Xiaochen Zou

Ph.D. candidate at University of California, Riverside, wildly interest in system security and kernel exploit.

Bio

Xiaochen is a Ph.D. candidate at University of California, Riverside, advised by Professor Zhiyun Qian. Xiaochen earned his bachelor degree from University of Electronic Science and Technology of China. He was a CTF player of CNSS, focusing on reverse engineering and pwn. During his Ph.D., Xiaochen mainly works on system security including bug discovery, program analysis, and kernel exploit. Xiaochen’s research revealed the misleading fact of general fuzzing and helped identify more than 150 critical bugs that were mislabelled.

Access Xiaochen’s resume.

Pubs

{KOOBE}: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities

Weiteng Chen, Xiaochen Zou, Guoren Li, Zhiyun Qian

USENIX Security 2020 [paper] [slides] [code]

 

Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels

Hang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, and Zhiyun Qian

ACM CCS 2021 [paper]

 

SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel

Xiaochen Zou, Guoren Li, Weiteng Chen, Hang Zhang, Zhiyun Qian

USENIX Security 2022 (To appear) [paper] [code]

Credits

CVE-2021-42008

CVE-2021-33034

CVE-2021-33033

CVE-2020-36386

CVE-2019-25044

CVE-2020-36385

CVE-2018-25015

CVE-2020-36387

CVE-2019-25045

News

Talk: SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs

Linux Security Summit North America 2021

Oct, 2021 [slides]

 

Milestone: Passed Ph.D. candidate qualifying exam

University of California, Riverside

Jun, 2021

 

Sub-reviewer: USENIX Security

USENIX Security ’21 Winter

Feb, 2021

 

Sub-reviewer: IEEE S&P

IEEE S&P ’21 Fall

Oct, 2020

 

Sub-reviewer: NDSS

NDSS ’21 Fall

Sep, 2020

 

Sub-reviewer: NDSS

NDSS ’20 Summer

Jun, 2020

 

Sub-reviewer: NDSS

NDSS ’20 Fall

Dec, 2019

 

Prize: Won 3th prize in the National Cyber Security Competition of college students

National Cyber Security Competition of college students

2018

 

Prize: Won 3th prize in the Qiangwang Cyber Security Competition

Qiangwang Cyber Security Competition

2018

 

Prize: Won 7th prize in 0ctf

Tencent

2017

 

Prize: Won 1st in Anheng National Security Competition in west-south district

DBAPPSecurity

2017, 2016

 

Prize: Won 5th in DDCTF

DiDi

2016

 

Prize: Won 1st prize in National Olympiad in Informatics of Provinces(NOIP) 

National Olympiad in Informatics of Provinces

2013