The System and Software Security Laboratory is a research group led by Professor Bing Mao and affiliated with the School of Computer Science at Nanjing University, exploring multiple respects in software security. Our core research areas include:
Reverse Engineering: We study binary analysis and reverse engineering techniques to recover program semantics, understand low-level program behavior, and support security analysis when source code or debugging information is unavailable.
Vulnerability Detection: We develop automated techniques for discovering vulnerabilities in complex software systems, including fuzzing, program analysis, protocol analysis, and intelligent test generation
Compiler Security: Identify security risks introduced during compiler optimization/transformation. Develop validation techniques (e.g., differential testing, path-coverage test generation) to ensure trustworthiness.
AI for Security Analysis: We explore how machine learning and large language models can assist program analysis, software testing, vulnerability detection, and security reasoning.
Security for AI: We study security challenges in AI-powered software systems, including the reliability, trustworthiness, and attack surfaces of intelligent agents and AI-assisted applications.
Our research is consistently published at top-tier conferences including CCS, S&P, USENIX Security, ISSTA, and ICSE.
Graduates pursue careers at leading companies (e.g., Huawei, Alibaba, NetEase) and academic institutions (e.g., HUST, SEU) worldwide.
We cordially invite motivated Master's and Ph.D. candidates passionate about software security to join us in exploring the boundaries of system security!
News
-
June, 2026
Xingbang He’s FeatureFuzz is accepted by CCS 2026.
-
June, 2026
Yi Qian’s Action Rebinding Attack is accepted by CCS 2026.
-
September, 2025
Yi Qian’s Prompt Cloning is accepted by ASE 2025.
-
September, 2025
Tiantai Zhang’s oCFI is accepted by ToSEM 2025.
-
July, 2025
Haiyang Wei’s ProtocolGPT is accepted by IWQoS 2025.
Research
Security for AI system
We study security risks in AI-powered software systems and develop techniques to analyze, evaluate, and defend against attacks on intelligent agents and AI-assisted applications.
Reverse Engineering
We study binary analysis and reverse engineering techniques to understand program behavior, recover program semantics, and support security analysis of real-world software.
Kernel Security
This research is about to protect the operating system kernel against attacks by ensuring the integrity, confidentiality, and availability of kernel.
Vulnerability mining
This project is about to explore techiniques to find vulnerabilities in software automatically,including fuzzing, symbolic execution and so on.
Compiler security
Compilers are important and complex, in this project, we study various security issues introduced by compilers.
AI for software security
We explore how AI can assist program analysis, software testing, vulnerability detection, and security reasoning.
People
Advisor
Bing Mao
Ph.D Candidate
Yi Qian
Tiantai Zhang
Junjie Peng
Haiyang Wei
Xingbang He
Yi Zhang
Yongzhuo Zhang
Master
Nanxin Wu
Chen Tang
Yuhan Wu
Fei Peng
Yuanwei Chen
Yunzhe Li
kunwei Qian
Xu Zhu
Alumni
Dongliang Mu(PHD)
Zhilong Wang
Ligeng Chen
Sijia Geng
Yunlan Du
Jian Guo
Chengbin Pang
Jianhao Xu
Zhengjie Du
Zhongling He
Weiping Zhou
Jinbin Ouyang
Jun Zhu
Jia Guo
Zhu Ding
Xuelan Xu
Maorong Chen
Linke Li
Kunbo Zhang
Yuyang Wang
Contact Us
If you are interested in joining our group, please contact Professor Bing Mao: maobing@nju.edu.cn