Xiaochen Zou

Ph.D. candidate at University of California, Riverside, wildly interest in system security and kernel exploit.


Xiaochen/笑尘 is a Ph.D. candidate at University of California, Riverside, advised by Professor Zhiyun Qian. Xiaochen earned his bachelor degree from University of Electronic Science and Technology of China.

He was a CTF player of CNSS, focusing on reverse engineering and pwn. During his Ph.D., Xiaochen mainly works on system security including bug discovery, program analysis, and kernel exploit.

His current research focus is on Linux kernel fuzzing and vulnerability exploit. He has a strong interest in bug hunting techniques and vulnerability mitigation strategies. Additionally, He has developed multiple security tools based on program analysis techniques like symbolic execution and static taint analysis, the tools reveal the security impacts of of Linux kernel vulnerabilities for both upstream and downstream systems. By utilizing the knowledge of Linux kernel, he has a track record of successfully developing multiple Linux kernel exploits in the past, leading to local privilege escalation on the latest Ubuntu kernel.

In additional to cybersecurity, Xiaochen also has extensive experience with software development. He is proficient in C and Python and have a solid familiarity with C++ and Golang. He has independently managed several significant research projects comprising over 10,000 lines of code in Python, Bash, and C.

Access Xiaochen’s CV.


SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers 

Yu Hao, Guoren Li, Xiaochen Zou, Weiteng Chen, Shitong Zhu, Zhiyun Qian, and Ardalan Amiri Sani

IEEE Security and Privacy (Oakland) 2023


SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel

Xiaochen Zou, Guoren Li, Weiteng Chen, Hang Zhang, Zhiyun Qian

USENIX Security 2022 [paper] [code]


Eluding ML-based Adblockers With Actionable Adversarial Examples

Shitong Zhu, Zhongjie Wang, Xun Chen, Shasha Li, Keyu Man, Umar Iqbal, Zhiyun Qian, Kevin S. Chan, Srikanth V. Krishnamurthy, Zubair Shafiq, Yu Hao, Guoren Li, Zheng Zhang, Xiaochen Zou

ACSAC 2021 [paper]


Statically Discovering High-Order Taint Style Vulnerabilities in OS Kernels

Hang Zhang, Weiteng Chen, Yu Hao, Guoren Li, Yizhuo Zhai, Xiaochen Zou, and Zhiyun Qian

ACM CCS 2021 [paper]


{KOOBE}: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities

Weiteng Chen, Xiaochen Zou, Guoren Li, Zhiyun Qian

USENIX Security 2020 [paper] [slides] [code]














Reward: Received Google Research Scholar Program Reward for my research paper “SyzScope”

Google Research Scholar Program Reward

April, 2023


Talk: SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs

USENIX Security 2022

Augest, 2022 [slides]


Post: Published a Linux 0-day exploit and the full walkthrough write-up


March, 2022 [tweet] [post] [code]


Contest: Exploiting the LAN interface of the NETGEAR R6700v3 router

Pwn2Own 2021 Austin

Nov, 2021 [video] [post]


Talk: Scrutinizing bugs found by syzbot

Linux Security Summit North America 2021

Oct, 2021 [slides] [video]


Milestone: Passed Ph.D. candidate qualifying exam

University of California, Riverside

Jun, 2021


Sub-reviewer: USENIX Security

USENIX Security ’21 Winter

Feb, 2021


Sub-reviewer: IEEE S&P

IEEE S&P ’21 Fall

Oct, 2020


Sub-reviewer: NDSS

NDSS ’21 Fall, NDSS ’20 Summer, NDSS ’20 Fall


Contest: Won 3th prize in the National Cyber Security Competition of college students

National Cyber Security Competition of college students



Contest: Won 7th prize in 0ctf




Contest: Won 1st in Anheng National Security Competition in west-south district


2017, 2016


Contest: Won 5th in DDCTF




Contest: Won 1st prize in National Olympiad in Informatics of Provinces(NOIP) 

National Olympiad in Informatics of Provinces