研究方向为智能软硬件安全，致力于解决智能软硬件及其供应链中存在的安全问题，主要包括：

• 智能软件安全：智能技术驱动的软件安全（例如，缺陷、漏洞、恶意攻击等）
• 智能硬件安全：智能技术驱动的硬件安全（例如，RISC-V处理器安全等）
• 人工智能安全：大模型等人工智能模型自身的安全问题（例如，注入、投毒、越狱等）以及大模型系统安全（例如，MCP安全等）

由于课题组每年招生名额有限，希望所有感兴趣学生提前邮件联系！

• 推免保研学生：参加中国科学院软件研究所“软件与网络”夏令营（一般5月份报名，7月下旬举办并进行面试，具体关注软件所、国科大杭高院、国科大南京学院等官方网站通知）；9月份正式参加中国科学院软件研究所推免考核（没有参加夏令营的同学，可以提前联系，参加9月份的推免考核）。
• 统招考研学生：按照国家和报考单位的相关规定。
• 实习生：也可提供中长期实习岗位，可以远程实习，有实习工资，表现优异者有机会获得推免/统招复试的双选优先资格。

课题组对学生生源学校没有限制，非常欢迎感兴趣的学生联系，满足以下条件的加分（非必须）：

✅ 自我驱动力强

✅ 对安全有兴趣

✅ 对Coding有兴趣

✅ 对前沿探索有兴趣

感兴趣的同学以“保研/考研/实习-姓名-学生自荐”为标题发送邮件至lingxiang@iscas.ac.cn，并附上个人简历。

1. 2025年 北京开源芯片研究院 “万众一芯”黑客马拉松（第1期）双赛道冠军
2. 2025年 DataCon2025 大数据安全分析竞赛 软件供应链安全赛道 冠军（指导教师）
3. 2025年 RISC-V 硬件漏洞挖掘比赛 Hack@CHES 2025 冠军（指导教师）
4. 2025年 RISC-V 硬件漏洞挖掘比赛 Hack@DATE 2025 冠军（指导教师）
5. 2025年 ACM SIGSOFT 杰出论文奖
6. 2024年 Cybersecurity 优秀审稿专家
7. 2024年 DataCon2024 大数据安全分析竞赛 软件供应链安全赛道 冠军（指导教师）
8. 2024年 DataCon2024 大数据安全分析竞赛 漏洞分析赛道 亚军（指导教师）
9. 2024年 DataCon2024 大数据安全分析竞赛 AI安全赛道 季军（指导教师）
10. 2022年 DataCon2022 大数据安全分析竞赛 软件安全赛道冠军（指导教师）
11. 2021年 DataCon2021 大数据安全分析竞赛 软件供应链及物联网安全赛道冠军（指导教师）
12. 2020年 DataCon2020 大数据安全分析竞赛 网络黑产分析方向冠军

1. Chengjie Wang, Jingzheng Wu, Hao Lyu, Xiang Ling, Tianyue Luo, Yanjun Wu, Chen Zhao. A Large Scale Empirical Analysis on the Adherence Gap between Standards and Tool in SBOM. ACM Transactions on Software Engineering and Methodology (TOSEM) 2026 (CCF-A 期刊)
2. Wentao Liang, Yanjun Wu, Xiang Ling, Tianyue Luo, Dinghao Liu, Haotian Zhang, Jingzheng Wu, Mining Long Tail Bugs: Identifying Rare and Overlooked Issues in Code, ACM International Conference on the Foundations of Software Engineering (FSE) 2026 (CCF-A 会议)
3. 崔星,吴敬征,罗天悦,凌祥,王旭. 基于代码感知与双阶段优化融合的README生成大模型框架, 计算机研究与发展 2026 (CCF-T1 期刊)
4. 芮志清, 凌祥, 曹方泽, 罗天悦, 吴敬征. MARC：基于多智能体协同的硬件安全缺陷早期检测方法, 软件学报，2026（CCF-T1 期刊）
5. Bolin Zhou, Jingzheng Wu, Xiang Ling, Jingkun Zhang and Tianyue Luo, LibPass: An An Entropy-Guided Black-Box Adversarial Attack against Third-Party Library Detection Tools in the Wild, IEEE Transactions on Dependable and Secure Computing (TDSC), 2026 (CCF-A 期刊)
6. Hao Lyu, Jingzheng Wu, Xiang Ling, Yicheng Zhong, Zhiyuan Li and Tianyue Luo, Similarity-guided Block-level Mutation for RISC-V Processor Fuzzing, Design, Automation and Test in Europe Conference (DATE) 2026 (CCF-B 会议，EDA领域四大顶会之一)
7. Xing Cui, Jingzheng Wu, Wenxiang Ou, Tianyue Luo, Zhiyuan Li, Xiang Ling VFCionX: Bridging Large and Small Models for Robust Vulnerability-Fixing Commit Identification, AAAI Conference on Artificial Intelligence (AAAI) 2026 (CCF-A 会议)
8. ​Wentao Liang, Xiang Ling, Chen Zhao, Jingzheng Wu, Tianyue Luo, and Yanjun Wu, Detecting Malicious Packages in PyPI and npm by Clustering Installation Scripts, IEEE Transactions on Software Engineering, 2025 (CCF-A 期刊)
9. Yueqin Wang, Jingzheng Wu, Xiang Ling, Tianyue Luo, Xu Wang, PyReach: A Multi-Agent Framework for Vulnerability Reachability Analysis in Python, 32nd Asia-Pacific Software Engineering Conference (APSEC) 2025 (CCF-C 会议)
10. Yiming He, Jingzheng Wu, Xiang Ling, Tianyue Luo, Mutian Yang and Chen Zhao. CECoder: Fine-Grained Code Element Retrieval for Repository-Level Code Generation, IEEE International Symposium on Software Reliability Engineering (ISSRE 2025) Industry Track (CCF-B 会议)
11. 凌祥，周伯霖，王时予，罗天悦，尹鹏，吴春明，王滨，吴敬征. RMDroid：基于多模态融合学习的安卓恶意软件鲁棒检测方法，软件学报 2025 (CCF-T1 期刊)
12. Xing Cui, Jingzheng Wu, Xiang Ling, Tianyue Luo. We Know What You're Looking For: Recommendation for Large-Scale Open Source Software, ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM) 2025 (CCF-B 类会议)
13. Yuhao Peng, Jingzheng Wu, Xiang Ling, Zhiyuan Li, Tianyue Luo, and Yanjun Wu. OptionFuzz: Fuzzing SMT Solvers with Optimized Option Exploration via Large Language Models, International Conference on Software Maintenance and Evolution (ICSME) 2025 (CCF-B 类会议)
14. Xing Cui, Jingzheng Wu, Zhiyuan Li, Tianyue Luo, and Xiang Ling. RMGenie: An LLM-Based Agent Framework for Open Source Software README Generation, International Conference on Software Maintenance and Evolution (ICSME) 2025 (CCF-B 类会议)
15. Bolin Zhou, Jingzheng Wu, Xiang Ling, Tianyue Luo, and Jingkun Zhang, Version-level Third-Party Library Detection in Android Applications via Class Structural Similarity, International Conference on Evaluation and Assessment in Software Engineering (EASE) 2025 (CCF-C 类会议)
16. Xing Cui, Jingzheng Wu, Xiang Ling, Tianyue Luo, Mutian Yang, and Wenxiang Ou. Exploring Large Language Models for Analyzing Open Source License Conflicts: How Far Are We? International Conference on Software Engineering - Industry Challenge Track (ICSE-Industry) 2025
17. Zhiyuan Li, Jingzheng Wu, Xiang Ling, Tianyue Luo, Zhiqing Rui, and Yanjun Wu， The Seeds of the FUTURE Sprout from History: Fuzzing for Unveiling Vulnerabilities in Prospective Deep Learning Libraries， International Conference on Software Engineering (ICSE) 2025 (CCF-A 会议)，获ACM SIGSOFT杰出论文奖（Distinguished Paper Award）
18. 孙泽雨，吴敬征，凌祥，魏怡琳，罗天悦，武延军. 软件供应链SBOM关键技术研究, 软件学报 2025, 36(6): 2604-2642 (CCF-T1 期刊)
19. Xiang Ling, Zhiyu Wu, Bin Wang, Wei Deng, Jingzheng Wu, Shouling Ji, Tianyue Luo, and Yanjun Wu, A Wolf in Sheep’s Clothing: Practical Black-box Adversarial Attacks for Evading Learning-based Windows Malware Detection in the Wild, USENIX Security 2024 (CCF-A 会议)
20. Jianhao Fu, Xiang Ling, Yaguan Qian, Changjiang Li, Tianyue Luo, Jingzheng Wu, Towards Query-Efficient Decision-Based Adversarial Attacks Through Frequency Domain, IEEE International Conference on Multimedia and Expo (ICME) 2024 (CCF-B会议)
21. Yuxiao Chen, Jingzheng Wu, Xiang Ling, Changjiang Li, Zhiqing Rui, Tianyue Luo, and Yanjun Wu, When Large Language Models Confront Repository-Level Automatic Program Repair: How Well They Done?, International Conference on Software Engineering – Industry Challenge Track (ICSE 24 Industry Challenge Track) 2024
22. Jiasheng Jiang, Jingzheng Wu, Xiang Ling, Tianyue Luo, Sheng Qu, and Yanjun Wu. APP-Miner: Detecting API Misuses via Automatically Mining API Path Patterns, IEEE Symposium on Security and Privacy (S&P) 2024 (CCF-A 会议)
23. Jingzheng Wu, Xiang Ling, Xu Duan, Tianyue Luo, and Mutian Yang, VulDL: Tree-based and Graph-based Neural Networks for Vulnerability Detection and Localization, International Conference on Evaluation and Assessment in Software Engineering (EASE) 2024 (CCF-C 会议)
24. Zhenqing Qu, Xiang Ling, Ting Wang, Xiang Chen, Shouling Ji, and Chunming Wu. AdvSQLi: Generating Adversarial SQL Injections against Real-world WAF-as-a-service, IEEE Transactions on Information Forensics & Security (TIFS) 2024 (CCF-A 期刊)
25. 芮志清，梅瑶，陈振哲，吴敬征，凌祥，罗天悦，武延军.  SeChain:基于国密算法的RISC-V安全启动机制设计与实现，计算机研究与发展 2024, 61(6)1458-1475 (CCF-T1 期刊)
26. 陈思然, 吴敬征, 凌祥, 罗天悦, 刘镓煜, 武延军. 面向漏洞检测模型的强化学习式对抗攻击方法, 软件学报 2024, 35(8):3647-3667 (CCF-T1 期刊)
27. 吴圣垚, 王枫, 武延军, 凌祥, 屈晟, 罗天悦, 吴敬征. HiLog: OpenHarmony的高性能日志系统. 软件学报 2024,35(4):2055-2075 (CCF-T1 期刊)
28. Siran Chen, Jingzheng Wu, Xiang Ling, Tianyue Luo, Jiayu Liu, Yanjun Wu, Reinforcement-learning-based Adversarial Attacks Against Vulnerability Detection Models, International Journal of Software and Informatics (IJSI) 2024, 14(3):249-275
29. Xiaoyu Li, Jingzheng Wu, Xiang Ling, Tianyue Luo, and Yanjun Wu. Automatic Program Repair via Learning Edits on Sequence Code Property Graph, IEEE International Conference on Parallel and Distributed Systems (ICPADS) 2023 (CCF-C会议)
30. Wentao Liang, Xiang Ling, Jingzheng Wu, Tianyue Luo, and Yanjun Wu. A Needle is an Outlier in a Haystack: Hunting Malicious PyPI Packages with Code Clustering, IEEE/ACM International Conference on Automated Software Engineering (ASE) 2023 (CCF-A 会议)
31. Xing Cui, Jingzheng Wu, Yanjun Wu, Xu Wang, Tianyue Luo, Sheng Qu, Xiang Ling, and Mutian Yang. An Empirical Study of License Conflict in Free and Open Source Software. International Conference on Software Engineering (ICSE-SEIP) 2023
32. Xiaoyu Liang, Yaguan Qian, Jianchang Huang, Xiang Ling, Bin Wang, Chunming Wu, and Wassim Swaileh. Towards desirable decision boundary by Moderate-Margin Adversarial Training, Pattern Recognition Letters (PRL) 2023 (CCF-C期刊)
33. Yaguan Qian, Zhiqiang He, Yuqi Wang, Bin Wang, Xiang Ling, Shaoning Zeng, Zhaoquan Gu, Haijiang Wang, and Wassim Swaileh. Hierarchical Threshold Pruning Based on Uniform Response Criterion, IEEE Transactions on Neural Networks and Learning Systems (TNNLS) 2023 (CCF-B 期刊)
34. Xiang Ling, Lingfei Wu, Jiangyu Zhang, Zhenqing Qu, Wei Deng, Xiang Chen, Yaguan Qian, Chunming Wu, Shouling Ji, Tianyue Luo, Jingzheng Wu, and Yanjun Wu. Adversarial Attacks against Windows PE Malware Detection: A Survey of the State-of-the-Art, Computer & Security (COSE) 2023 (CCF-B 期刊)
35. Xiang Ling, Lingfei Wu, Saizhuo Wang, Tengfei Ma, Fangli Xu, Alex X Liu, Chunming Wu, and Shouling Ji, Multilevel Graph Matching Networks for Deep Graph Similarity Learning, IEEE Transactions on Neural Networks and Learning Systems (TNNLS) 2023 (CCF-B 期刊)
36. Yanjie Shao, Tianyue Luo, Xiang Ling, Limin Wang, and Senwen Zheng, Cross Platform API Mappings based on API Documentation Graphs, IEEE International Conference on Software Quality, Reliability and Security (QRS), 2022 (CCF-C 会议)
37. Zhiqiang He, Yaguan Qian, Yuqi Wang, Bin Wang, Xiaohui Guan, Zhaoquan Gu, Xiang Ling, Shaoning Zeng, Haijiang Wang, and Wujie Zhou. Filter Pruning via Feature Discrimination in Deep Neural Networks, European Conference on Computer Vision (ECCV) 2022 (CCF-B 会议)
38. Yaguan Qian, Shenghui Huang, Bin Wang, Xiang Ling, Xiaohui Guan, Zhaoquan Gu, Shaoning Zeng, Wujie Zhou, and Haijiang Wang. Robust Network Architecture Search via Feature Distortion Restraining, European Conference on Computer Vision (ECCV) 2022 (CCF-B 会议)
39. Xiang Chen, Hongyan Liu, Qingjiang Xiao, Kaiwei Guo, Tingxin Sun, Xiang Ling, Xuan Liu, Qun Huang, Dong Zhang, Haifeng Zhou, Fan Zhang, and Chunming Wu. Toward Low-Overhead Inter-Switch Coordination in Network-Wide Data Plane Program Deployment, IEEE International Conference on Distributed Computing Systems (ICDCS) 2022 (CCF-B 会议)
40. Zhenqing Qu, Xiang Ling, and Chunming Wu. AutoSpear: Towards Automatically Bypassing and Inspecting Web Application Firewalls, Black Hat Asia 2022 (工业安全顶会)
41. Xiang Ling, Lingfei Wu, Wei Deng, Zhenqing Qu, Jiangyu Zhang, Sheng Zhang, Tengfei Ma, Bin Wang, Chunming Wu, and Shouling Ji. MalGraph: Hierarchical Graph Neural Networks for Robust Windows Malware Detection, IEEE Conference on Computer Communications (INFOCOM) 2022 (CCF-A 会议)
42. Yaguan Qian, Qiqi Shao, Jiamin Wang, Yankai Guo, Bin Wang, Zhaoquan Gu, Xiang Ling, and Chunming Wu, EI-MTD: Moving Target Defense for Edge Intelligence against Adversarial Attacks, ACM Transactions on Privacy and Security (TOPS) 2022 (CCF-B 期刊)
43. 钱亚冠, 马骏, 何念念, 王滨, 顾钊铨, 凌祥, and Wassim Swaileh, 基于云边融合的两阶段对抗知识迁移, 软件学报 2022,33(12):4504-4516 (CCF-T1 期刊)
44. Xiang Ling, Lingfei Wu, Saizhuo Wang, Gaoning Pan, Tengfei Ma, Fangli Xu, Alex X Liu, Chunming Wu, and Shouling Ji, Deep Graph Matching and Searching for Semantic Code Retrieval, ACM Transactions on Knowledge Discovery from Data (TKDD) 2021 (CCF-B 期刊)
45. Xiang Ling, Shouling Ji, Jiaxu Zou, Jiannan Wang, Chunming Wu, Bo Li, and Ting Wang. DEEPSEC: A Uniform Platform for Security Analysis of Deep Learning Model, IEEE Symposium on Security and Privacy (S&P) 2019(CCF-A 会议)
46. Xiang Ling, Chunming Wu, Shouling Ji, and Meng Han. H2DoS: An Application-Layer DoS Attack Towards HTTP/2 Protocol, International Conference on Security and Privacy in Communication Systems (SecureComm) 2017 (CCF-C 会议)
47. 凌祥, 纪守领, and 任奎, 面向深度学习系统的对抗样本攻击与防御, 中国计算机学会通讯 (Communications of the CCF) 2018

1. Xiang Ling, Lingfei Wu, Chunming Wu, and Shouling Ji. Graph Neural Networks: Graph Matching，2022 (Book Chapter)

   

（ 1 ） ***开源开放社区评估与画像, 负责人, 国家任务, 2024-12--2027-11
（ 2 ） 智能化代码表征学习的***技术研究, 负责人, 国家任务, 2023-01--2025-12

（1）开源生态驱动行业智能化发展论坛（论坛联合主席）   CCF 中国开源大会   2025-08-03
（2）面向智能恶意软件检测模型的对抗攻击方法   CCF 中国软件大会   2024-11-15
（3）“源图”开源软件供应链基础设施最新进展   CCF 中国开源大会   2024-11-09