Jianwei Zhuge (诸葛建伟)

Ph.D., Associate Research Professor
FIT 4-204, Tsinghua University, Beijing, China 100084
zhugejw [at] tsinghua -dot- edu -dot- cn
zhugejw [at] cernet -dot- edu -dot- cn

About

Dr. Jianwei Zhuge, Assoicate Research Professor in the Institute for Network Science and Cyberspace of Tsinghua University, Co-Founder, Organizer and Sponsor Professor of the Blue-Lotus Team.

His research area is network and system security. He has published more than 80 academic papers, two books, and nearly ten translated books. Based on Google Scholar, his papers have been cited 1411 times, and the h-index of his publication is 19, as of Dec 2019. He is also a Senior Member of CCF, and a Full member of The Honeynet Project.

Research Interests

  • Measurement and Counter-Strike Mechanisms of Emerging Internet Threats
  • Collection, Analysis, Detection and Defense Techniques for Various forms of Malware
  • Software Vulnerability Analysis, Detection and Mitigation
  • SCADA and IoT Security

Education

  • Ph.D. in Computer Science, Peking University, China. 2001-2006. Advisor: Prof. Wang Xuan, Prof. Xiao Jianguo, Dissertation: Research on Technologies for Network Intrusion Detection and Behavior Correlation Analysis. With additional guidance from Prof. Yang Zhenkun, Prof. Pan Aimin, and Prof. Zou Wei.
  • B.S. in Computer Science, Peking University, China. 1997-2001.

Professional Experience

  • Associate Research Professor, Network and Information Security Lab, Tsinghua University, China, 2010 – present.
  • Adjunt Professor, College of Compute Science, Haerbin Insitute of Technology, WeiHai, China, 2016 – 2018.
  • Associate Research Professor, Institute of Computer Science and Technology, Peking University, China, 2009 – 2010.
  • Assistant Research Professor, Institute of Computer Science and Technology, Peking University, China, 2006 – 2009.

Publications in English

  • Baozheng Liu , Chao Zhang* , Guang Gong , Yishun Zeng , Haifeng Ruan , Jianwei Zhuge* . FANS: Fuzzing Android Native System Services via Automated Interface Analysis, USENIX Security 2020.

  • Miao Yu, Jianwei Zhuge*, Ming Cao, Zhiwei Shi, and Lin Jiang. A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Future Internet 2020, 12(2), 27; https://doi.org/10.3390/fi12020027.

  • YUAN WEI, SENLIN LUO, JIANWEI ZHUGE, JING GAO, ENNAN ZHENG, BO LI, LIMIN PAN. ARG: Automatic ROP chains Generation, IEEE Access ( Volume: 7 ): 120152 - 120163. 2019. (SCI IF: 4.098).

  • Gengqian Zhou,Jianwei Zhuge*,Yunqian, Fan,Kun Du, Shuqiang Lu. A Market in Dream: The Rapid Development of Anonymous Cybercrime, Mobile Networks and Applications, 2019. (SCI IF: 2.497)

  • Kun Yang, Hanqing Zhao, Chao Zhang, Jianwei Zhuge and Haixin Duan. Fuzzing IPC with Knowledge Inference. SRDS 2019. October 1-4.

  • Guannan Guo, Jianwei Zhuge*, Mengmeng Yang, Gengqian Zhou, Yixiong Wu. The International Conference on Internet ofThings, Embedded Systems and Communications (IINTEC 2018), Hammamet, Tunisia December 20-22, 2018.

  • Yukun Liu, Zhuge Jianwei*, and Chao Zhang. CBTracer: Continuously Building Datasets for Binary Vulnerability and ExploitResearch. AsiaCCS 1st Radical and Experiential Security Workshop, Incheon, Republic of Korea. 2018/6/4.

  • Kun Yang, Yuan Deng, Chao Zhang, Jianwei Zhuge, Haixin Duan. ICUFuzzer: Fuzzing ICU Library for Exploitable Bugs inMultiple Software. 21st Information Security Conference (ISC 2018). London(Guildford), UK. 9-12 Sep 2018.

  • Yang, Haiyu(#) ; Zhuge, Jianwei(*); Liu, Huiming; Liu, Wei, A TOOL FOR VOLATILE MEMORY ACQUISITION FROM ANDROID DEVICES, 12th IFIP WG 11.9 International Conference on Advances in Digital Forensics, 2016.

  • Kun Yang; Jianwei Zhuge (*); Yongke Wang; Lujue Zhou; Haixin Duan, Intent Fuzzer: Detecting Capability Leaks of Android Applications, ACM Symposium on Information, Computer and Communications Security(AsiaCCS) 2014., 2014.6.4-2014.6.8.

  • Yinzhi Cao; Xiang Pan; Yan Chen; Jianwei Zhuge, JShield: Towards Real-time and Vulnerability-based Detection of Polluted Drive-by Download Attacks, Annual Computer Security Applications Conference (ACSAC), 2014. 12.8-2014.12.10.

  • X. Lu(#) ; J. Zhuge(*); R. Wang; Y. Cao; Y. Chen, De-obfuscation and Detection of Malicious PDF Files with High Accuracy, HICSS-46 Forensics Analysis Track, 2013.1.7-2013.1.10.

  • J. Zhuge, L. Gu, H. Duan, Investigating China’s Online Underground Economy. Conference on the Political Economy of Information Security in China, San Diego, US, Apr, 2012.

  • Z. Chen, G. Gu, J. Zhuge, J. Nazario, X. Han, WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios, to appear inProceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11) , HongKong, China, March 2011.

  • C. Song, J. Zhuge*, X. Han, Z. Ye, Preventing Drive-by Download via Inter-Module Communication Monitoring, In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS’10) , Beijing, China, Apr 2010. (full paper accept ratio: 25/166 = 15%)

  • C. Song, C. Qin, J. Zhuge*, et al, MwSandbox: On Improving the Efficiency of Automated Coarse-grained Dynamic Malware Analysis, Proceedings of the 14th Youth Conference on Communication, July 2009.

  • J. Zhuge*, T. Holz, C. Song, J. Guo, X. Han, and W. Zou. Studying Malicious Websites and the Underground Economy on the Chinese Web, In Proceedings of the 7th Workshop on the Economics of Information Security (WEIS’08), Hanover, NH, USA, June 2008. Springer Book “Managing Information Risk and the Economics of Security” Chapter, Jan 2009.

  • J. Zhuge, Y. Zhou, J. Guo, et al. Malicious Websites on the Chinese Web: Overview and Case Study, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.

  • Y. Zhou, J. Zhuge*, et al. Matrix: a Distributed Honeynet and its Applications, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.

  • J. Zhuge*, T. Holz, X. Han, C. Song, and W. Zou. Collecting Autonomous Spreading Malware Using High-interaction Honeypots, In Proceedings of 9th International Conference on Information and Communications Security (ICICS’07), Zhengzhou, China, Lecture Notes in Computer Science 4861, 438~451. Dec 2007.

  • J. Zhuge*, X. Han, Y. Chen, Z. Ye, and W. Zou. Towards High Level Attack Scenario Graph through Honeynet Data Correlation Analysis, In Proceedings of the 7th IEEE Workshop on Information Assurance (IAW’06), West Point, New York, USA, 2006.

  • J. Zhuge, and R. Yao*. Security Mechanisms for Wireless Home Network, In Proceedings of IEEE Global Telecommunications Conference 2003 (GLOBECOM’03), Vol. 3, pp. 1527-1531, San Francisco, USA, 2003.

Selected Publications in Chinese

  • J Zhuge, X Han, Y Zhou, Z Ye, W Zou, Research and development of botnets, Journal of Software 19 (3), 2008.
  • JW ZHUGE, DW WANG, Y Chen, ZY YE, W ZOU, A network anomaly detector based on the DS evidence theory, Journal of software 17 (3), 463-471,2006.
  • J Jiang, JW Zhuge, HX Duan, JP Wu, Research on botnet mechanisms and defenses, Journal of Software 23 (1), 82-96, 2012.
  • J Zhuge, X Han, Y Zhou, C Song, J Guo, W Zou, HoneyBow: An automated malware collection tool based on the high-interaction honeypot principle, JOURNAL-CHINA INSTITUTE OF COMMUNICATIONS 28 (12), 8, 2007.
  • JW Zhuge, XH Han, ZY Ye, W Zou, Network attack plan recognition algorithm based on the extended goal graph, Chinese Journal of Computers 29 (8), 1356-1366, 2006.
  • S Li, JW Zhuge, X Li, Study on BGP security, Journal of Software 24 (1), 121-138, 2013.
  • JW Zhuge, Y Tang, XH Han, HX Duan, Honeypot technology research and application, Journal of Software 24 (4), 825-842, 2013.
  • X Han, J Guo, Y Zhou, J Zhuge, W Zou, Investigation on the botnets activities, JOURNAL-CHINA INSTITUTE OF COMMUNICATIONS 28 (12), 167, 2007.
  • J ZHUGE, H XU, A PAN, An Attack Knowledge Model Based on Object-Oriented Technology [J], Journal of Computer Research and Development 41 (7), 1110-1116, 2004.

Teaching

  • Advaced Cyber Attack & Defense Practice, for graduated students of Insitute for Networking Science and Cyberspace, Tsinghua University, Summer Semester Since 2019.
  • Pratical Malware Analysis, for graduated students of Insitute for Networking Science and Cyberspace, Tsinghua University, Fall Semester 2017.
  • Cyber Attack & Defense Practice, for undergraduate students of CS, Tsinghua University, Summer Semester from 2015 to 2018.
  • Network Security Engineering and Practice, for undergraduate students of CS, Tsinghua University, Fall Semester from 2011 to 2013.
  • Computer Network Security Technology and Practice, for graduated students of CS, Tsinghua University, Spring Semester from 2011 to 2013.
  • SRT (Student Research Training) Course for undergraduate students, Tsinghua University, from 2011 to present.
  • Network Hacking and Defense: Technology and Practice, for graduated students of EECS, Peking University, Fall Semester from 2008 to 2010.
  • Research Course for undergraduate students, EECS, Yuanpei, and Other departments of Peking University.

Academic/Open Source/Contest Activities

  • NSFC peer reviewer, National Security Research Project peer reviewer, since 2011.

  • Book Reviewer: PHEI Press, Science Press, Since 2011.

  • Editor of ACM China Magazine, From 2014 to 2017. 《Future Internet》Special Issue Co-Guest Editor 2013, Editor, Since 2014.

  • WWW 2012 Security, Privacy, Trust, and Abuse Track, AsiaCCS SESP 2013, VARA 2015-2018, OS2ATC 2014-2015 PC Member.

  • Paper Reviewer: Computer Networks, NWSC, TKDE, Chinese Journal of Electronics, Chinese Journal of Computer, Journal on Communications, NOMS 2016,APNOMS 2015, HICSS 2013, OSDA 2013, HICSS46, CCFICoC’12, NetSec’12, etc.

  • The Honeynet Project Full Member, Chinese Chapter Leader. Since 2006.

  • Google Summer of Code 2009, 2010, 2012 Mentor, 2011 Org Admin.

  • Technical Committee Chair, Co-Founder of XCTF International League, Since 2015.

  • Judge of GeekPwn Since 2014, Judge of Tianfu Cup, WangDing Cup, QiangWang Since 2018, Butian Cup Since 2019.

  • Technical Committee Member/Convener of National College Students Information Security Competition Innovation Practice Competition, Since 2018.

Awards and Honors

  • Cyber Security Man of the Year, 2017, WitAwards (National, honored by Freebuf.)
  • Best Book Author Award, 2014, 2018, PHIE Press.
  • Best Book Author/Translator Award, 2016, China Machine Press.
  • Achievement Conversion Award, 2014, Tencent.
  • IBM Ph.D. Fellowship, 2005 (worldwide, honored by IBM Corp.)
  • Microsoft Research Asia Fellowship, 2004 (Asia Pacific-wide, honored by MSRA)
  • The HP Chinese Excellent Student Scholarship, 2003 (nationwide, honored by HP China)