捕鱼能上下分客服

学校主页 English
MENU
首页» English» Academic Activities

捕鱼能上下分客服:Innovation Laboratory of Mingli College | AI4Security Research innovation research team

Team Instructor

You Wei

Associate Professor and doctoral supervisor of the School of Information

Mingli College innovation education tutor

National-level young talents

Distinguished Scholar Young Scholar of Renmin University of China

He has been engaged in automated software vulnerability mining and dynamic/static analysis of binary programs for a long time, excavated nearly 100 security vulnerabilities in common applications, and exposed the hidden suspicious behavior of hundreds of malicious applications. He has published more than 20 papers on top international academic conferences/journals in the field of information security and software engineering, won the best paper award once, the best application security paper nomination award twice, and won the first prize of Natural Science of Science and Technology Award of China Computer Society.


Innovative content

Security vulnerabilities in computer software systems are the root cause of the vast majority of security incidents in cyberspace. To prevent the security problems caused by software loopholes, the fundamental method is to detect and correct the security loopholes in the process of software development and testing. However, the existing vulnerability detection technology relies heavily on prior knowledge. The research team will lead the students to explore how to apply AI technology to the automatic extraction of vulnerability detection knowledge, explore the method of vulnerability detection knowledge discovery with a high degree of automation from the two aspects of detection of 'unknown known' and 'unknown unknown', and realize the corresponding detection system prototype, so as to effectively alleviate the dependence of security vulnerability detection on prior knowledge. Effectively improve the ability to detect unknown vulnerabilities.

Q: What is detecting 'unknown knowns' (unknown vulnerabilities that are similar to known vulnerabilities)?

A: Starting from the known vulnerabilities, it is directly converted into knowledge that can be matched (retrieval features), taking the target system code data set as the retrieval target, and using information retrieval technology such as similarity measurement to find similar code implementations (potential vulnerabilities).

Q: What is detecting 'unknown unknowns' (unknown vulnerabilities that are not similar to known vulnerabilities)?

A: Take the target system code, dynamic execution trajectory and related documents and other data sets as a special data, extract the necessary knowledge for vulnerability detection through the introduction of machine learning and natural language processing technology, and then combine the acquired knowledge with existing detection technology to find unknown vulnerabilities.

At present, the big language model has been widely promoted and applied. The research team will lead the students to explore the application of big language model in software vulnerability mining on the basis of the exploration of the above issues.


What can you get here?

The research team will provide students with systematic and complete security offensive and defensive skills training and comprehensive scientific research ability training.

Freshman year

In the form of freshman seminars and interest groups, we will explain the basic concepts of information security, commonly used technologies and case studies to stimulate students' interest in information security.

Sophomore year

With the innovative practical ability competition as the starting point, for different types of skills, students are guided to improve the actual level of information security attack and defense based on the basic knowledge of the course.

Junior year

With the work competition as the starting point, scientific research topics suitable for undergraduates are set around the forefront of academia and industry. Students conduct scientific research and exploration in the process of completing the selected works, so that the knowledge and skills learned can be fully applied.

Senior year

On the basis of the selection of the works competition, further in-depth research, complete the graduation project, publish high-level papers, and apply for software copyright/patent. Through such a 'competition and teaching integration' way, comprehensively improve students' practical technical level and scientific research and innovation ability.


Currently some team members

Yuan Jiangfeng

PhD candidate in Class 2023 of the School of Information Technology

Main research interest is mobile security


He Dongnan

Graduate student of Class 2023 of the School of Information Technology

Main research interest is binary program security


Xie Dongchen

Graduate student of Class 2023 of the School of Information Technology

Main research interest is operating system security


Yifei Zhan

2021 undergraduate student at the School of Information Technology

Main research interest on malware analysis


Liu Boyu

2021 undergraduate student of the School of Information Technology

Main research direction is Web security


Liao Qiuyu

Graduate student of the School of Statistics, majored in statistics and Data science.

Interested in AI4Security


Welcome to our team

Contact: youwei@ruc.edu.cn

Wechat: RUC_SESEC

捕鱼能上下分客服赞助商(中国)股份有限公司