I am an associate professor in the Department of Computer Science at the University of Texas at Dallas. I teach and do research on software engineering and security.
I received my Ph.D. in Computer Science from the University of Illinois at Urbana-Champaign in 2018, advised by Prof. Carl A. Gunter and Prof. Tao Xie, an M.S. in Computer Science from North Carolina State University in 2013, advised by Prof. Tao Xie, and a B.E. in Software Engineering from Shanghai Jiao Tong University in 2011, advised by Prof. Jianjun Zhao. I was a visiting researcher in University of California, Berkeley, invited by Prof. Dawn Song. I received several awards, including NSF CAREER Award, ACM SIGSOFT Distinguished Paper Award and Amazon Research Award. I currently serve on the editorial board of ACM TOSEM and WILEY STVR, as well as on the UTD Research Advisory Committee.
Note: I am looking for students, especially those interested in my current research topics. Please drop me an email with your CV/Resume and samples of your work.
Ph.D. Students
Zihe Song (Jan 20-) [ICSE 2021] [CVPR 2022] [FSE 2022] [ISSRE 2022] [LLM4Code 2024] [WWW 2024] [ISSTA 2024] [MobileSoft 2025] [ASPLOS 2025] [ISSTA 2025] [Usenix Security 2025]
Ravishka Rathnasuriya (Dec 21-) [NAACL 2024] [MobileSoft 2025] [ICSE 2025] [ISSTA 2025] [Usenix Security 2025]
Zexin Xu(Aug 24-) [Usenix Security 2025]
Tingxi Li (Aug 24-) [Usenix Security 2025]
Graduated Students
Simin Chen (Ph.D. Jan 19- Jun 24) 1 [FSE 2020] [CVPR 2022] [IJCAI 2022] [FSE 2022] [ASE 2022] [ICCV-W 2023] [CVPR 2023] [ACL 2023] [InterSpeech 2023] [ISSTA 2023] [TRBAM 2024] [TOSEM 2024a] [TOSEM 2024b] [FSE 2024a] [FSE 2024b] [FSE 2025] [Usenix Security 2025]
First Employment: Research Fellow at Columbia University
Mirazul Haque (Ph.D. Jan 19- Oct 23) [CVPR 2020] [ICSE 2022] [CVPR 2022] [CVPR-W 2022] [FSE 2022] [ASE 2022] [COLING 2022] [InterSpeech 2023] [ICCV-W 2023a] [ICCV-W 2023b] [CVPR 2023] [NAACL 2024] [DAC 2024] [Usenix Security 2025]
First Employment: Senior Researcher at J.P. Morgan AI Research
Yueming Wu (Ph.D. Jan 19- Sept 21) 2 [ASE 2019] [ASE 2020] [TOSEM 2021] [ISSTA 2021] [ICSE 2022] [TDSC 2022]
First Employment: Research Fellow at NTU
Wasif Haque (M.S. June 19- Dec 20) [ISSTA 2021] [ICCV-W 2023]
First Employment: Argo Data
Kaiyuan Zhang (M.S. Dec 18 - May 20)
First Employment: PhD student at Purdue CS
Anki Chauhan (M.S. March 19 - May 20) [CVPR 2020] [TOSEM 2021]
First Employment: Goldman Sachs, USA
Sampath Grandhi (M.S. March 19 - May 20) [FSE 2020] [ICSE 2021]
First Employment: Amazon, USA
Former Graduate Students
Jaeseong Lee (Ph.D. Aug 22- Jan 24) [TOSEM 2024]
Xiaodi Li (Ph.D. Jan 19- May 20) [ASE 2019] [FSE 2020]
First Employment: Research Fellow at Mayo Clinic
Rutvij Shah (M.S. Jan 23 - May 23) [InterSpeech 2023]
First Employment: Autopilot@Tesla
Undergraduate Students
Nidhi Majoju (May 24 - , URAP Program) [ISSTA 2025]
Zijie Zhao (May 23 - May 24, grad school: PhD at UPenn) [ICSE 2025]
Evan N. Johnson (Jan 17- May 19, grad school: PhD at UCSD) [FSE 2019]
Yurui Cao (Aug 17- Dec 18, grad school: PhD at UIUC) [ASE 2018]
I am broadly interested in topics related to software engineering and security.
My current research is primarily driven by the need to adapt AI on edge devices such as mobile devices, IoT devices and autonomous vehicles. The line of work on efficiency robustness, pioneered by our group in 2019, began with the observation that different inputs may incur varied amount of computation costs on neural networks. We have developed various attacks such as white-box attack(CVPR 2020), black-box attack(ICSE 2022), and feed-forward attack(ASE 2022) on a range of applications such as Neural Machine Translation(FSE 2022), Neural Image Caption Generation(CVPR 2022), Transformer-based Language Models(ACL 2023, TOSEM 2024), and Neural ODEs (ICCV-W 2023).
Another line of work to enable AI on edge devices is to provide infrastructure support. To this end, our main effort is to build a compiler toolchain (ISSTA 2023, IJCAI 2022) to enable compilation on dynamic-shaped neural networks. We have also investigated the security of such deployment on IoT devices (CCS 2019).
We have been working on mobile testing since we built one of the first automated mobile testing tools in 2012. We have performed a few studies (FSE 2016,ICSE 2017, ASE 2018) on existing mobile testing tools, and based on the study results, we have focused on solving the bottleneck issues such as generating textual inputs(IEEE S&P 2020) and avoiding exploration tarpits (FSE 2021).
We have proposed a new notion of expectation context which contrasts user expectation and program behaviors to detect malware. This notion has opened up the new field of text analytics for mobile security. Specifically, on the user expectation side, we extract information such as app descriptions (Usenix Security 2013, RE 2018), contextual events(HotSoS 2014, ICSE 2015, JCS 2016, HotSoS 2017), ads information (NDSS 2016) and on-screen messages (VL/HCC 2018) to depict what users expect to happen in the apps. On the program behaviors side, we have been developing techniques such as entity-based program analysis(ICSE 2018), centrality analysis(ASE 2019), intimacy analysis(TOSEM 2021), homophily analysis (ISSTA 2021), and contrastive learning (TDSC 2022) to detect potentially unwanted apps (PUAs) and malware.
We have investigated other topics in software engineering and security of DL models. We are one of the first to propose property inference attack(CCS 2018) and adversarial malware generation (ACSAC 2017, AAAI-W 2018). We are also the first to use a global property to interpret a DL model without a specific input (FSE 2020). We did some work in testing DL models such as NMT models(DSN 2019, ICSE 2019) and NLP models (COLING 2022). Realizing such testing may or may not result in a better model, recently, we begin to focus on improving inputs for better robustness (CVPR-W 2022) and accuracy of DL models.
I am generally interested in develop more intelligent tools for software engineers and security researchers. We have made tools for converting natural language specification to programing languages (EMNLP 2018, AAAI-W 2018), generating input grammars for fuzzing (FSE 2019), clone detection (ASE 2020), diagnosing database performance issues (ICSME 2020), analyzing UI flaky tests (ICSE 2020), mapping website changes (ISSTA 2021), detecting game bugs (FSE 2021, ISSRE 2023), and vulnerability detection (ICSE 2022).
Spring 2025, CS 6375.001 - Machine Learning
Fall 2024, CS 6375.004 - Machine Learning
Fall 2024, CS 4375.003 - Introduction to Machine Learning
Spring 2024, CS 7301.001 - Software Engineering for ML Systems
Fall 2023, CS 4375.003 - Introduction to Machine Learning
Spring 2023, SE 4367.001 - Software Testing Verification Validation and Quality Assurance
Fall 2022, SE 6387.001 - Advanced Software Engineering Project
Spring 2022, SE 4367.001 - Software Testing Verification Validation and Quality Assurance
Fall 2021, CS/SE 7301.007 - Software Analysis & Security
Spring 2021, SE 4367.001 - Software Testing Verification Validation and Quality Assurance
Fall 2020, CS/SE 7301.501 - Software Analysis & Security
Summer 2020, CS 4301: Machine Learning in Cyber Security
Spring 2020, CS 6301: Machine Learning in Cyber Security
Fall 2019, CS/CE/SE 3354: Software Engineering
Spring 2019, CS 6301: Machine Learning in Cyber Security
Fall 2018, CS 6332: Systems Security and Binary Code Analysis
Associate Editor: [TOSEM (2023 - present)]
Organizing Committee Member: [ISSTA 2020] [APSEC 2020] [ASE 2017] …
Program Committee Member: [FSE 2024] [ISSTA 2024] [ICST 2024] [ICSE 2023] [ASE 2023] [ICST 2023] [MSR 2023] [ISSRE 2023] [FSE Demo 2023] [ASE 2022] [ISSRE 2022] [ICST 2022] [MSR 2022] [ICSE Demo 2022] [ISSTA DS 2022] [ICSE 2021] [ICST 2021] …
Check CV and researchr profile for more.
