諸葛建偉
清華大學副研究員
諸葛建偉,清華大學網路科學與網路空間研究院副研究員。
理學學士(計算機科學與技術),北京大學,中國,2001。
東南大學網路空間安全學院,博士研究生校外指導教師,2019-至今;
哈爾濱工業大學(威海)客座教授,2016–2018;
中國計算機學會高級會員;
中國網路空間安全協會個人會員;
XCTF國際聯賽聯合創始人,技術委員會委員;
GeekPwn、天府杯、補天杯、網鼎杯、強網杯、全國大學生信息安全競賽創新實踐能力賽評委專家。
網際網路安全威脅監測和響應;
多種類型惡意代碼的採集、分析、檢測與防禦技術;
軟體漏洞分析,檢測與緩解;
工控與物聯網安全。
WitAwards2017安全年度人物獎(全國獎項,Freebuf授予);
2014、2018年最佳書籍作譯者獎,電子工業出版社;
2016年最佳書籍作譯者獎,機械工業出版社;
2014年成果轉化獎,騰訊TSRC;
IBM Ph.D. Fellowship, 2005 (worldwide, honored by IBM Corp.);
會議論文:
[1]Gengqian Zhou, Jianwei Zhuge*, Adapting to local conditions: Similarities and differences in anonymous online market between Chinese and English Speaking Communities, ICDF2C 2020.
[2]Baozheng Liu , Chao Zhang* , Guang Gong , Yishun Zeng , Haifeng Ruan , Jianwei Zhuge* . FANS: Fuzzing Android Native System Services via Automated Interface Analysis, USENIX Security 2020.
[3]Kun Yang, Hanqing Zhao, Chao Zhang, Jianwei Zhuge and Haixin Duan. Fuzzing IPC with Knowledge Inference. SRDS 2019. October 1-4.
[4]Guannan Guo, Jianwei Zhuge*, Mengmeng Yang, Gengqian Zhou, Yixiong Wu. The International Conference on Internet of Things, Embedded Systems and Communications (IINTEC 2018), Hammamet, Tunisia December 20-22, 2018.
[5]Yukun Liu, Jianwei Zhuge*, and Chao Zhang. CBTracer: Continuously Building Datasets for Binary Vulnerability and ExploitResearch. AsiaCCS 1st Radical and Experiential Security Workshop, Incheon, Republic of Korea. 2018/6/4.
[6]Kun Yang, Yuan Deng, Chao Zhang, Jianwei Zhuge, Haixin Duan. ICUFuzzer: Fuzzing ICU Library for Exploitable Bugs inMultiple Software. 21st Information Security Conference (ISC 2018). London(Guildford), UK. 9-12 Sep 2018.
[7]Yang, Haiyu, Zhuge, Jianwei(*), Liu, Huiming, Liu, Wei, A TOOL FOR VOLATILE MEMORY ACQUISITION FROM ANDROID DEVICES, 12th IFIP WG 11.9 International Conference on Advances in Digital Forensics, 2016.
[8]Kun Yang; Jianwei Zhuge (*); Yongke Wang; Lujue Zhou; Haixin Duan, Intent Fuzzer: Detecting Capability Leaks of Android Applications, ACM Symposium on Information, Computer and Communications Security (AsiaCCS) 2014. 2014.6.4-2014.6.8.
[9]Yinzhi Cao; Xiang Pan; Yan Chen; Jianwei Zhuge, JShield: Towards Real-time and Vulnerability-based Detection of Polluted Drive-by Download Attacks, Annual Computer Security Applications Conference (ACSAC), 2014. 12.8-2014.12.10.
[10]X. Lu ; J. Zhuge(*); R. Wang; Y. Cao; Y. Chen, De-obfuscation and Detection of Malicious PDF Files with High Accuracy, HICSS-46 Forensics Analysis Track, 2013.1.7-2013.1.10.
[11]J. Zhuge*, L. Gu, H. Duan, Investigating China’s Online Underground Economy. Conference on the Political Economy of Information Security in China, San Diego, US, Apr, 2012.
[12]Z. Chen, G. Gu, J. Zhuge, J. Nazario, X. Han, WebPatrol: Automated Collection and Replay of Web-based Malware Scenarios, to appear inProceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11) , HongKong, China, March 2011.
[13]C. Song, J. Zhuge*, X. Han, Z. Ye, Preventing Drive-by Download via Inter-Module Communication Monitoring, In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS’10) , Beijing, China, Apr 2010.
[14]C. Song, C. Qin, J. Zhuge*, et al, MwSandbox: On Improving the Efficiency of Automated Coarse-grained Dynamic Malware Analysis, Proceedings of the 14th Youth Conference on Communication, July 2009.
[15]J. Zhuge*, T. Holz, C. Song, J. Guo, X. Han, and W. Zou. Studying Malicious Websites and the Underground Economy on the Chinese Web, In Proceedings of the 7th Workshop on the Economics of Information Security (WEIS’08), Hanover, NH, USA, June 2008.
[16]J. Zhuge, Y. Zhou, J. Guo, et al. Malicious Websites on the Chinese Web: Overview and Case Study, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.
[17]Y. Zhou, J. Zhuge*, et al. Matrix: a Distributed Honeynet and its Applications, 20th Annual FIRST Conference (FIRST’08), British Columbia, Canada, June 2008.
[18]J. Zhuge*, T. Holz, X. Han, C. Song, and W. Zou. Collecting Autonomous Spreading Malware Using High-interaction Honeypots, In Proceedings of 9th International Conference on Information and Communications Security (ICICS’07), Zhengzhou, China, Lecture Notes in Computer Science 4861, 438~451. Dec 2007.
[19]J. Zhuge*, X. Han, Y. Chen, Z. Ye, and W. Zou. Towards High Level Attack Scenario Graph through Honeynet Data Correlation Analysis, In Proceedings of the 7th IEEE Workshop on Information Assurance (IAW’06), West Point, New York, USA, 2006.
[20]J. Zhuge, and R. Yao*. Security Mechanisms for Wireless Home Network, In Proceedings of IEEE Global Telecommunications Conference 2003 (GLOBECOM’03), Vol. 3, pp. 1527-1531, San Francisco, USA, 2003.
期刊論文:
[1]Miao Yu, Jianwei Zhuge*, Ming Cao, Zhiwei Shi, and Lin Jiang. A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices. Future Internet 2020, 12(2), 27; https://doi.org/10.3390/fi12020027.
[2]Gengqian Zhou, Jianwei Zhuge*, Yunqian, Fan, Kun Du, Shuqiang Lu. A Market in Dream: The Rapid Development of Anonymous Cybercrime, Mobile Networks and Applications, 2020, 25(4). (SCI IF: 2.497)
[3]YUAN WEI, SENLIN LUO, JIANWEI ZHUGE, JING GAO, ENNAN ZHENG, BO LI, LIMIN PAN. ARG: Automatic ROP chains Generation, IEEE Access ( Volume: 7 ): 120152 - 120163. 2019. (SCI IF: 4.098).
[5]諸葛建偉*,唐勇,韓心慧,段海新.蜜罐技術研究與應用進展.軟體學報,2013,24(4):825-842.
[8]諸葛建偉*,陳力波,田繁,鮑由之,陸恂.基於類型的動態污點分析技術.清華大學學報:自然科學版,52(10):1320-1328, 2012.
[10]李雪峰,段海新,諸葛建偉,吳建平.識別蜜罐網路的P2P殭屍網路構建機制,清華大學學報:自然科學版,52(3):385-389,2012.
