Charles Zhang
Professor, Director of Cybersecurity Laboratory
Department of Computer Science and Engineering (direction)
The Hongkong University of Science and Technology
Room 3002A in CYT Building Tel: (852)23586997 Fax: (852)23581477
Clearblue |
    | ISSTA 24 |
    | ICSE 24 |
Maryam's work accepted by TSE. Her very first publication! Ling Hao's work received ASPLOS 2024 Best Paper Award! Received ICSE 2024 Distinguished Reviewer award! Congrats to Wensheng on successfully defending his PhD thesis! Congrats to Yiyuan on his buffer overflow detection work accepted by ISSTA 24! I will serve as the general chair of SPLASH 2025 to be held in Singapore. Congrats to Chengpeng on successfully defending his PhD thesis! Congrats to Zhouan's work on binary similarity detection being accepted by TOSEM! Congrats to Hao Ling on his memory sanitization work accepted by ASPLOS 24! Congrats to Zhou'an on his binary lifting work accepted by ASPLOS 24! Congrats to Heqing on his 2nd S&P 2024 paper on drected fuzzing (again!). He will join the faculty of City University of Hong Kong. Congrats to Yuandao on successfully defending his PhD thesis. He joins Huawei through the Talented Youth program. Congrats to Yuandao on his USENIX Security 2024 paper, again, on call graph construction. Congrats to Yuandao on his OOPSLA 2023 paper on call graph construction. Congrats to Heqing on his S&P 2024 paper on fuzzing (again!). Sourcebrella acquired by Ant Group after a four-year and incredible journey of commercializing Pinpoint!
The 10-million-line static analysis statement: "to achieve all-sensitive precision and sublinear scalability while SIMULTANEOUSLY addressing the CODA requirements : achieve scalability by being continuous both in time, incremental, and in space, accumulative (Continuous); be open for defining customized source-code test cases through APIs or DSLs (Open); respect the fact that source code is largely unavailable(Dark code); understand assembled program dependency (Aassembled) introduced by frameworks and middleware.
Our answer to these challenges is the Clearblue research project, a database-like software analysis platform. Clearblue analyzes software in its binary form with or without debug symbols, with or without sourcecode. It is capable, currently, of generating precise data flow information for Linux kernel, almost 30M lines of code, in 30 mins and materializes it on disk. Investigation tasks such as bug finding can be coded via the Clearblue API, on average, in 30 mins.
Achievements
Charles' research has received many awards and led to successful commercialization:ASPLOS 24 best paper, ICSE 24 distinguished reviewer, distinguished paper in OOPSLA 22, ICSE 19, and PLDI 13. ACM SIGSOFT Best PhD Dissertation 2013 (student Jeff Huang), Huawei Distinguished Collaborator both 2022 and 2021 , Ant Group Outstanding Collaboration 2023 , start-up Sourcebrella acquired by Ant Group in 2020.
Recent Papers
I am fortunate to work with the following students:In progress:
Alumni with last known employment:Yongchao Wang, Yiyuan Guo, Maryam Masoudian, Anshunkang Zhou, Hao Ling, Chengfeng Ye, HongChun Chiu, Bowen Zhang, Yibo Jin, Wei Chen, Sixiang Peng, Bangyan DU,Shuhao Fu,Xiang Chen,Chenyang Sun, Qi Zhang, Yuanchen Gao Wensheng Tang, Huawei Chengpeng Wang, Post Doc, Purdue, Yuandao Cai, Huawei Heqing Huang(Post Doc), Post Doc, ETH Peisen Yao , Assistant Professor, Zhejiang University Jiajun Gong, Post Doc, NUS Kexin Ma (M.Phil) Qingkai Shi (Ph.D), Ant Financial Gang Fan (Ph.D) , Staff Engineer, SourceBrella Inc., now at Ant Financial Rongxin Wu (Post-Doc), Associate Professor, Xiamen University Yepang Liu (Post-Doc), Assistant Professor, SUSTech Richard Xiao (Ph.D, Post-Doc), SourceBrella Inc. (Founder, CEO), now at Ant Financial Jinguo(Andy) Zhou (Post-Doc), SourceBrella Inc. (Co-Founder), now at Ant Financial Qirun Zhang (Post Doc) Assistant Professor, Georgia Tech Peng Liu (Ph.D), Researcher, IBM T.J.Watson Research Lab Jeff Huang (Ph.D), Assitant Professor, Texas A&M University Lingjie Huang (M.Phil) Yushan Zhang (M.Phil), Software Engineer, Tencent Bin Xu (M.Phil) Software Engineer, Facebook Fan Yu(M.Phil), Software Engineer, Pinduoduo.
COMP3511: Operating Systems (Fall 2020)
COMP4111: Software Engineering Practices(Spring 2020, Spring 2019, Spring 2018, Spring 2016)
COMP3021: Java Programming (Spring 2024, 2023, 2022, Spring 2020, Fall 2015, Spring 2014; Spring, 2013; Spring 2012)
COMP5111: Fundamentals of Software Analysis (Spring 2014; Spring, 2013; Spring 2011; Fall, 2009; Fall, 2008)
COMP3111: Introduction to Software Engineerings (Fall 2019,Fall, 2014;Fall, 2011;Fall, 2010; Spring, 2010,Spring 2009)
COMP610: Topics in Engineering Enterprise Middleware Platforms. (Spring, 2009)
IEEE TSE: Associate Editor, 2015-2018
ASE:2022(TPC), 2018 (TPC),   2016(Demo),    2013 (TPC)
ECOOP:    2016(ERC)
FSE: 2022 (Industrial track), 2019 (TPC),    2014 (TPC, DS, SRC)     2012 (TPC, NIER)
ICSE: 2024 TPC,   2014 (TPC)     2012 (Demo, SRC)     2009 (Demo)
ISSTA: 2023 TPC,    2014 (TPC)     2012 (TPC)
OOPSLA:     2015 (TPC)    2014 (ERC)     2012 (ERC)     2011 (TPC)
VMCAI:    2018(PC)
ISSTA:    2019 (Doctoral Symposium Co-Chair)
ICSE:    2017 (SRC Co-Chair)
ICSE:    2016 (Proceedings Chair)
PLDI:    2012 (Pacific Publicity Chair)
AOSD:    2013 (Demo Chair)
APSEC:   2012 (Postgraduate Symposium Chair)
InternetWare: 2014 (Co-Chair)
Invited Talk:, Finding good research problems, ICSE 2022 New Faculty Symposium, May 16, Pittsburgh, USA
Keynote: Enterprise-Scale Static Analysis, The Second International Conference on Code Quality Sat 23 Apr 2022 Innopolis, Kazan, Russia
Keynote: Enterprise-Scale Static Analysis: A Pinpoint Experience, Symposium on Dependable Software Engineering Theories, Tools and Applications, Beijing, China, Nov. 25-27, 2021
Invited Talk:Enterprise-Scale Static Analysis: A Pinpoint Experience, Splash Rebase 2020:,Sun 15 - Sat 21 November 2020, online
Invited Talk: Balancing teaching, service and research, ICSE 2020 New Faculty Symposium, July 14, 2020, online
Keynote: Stop the bleeding from the heart, IEEE SCAM 2017: Source Code Analysis and Manipulation Working Conference, September 17-18, 2017, Shanghai, China
Charles Zhang is a professor and the director of the Cybersecurity Lab in the Department of Computer Science and Engineering, the Hong Kong University of Science and Technology (HKUST). He likes using program analysis techniques to improve software reliability. He was an associate editor of IEEE TSE and served on many organizational and technical committees of leading international conferences. His research awards include the distinguished paper awards of PLDI, OOPSLA, and ICSE, as well as the ACM SIGSOFT Doctoral Dissertation Award. His notable industrial impact includes the commercialization of research through Sourcebrella, acquired by the Ant Group, the research collaboration award from Ant Group, and the first to win twice the Huawei distinguished collaborator award. He worked as a software engineer in Motorola Inc, an expert advisor to Huawei, and an expert security panelist of the Hong Kong Monetary Authority. His research is supported by Research Grant Council, Innovation and Technology Fund, and grants from Huawei, Ant, Tencent, TCL, Microsoft, and IBM. Charles obtained his Ph.D, M.Sc, and B.Sc. with honours, all from University of Toronto.