Cheng Huang

Lab: No.24 South Section 1, Yihuan Road, Chengdu, China 610064
Email: codesec [AT] scu.edu.cn

NEWS

14 Sept. 2022
Paper accepted by Applied Intelligence (JCR Q2) with Du.

28 Aug. 2022
Paper accepted by SecureComm (CCF C) with Liu.

26 Aug. 2022
Paper accepted by Information Sciences (JCR Q1) with Xu.

25 Aug. 2022
Congrats to 0x401 team on the NCSISC 2022 contest.

22 Aug. 2022
Congrats to first prize on the NCSISC 2022 contest.

30 June. 2022
Paper accepted by Computers & Security (CCF B) with Guo.

15 June. 2022
Paper accepted by RAID (CCF B) with Ou.

16 May. 2022
Paper accepted by KSEM (CCF C) with Wang.

1 May. 2022
Paper accepted by Internetware 2022 with Sun.

25 Mar. 2022
Paper accepted by Computers & Security (CCF B) with Huang.

28 Feb. 2022
Paper accepted by SCN (CCF C) with Liu.

24 Dec. 2021
Paper accepted by Computers & Security (CCF B) with Liu.

13 Dec. 2021
Paper accepted by Neurocomputing with Wang.

1 Nov. 2021
Paper accepted by JCS(CCF B) with Han.

25 Sep. 2021
Congrats to Dr. Huang won Second prize of Beijing Science and Technology Award.

31 Aug. 2021
Congrats to Zhao's team won first prize ciscn 2021.

30 Aug. 2021
Paper accepted by SCN(CCF C) with Xie.

11 Aug. 2021
Paper accepted by ICDF2C(CCF C) with Ou.

1 July. 2021
Paper accepted & Best Paper Award ICICS(CCF C) with Guo.

24 Jun. 2020
Congrats to five B.S. & six M.S. achived their degree today!!

7 June. 2021
Paper accepted by Trustcom(CCF C) with Su & Liang.

25 Jan. 2021
Paper accepted by JISA(CCF C) with Li.

20 Jan. 2021
Paper accepted by Neurocomputing with Zhou.

17 Dec. 2020
Paper accepted by Computers & Security with Guo.

30 Nov. 2020
Paper accepted by Security and Communication Networks with Su.

3 Nov. 2020
Paper accepted by Security and Communication Networks with Wu.

Links

安全学术圈
SecWiki
Research Materials

I am an Associate Professor in the School of Cyber Science and Engineering, Sichuan University, China. I am broadly interested in all aspects of network and system security. My work follows a measurement and data driven approach to characterize and detect critical security issues in large-scale systems. My current research focuses on attack detection, underground economics, cyber threat intelligence, source code and supply chain security.

I obtained my Ph.D. in Computer Science at the Sichuan University, and I did a Joint PhD student at University of California, Santa Barbara, under the supervision of Prof. Giovanni Vigna.

Looking for bright students
I am looking for self-motivated Master/Undergraduate students, and (Visiting) research students who have strong interests in security research. If you are interested, feel free to send me an email.

*长期招收攻击检测、公害治理、威胁溯源、数据安全、IoT安全、ML/NLP等方向的本科生、硕/博士生(保研/考研)!*
欢迎有浓厚兴趣、强烈自我发展诉求的同学加入!

Selected Publications (Full List)

  • Viopolicy-Detector: An Automated Approach to Detecting GDPR Compliance Violations in Websites
    Haoran Ou, Yong Fang, Wenbo Guo, Yongyan Guo, Cheng Huang*
    The 25th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2022), 2022
    DOI CCF B

  • GraphXSS: An Efficient XSS Payload Detection Approach Based on Graph Convolutional Network
    Zhonglin Liu, Yong Fang, Cheng Huang*, Jiaxuan Han
    Computers & Security, 2022(114):102597
    DOI CCF B

  • JStrong: Malicious JavaScript Detection Based on Code Semantic Representation and Graph Neural Network
    Yong Fang, Chaoyi Huang, Minchuan Zeng, Zhiying Zhao, Cheng Huang*
    Computers & Security, 2022(118),102715
    DOI CCF B

  • 源代码漏洞静态分析技术
    刘嘉勇, 韩家璇, 黄诚*
    信息安全学报, 2022,7(4):100-113.
    DOI CCF B PDF

  • CyberRel: Joint Entity and Relation Extraction for Cybersecurity Concepts
    Yongyan Guo, Zhengyu Liu, Cheng Huang*, Jiayong Liu, Wangyuan Jing, Ziwang Wang, Yanghao Wang
    International Conference on Information and Communications Security (ICICS), Springer, Cham, 2021:447-463.
    DOI PDF CCF C Best Student Paper

  • LMTracker: Lateral Movement Path Detection based on Heterogeneous Graph Embedding
    Yong Fang, Congshuang Wang, Zhiyang Fang, Cheng Huang*
    Neurocomputing, 2022(474):37-47.
    DOI JCR 2

  • Malicious Packages Lurking in User-Friendly Python Package Index
    Genpei Liang, Xiangyu Zhou, Qingyu Wang, Yutong Du, Cheng Huang*
    IEEE International Conference on Trust, Security and Privacy in Computing and Communications(TrustCom), Shenyang, China, 2021:606-613.
    DOI CCF C

  • ExSense: Extract Sensitive Information from Unstructured Data
    Yongyan Guo, Jiayong Liu, Wenwu Tang and Cheng Huang*
    Computers & Security, 2021(102): 102156.
    DOI PDF CCF B

  • NEDetector: Automatically Extracting Cybersecurity Neologisms from Hacker Forums
    Ying Li, Jiaxing Cheng, Cheng Huang*, etc.
    Journal of Information Security and Applications, 2021(58):102784.
    DOI CCF C

  • Effective method for detecting malicious PowerShell scripts based on hybrid features
    Yong Fang, Xiangyu Zhou, Cheng Huang*
    Neurocomputing, 2021(448):30-39.
    DOI Data JCR 2

  • Covert Timing Channel Detection Method Based on Time Interval and Payload Length Analysis
    Jiaxuan Han, Cheng Huang, Fan Shi, Jiayong Liu*
    Computers & Security, 2020(97),101952
    DOI CCF B

  • GroupTracer: Automatic Attacker TTP Profile Extraction and Group Cluster in Internet of Things
    Yixin Wu, Cheng Huang*, Xing Zhang and Hongyi Zhou
    Security and Communication Networks, 2020:8842539.
    DOI PDF CCF C

  • CyberEyes: Cybersecurity Entity Recognition Model Based on Graph Convolutional Network
    Yong Fang, Yuchi Zhang,Cheng Huang*
    The Computer Journal, 2021, 64(8): 1215-1225.
    DOI PDF CCF B

  • Session-based Webshell Detection using Machine Learning in Web Logs
    Yixin Wu, Yuqiang Sun, Cheng Huang*, Peng Jia, and Luping Liu
    Security and Communication Networks, 2019:3093809.
    DOI PDF CCF C

  • DeepVuler: A Vulnerability Intelligence Mining System for Open-Source Communities
    Susheng Wu, Bin Chen, MingXu Sun, Renyu Duan, Qixiang Zhang, Cheng Huang*
    IEEE International Conference on Trust, Security and Privacy in Computing and Communications(TrustCom), Shengyang, China, 2021:598-605.
    C DOI Data CCF C

  • EmailDetective: An Email Authorship Identification and Verification Model
    Yong Fang, Yue Yang, Cheng Huang*
    The Computer Journal, 2020, 63(11):1775-1787.
    DOI Data CCF B

  • A Study on Web Security Incidents in China by Analyzing Vulnerability Disclosure Platforms
    Cheng Huang, JiaYong Liu*, Yong Fang, Zheng Zuo
    Computers & Security, 2016(58): 47-62
    DOI CCF B

  • Detecting Malicious JavaScript Code Based on Semantic Analysis
    Yong Fang, Cheng Huang*, Yu Su, Yaoyao Qiu
    Computers & Security, 2020(93), 101764
    DOI CCF B

  • Automatic Identification of Honeypot Server Using Machine Learning Techniques
    Cheng Huang, Jiaxuan Han, Xing Zhang, and Jiayong Liu*
    Security and Communication Networks, 2019:2627608.
    DOI PDF CCF C

  • Gossip: Automatically Identifying Malicious Domains from Mailing List Discussions
    Cheng Huang, Shuang Hao, Luca Invernizzi, JiaYong Liu, Yong Fang, Christopher Kruegel, Giovanni Vigna
    Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIA CCS)
    Abu Dhabi, United Arab Emirates, April 2017.
    DOI PDF CCF C