zheng
Formal Methods in Computer-Aided Design, 2017

ISSTA '17

CPR: Cross Platform Binary Code Reuse via Platform Independent Trace Program

Yonghwi Kwon, Weihang Wang, Yunhui Zheng, Xiangyu Zhang, Dongyan Xu
The 2017 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2017
Acceptance Rate: 26% (31/118)

WWW '17

J-Force: Forced Execution on JavaScript

Kyungtae Kim, I Luk Kim, Chung Hwan Kim, Yonghwi Kwon, Yunhui Zheng, Xiangyu Zhang, Dongyan Xu
The 26th International World Wide Web Conference, 2017
Acceptance Rate: 17% (164/966)

ICSE '17

Statically Checking Web API Requests in JavaScript

Erik Wittern*, Annie T. T. Ying*, Yunhui Zheng*, Julian Dolby, Jim A. Laredo
The 39th International Conference on Software Engineering, 2017
Acceptance Rate: 16% (68/415)
* The authors contributed equally to the work and were sorted alphabetically.

ICSE '17

Automatic Input Generation for Mobile Testing

Peng Liu, Xiangyu Zhang, Marco Pistoia, Yunhui Zheng, Manoel Marques, Lingfei Zeng
The 39th International Conference on Software Engineering, 2017
Acceptance Rate: 16% (68/415)

FMSD

Z3str2: An Efficient Solver for Strings, Regular Expressions, and Length Constraints

Yunhui Zheng, Vijay Ganesh, Sanu Subramanian, Omer Tripp, Murphy Berzish, Julian Dolby, Xiangyu Zhang
Formal Methods in System Design, June 2017, Volume 50, Issue 2, pp 249 - 288
Invited paper in the CAV 2015 Special Issue.

FSE '16

WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention

Weihang Wang, Yunhui Zheng, Xinyu Xing, Yonghwi Kwon, Xiangyu Zhang, Patrick Eugster
The 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, 2016
Acceptance Rate: 27% (74/273)

ISSTA '16

ARROW: Automated Repair of Races on Client-Side Web Pages

Weihang Wang, Yunhui Zheng, Peng Liu, Lei Xu, Xiangyu Zhang, Patrick Eugster
The 2016 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2016
Acceptance Rate: 25% (37/147)

ICSE '16

IntEQ: Recognizing Benign Integer Overflows via Equivalence Checking Across Multiple Precisions

Hao Sun, Xiangyu Zhang, Yunhui Zheng, Qingkai Zeng
The 38th International Conference on Software Engineering, 2016
Acceptance Rate: 19% (101/530)

OOPSLA '15

RAIVE: Runtime Assessment of Floating-Point Instability by Vectorization

Wen-Chuan Lee, Tao Bao, Yunhui Zheng, Xiangyu Zhang, Keval Vora, Rajiv Gupta
The ACM SIGPLAN Conference on Object-Oriented Programming. Systems, Languages and Applications, 2015

CAV '15

Effective Search-space Pruning for Solvers of String Equations, Regular Expressions and Length Constraints

Yunhui Zheng, Vijay Ganesh, Sanu Subramanian, Omer Tripp, Julian Dolby, Xiangyu Zhang
The 27th International Conference on Computer Aided Verification, 2015
Acceptance Rate: 27% (68/252)
Paper selected for Formal Methods for System Design Journal, Special Issue dedicated to the Best Papers at CAV’15

PLDI '15

Light: Replay via Tightly Bounded Recording

Peng Liu, Xiangyu Zhang, Omer Tripp, Yunhui Zheng
The 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2015
Acceptance Rate: 19% (58/303)

ISSTA '14

Virtual DOM coverage for effective testing of dynamic web applications

Yunxiao Zou, Zhenyu Chen, Yunhui Zheng, Xiangyu Zhang, Zebao Gao
The 2014 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2014
Acceptance Rate: 28% (36/128)

FSE '13

Z3-str: A Z3-Based String Solver for Web Application Analysis

Yunhui Zheng, Xiangyu Zhang, Vijay Ganesh
The ACM SIGSOFT Symposium on the Foundations of Software Engineering, 2013
Acceptance Rate: 20% (51/251)

ICSE '13

Path Sensitive Static Analysis of Web Applications for Remote Code Execution Vulnerability Detection

Yunhui Zheng, Xiangyu Zhang
The 35th International Conference on Software Engineering, 2013
Acceptance Rate: 19% (85/461)

TSE

Precise Calling Context Encoding

William N. Sumner, Yunhui Zheng, Dasarath Weeratunge, Xiangyu Zhang
IEEE Transactions of Software Engineering, 2012

OOPSLA '12

White Box Sampling in Uncertain Data Processing Enabled by Program Analysis

Tao Bao, Yunhui Zheng, Xiangyu Zhang
The 27th ACM SIGPLAN Conference on Object-Oriented Programming. Systems, Languages and Applications, 2012
Acceptance Rate: 26% (59/228)

ICSE '12

Static Detection of Resource Contention Problems in Server-Side Scripts

Yunhui Zheng, Xiangyu Zhang
The 34th International Conference on Software Engineering, 2012
Acceptance Rate: 21% (87/408)

PLDI '11

Toward Generating Reduciable Replay Log

Kyu Hyung Lee, Yunhui Zheng, William N. Sumner, Xiangyu Zhang
The 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, 2011
Acceptance Rate: 23% (55/236)

WWW '11

Statically Locating Web Application Bugs Caused by Asynchronous Calls

Yunhui Zheng, Tao Bao, Xiangyu Zhang
The 20th International World Wide Web Conference, 2011
Acceptance Rate: 12% (81/658)

ISSTA '10

Strict Control Dependence and Its Effect on Dynamic Information Flow Analyses

Tao Bao, Yunhui Zheng, Zhiqiang Lin, Xiangyu Zhang, Dongyan Xu
The 2010 ACM SIGSOFT International Symposium on Software Testing and Analysis, 2010
Acceptance Rate: 23% (23/100)

ICSE '10

Precise Calling Context Encoding

William N. Sumner, Yunhui Zheng, Dasarath Weeratunge, Xiangyu Zhang
The 32nd ACM/IEEE International Conference on Software Engineering, 2010
Acceptance Rate: 14% (52/380)

Created with Kelvin template by TemplateMag

About

Tools

Publications

Yunhui Zheng

zheng16.cs (at) gmail.com

PUBLICATIONS