Yueqi Chen

Home

	Yueqi Chen Assistant Professor, Department of Computer Science College of Engineering and Applied Science University of Colorado Boulder Engineering Complex, ECCR 1B18 Email: firstname.lastname AT colorado.edu
I obtained my Ph.D. from the College of Information Sciences and Technology at the Pennsylvania State University in 2022, and spent the final half year as a Visiting Scholar in the Department of Computer Science at Northwestern University. Prior to that, I received my B.Sc in Computer Science from Nanjing University in 2017. I was also a recipient of the 2020-2022 IBM Ph.D. Fellowship. I currently lead the Abstract Team, where our research focuses on Exploit Analysis and Synthesis, Quantum Control System, and Machine Learning for Systems. I am also the faculty advisor of CU Cyber Club. News [ 2025.09 ] Received $1.5M award from NSF Safe-OSE program [ 2025.08 ] Team 42-b3yond-6ug's CRS ranked #1 in SARIF assessment and #2 in vulnerability discovery in DARPA/ARPA-H AIxCC final [ 2025.07 ] QEX is accepted to IEEE Quantum Computing and Engineering (QCE). Congrats to Yicheng! [ 2025.05 ] Lancet is accepted to USENIX Security 2025. Congrats to Qinrun! [ 2024.08 ] Team 42-b3yond-6ug wins DARPA/ARPA-H AIxCC semi-final and is awarded $2M towards final! The Abstract Team Current Members Qinrun Dai , Ph.D. Student, [2024.08 - present] Exploit Analysis and Synthesis, Core member of 42-b3yond-6ug team [USENIX Security 25, BlackHat USA 24, Linux Security Summit EU 24] Yicheng Guang, Ph.D. Student, [2024.08 - present] Quantum Control System, Affiliated with Lawrence Berkeley National Lab [USENIX Security 24, IEEE QCE 25] Sriranga Ramaswamy, Ph.D. Student, [2024.08 - present] Machine Learning for System, Co-advised with Ashutosh Trivedi Ruitong Liu, Visiting Scholar, [2025.08 - present] Exploit Analysis and Synthesis, Core member of 42-b3yond-6ug team Alumni Pietro Zanotta, Student Intern through Europe-Colorado Program, [2024.09 - 2025.01] Now Ph.D. Student at Johns Hopkins University [IEEE QCE 25] Akshay Gowda, Research-based Master, [2023.09 - 2024.12] Now Senior Security Engineer at Tesla Member of 42-b3yond-6ug team Zicheng Wang, Visiting Scholar, [2023.01 - 2024.01] Now Senior OS Engineer at Honor Device [USENIX Security 24, BlackHat USA 24, USENIX Security 23, Linux Security Summit NA 23, BlackHat USA 23a] Minghao Lin, Visiting Scholar, [2023.01 - 2023.07] Now Ph.D. Student at University of South California [SpaceSec 23, BlackHat USA 23a, BlackHat USA 23b] Teaching CSCI 5573 Advanced Operating Systems, 2025 Fall CSCI 3753 Design and Analysis of Operating Systems, 2025 Spring CSCI 4133 / ECEN 4133 Fundamentals of Computer Security, 2024 Fall CSCI 3753 Design and Analysis of Operating Systems, 2024 Spring CSCI 5523 / ECEN 5033 Modern Offense and Defense in Cybersecurity, 2023 Fall [ CTF Platform (Only Accessible to Boulder Students)] CSCI 7000 / ECEN 5033 Modern Offense and Defense in Cybersecurity, 2023 Spring CSCI 7000-007 Advanced System Security, Instructor, 2022 Fall Publication On the Potential of Quantum Computing in Classical Program Analysis Yicheng Guang, Pietro Zanotta, Kai Zhou, Yueqi Chen, Ramin Ayanzadeh IEEE International Conference on Quantum Computing and Engineering (QCE)* 2025* Lancet: A Formalization Framework for Crash and Exploit Pathology Qinrun Dai, Kirby Linvill, Yueqi Chen, Gowtham Kaki USENIX Security Symposium (Security)* 2025* [ Code ] AE Badges: Available, Functional, Reproduced SeaK: Rethinking the Design of a Secure Allocator for OS Kernel Zicheng Wang, Yicheng Guang, Yueqi Chen, Zhenpeng Lin, Michael Le, Dang K Le, Dan Williams, Xinyu Xing, Zhongshu Gu, Hani Jamjoom USENIX Security Symposium (Security)* 2024* [ Code ] AE Badges: Available, Functional, Reproduced [ US Patent Application No.: 18/658,565 ] TGRop: Top Gun of Return-Oriented Programming Automation Nanyu Zhong, Yueqi Chen, Yanyan Zou, Xinyu Xing, Jinwei Dong, Bingcheng Xian, Jiaxu Zhao, Menghao Li, Binghong Liu, Wei Huo European Symposium on Research in Computer Security (ESORICS)* 2024* [ Code ] PET: Prevent Discovered Errors from Being Triggered in the Linux Kernel Zicheng Wang, Yueqi Chen, Qingkai Zeng USENIX Security Symposium (Security)* 2023* [ Code ] AE Badges: Available, Functional, Reproduced [ US Patent Application No.: 18/658,565 ] Mitigating Security Risks in Linux with KLAUS: A Method for Evaluating Patch Correctness Yuhang Wu, Zhenpeng Lin, Yueqi Chen, Dang K Le, Dongliang Mu, Xinyu Xing USENIX Security Symposium (Security)* 2023* CSAW Applied Research Competition Top-10 Finalists 2023 AE Badges: Available, Functional, Reproduced CLExtract: Recovering Highly Corrupted DVB/GSE Satellite Stream with Contrastive Learning Minghao Lin, Minghao Cheng, Dongsheng Luo, Yueqi Chen Workshop on the Security of Space and Satellite Systems (SpaceSec)* 2023* Playing for K(H)eaps: Understanding and Improving Linux Kernel Exploit Reliability Yueqi Chen, Kyle Zeng, Haehyun Cho, Xinyu Xing, Adam Doupé, Yan Shoshitaishvili, Tiffany Bao USENIX Security Symposium (Security)* 2022* AE Badges: Available, Functional, Reproduced [ Paper ] [ Slides ] [ Code ] * indicates equal contribution An In-depth Analysis of Duplicated Linux Kernel Bug Reports Dongliang Mu, Yuhang Wu, Yueqi Chen, Zhenpeng Lin, Chensheng Yu, Xinyu Xing, Gang Wang Network and Distributed System Security Symposium (NDSS)* 2022* [ Paper ] [ Slides ] [ Code ] GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs Zhenpeng Lin, Yueqi Chen, Dongliang Mu, Chengsheng Yu, Yuhang Wu, Xinyu Xing, Kang Li IEEE Symposium on Security and Privacy (SP)* 2022* CSAW Applied Research Competition Top-10 Finalists 2022 [ Paper ] [ Slides ] [ Code ] (ELOISE) A Systematic Study of Elastic Objects in Kernel Exploitation Yueqi Chen, Zhenpeng Lin, Xinyu Xing ACM Conference on Computer and Communications Security (CCS)* 2020* [ Paper ] [ Slides ] [ Code] (Symo3) Exposing Cache Timing Side-channel Leaks through Out-of-order Symbolic Execution Yueqi Chen, Shengjian Guo, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng The Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA)* 2020* [ Paper ] [ Slides ] [ Code] * indicates equal contribution SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Detection Yueqi Chen, Shengjian Guo, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, Zhiqiang Zuo International Conference on Software Engineering (ICSE)* 2020* [ Paper ] [ Slides ] [ Code ] * indicates equal contribution SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel Yueqi Chen, Xinyu Xing ACM Conference on Computer and Communications Security (CCS)* 2019* [ Paper ] [ Slides ] [ Code ] [ Video ] Towards the Detection of Inconsistencies in Public Security Vulnerability Reports Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, Gang Wang USENIX Security Symposium (Security)* 2019* [ Paper ] [ Slides ] [ Code ] [ Video ] RENN: Efficient Reverse Execution with Neural-Network-assisted Alias Analysis Dongliang Mu, Wenbo Guo, Alejandro Cuevas, Yueqi Chen, Jinxuan Gai, Xinyu Xing, Bing Mao, Chengyu Song International Conference on Automated Software Engineering (ASE)* 2019* [ Paper ] [ Slides ] [ Code ] KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities Wei Wu, Yueqi Chen, Xinyu Xing, Wei Zou USENIX Security Symposium (Security)* 2019* [ Paper ] [ Slides ] [ Code ] FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities Wei Wu, Yueqi Chen, Jun Xu, Xinyu Xing, Wei Zou, Xiaorui Gong USENIX Security Symposium (Security)* 2018* [ Paper ] [ Slides ] [ Code ] Other Publications Compartmentalizing Vulnerable Kernel Components Without Stopping the Machine Qinrun Dai, Yueqi Chen Linux Security Summit Europe 2024 Stop! Sandboxing Exploitable Functions and Modules Using In-Kernel Machine Learning Qinrun Dai, Tiejin Chen, Zicheng Wang, Hua Wei, Yueqi Chen BlackHat USA 2024 Briefing Kill Latest MPU-based Protections in Just One Shot: Targeting All Commodity RTOSes Minghao Lin, Zicheng Wang, Jiahe Wang, Chaoyang Lin, Minghang Shen, Yueqi Chen BlackHat USA 2023 Briefing (a) An End-to-End Tool Decoding Highly Corrupted Satellite Stream from Eavesdropping Minghao Lin, Minghao Cheng, Xu Zheng, Dongsheng Luo, Yueqi Chen BlackHat USA 2023 Arsenal (b) HotBPF++: A More Powerful Memory Protection for the Linux Kernel Zicheng Wang, Yueqi Chen Linux Security Summit North America 2023 HotBPF - An On-demand and On-the-fly Memory Protection for the Linux Kernel Yueqi Chen, Zhenpeng Lin Linux Security Summit Europe 2022 A General Approach to Bypassing Many Kernel Protections and Its Mitigation Yueqi Chen, Zhenpeng Lin, Xinyu Xing BlackHat Asia 2021 Your Trash Kernel Bug, My Precious 0-day Zhenpeng Lin, Yueqi Chen, Xinyu Xing, Kang Li BlackHat Europe 2021 Finding Multiple Bug Effects for More Precise Exploitability Estimation Zhenpeng Lin, Yueqi Chen Linux Security Summit North America 2021 Bypassing Many Kernel Protections Using Elastic Objects Yueqi Chen, Zhenpeng Lin, Xinyu Xing Linux Security Summit Europe 2020 [ Slides ] Facilitate Linux Kernel Exploitation Step by Step Yueqi Chen BlueHat IL 2020 [ Slides ] Hands Off and Putting SLAB/SLUB Feng Shui in a Blackbox Yueqi Chen, Xinyu Xing, Jimmy Su Black Hat Europe 2019 [ Slides ] [ Video ] [ Demo1 ] [ Demo2 ] Honors & Awards $2M Award from DARPA for winning AIxCC semi-final, Aug. 2024 $1M Award from DARPA for AIxCC competition, Feb. 2024 CSAW Applied Research Competition Top-10 Finalists, Oct. 2023 CSAW Applied Research Competition Top-10 Finalists, Oct. 2022 The 7th place in DEFCON 29 CTF (Team Nu1L), Las Vegas, USA, Aug. 2021 Black Hat USA, Student Scholarship, 2021 IST Graduate Student Travel Grant Award, 2020 Black Hat USA, Student Scholarship, 2020 IBM PhD Fellowship Award, 2020 (1 out of 24 globally) [ Press 1 ] [ Press 2 ] IST Graduate Student Travel Grant Award, 2019 The 28th USENIX Security Symposium, Student Travel Grant Award, 2019 The 16th place in DEFCON 26 CTF (Team r3kapig), Las Vegas, USA, Aug. 2018 Black Hat USA, Student Scholarship, 2018 The 39th IEEE Symposium on Security and Privacy, Student Travel Grant Award, 2018 The 5th place in NSA codebreaker Challenge, 2017 Services Panelist NSF SaTC Program, 2025 NSF SaTC Program, 2023 Donation Chair IEEE Symposium on Security and Privacy (S&P), 2024 Session Chair IEEE International Conference on Quantum Computing and Engineering (QCE), 2025 IEEE Symposium on Security and Privacy (S&P), 2022 Reviewer and Program Committee IEEE International Conference on Quantum Computing and Engineering (QCE), 2025 International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2025 Workshop on the Security of Space and Satellite Systems (SpaceSec), 2024 ACM Conference on Computer and Communication Security (CCS), 2023 International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2023 Especially Noteworthy Reviewer IEEE Transactions on Dependable and Secure Computing, 2023 International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2022 IEEE Symposium on Security and Privacy (S&P) Poster, 2022 ACM Transactions on Privacy and Security, 2021 IEEE Symposium on Security and Privacy (S&P) Shadow PC, 2021 External reviewer IEEE Symposium on Security and Privacy (S&P), 2023 IEEE Symposium on Security and Privacy (S&P), 2022 USENIX Security, 2021 USENIX Security, 2020 ACM Conference on Computer and Communication Security (CCS), 2020 Annual Computer Security Applications Conference (ACSAC), 2020 ACM Conference on Computer and Communication Security (CCS), 2019 European Symposium on Research on Computer Security (ESORICS), 2019 Annual Computer Security Applications Conference (ACSAC), 2019 Information Security Conference (ISC), 2019 ACM Asia Conference on Information, Computer and Communication Security (ASIACCS), 2018 IEEE Conference on Communications and Network Security (CNS), 2019

End