Yunlong Xing        Â
(Pronounced: Yoon-loong Sheeng)
Ph.D. Candidate
Center for Secure Information Systems
Department of Information Sciences and Technology
George Mason University
Email: yxing4 [at] gmu [dot] edu
Address: Research Hall, Suite 417
My name is Yunlong Xing, and I am currently a Ph.D. candidate in the Center for Secure Information Systems (CSIS) at George Mason University, under the supervision of Dr. Kun Sun. Prior to this, I earned a Master’s degree in Engineering with a focus on Cyberspace Security from Wuhan University in June 2021, where I was advised by Dr. Fei Yan. I also received a Bachelor’s degree in Engineering in Information Security from Wuhan University in June 2018. My research interests include Automatic Program Repair (APR), Software and System Security, and LLM-Assisted Security.
What's New
[DIMVA 2025] In April 2025, our paper (multi-language security patches) was accepted by DIMVA 2025.
[Summer Research Assistantship 2025] In March 2025, the Summer Research Assistantship of George Mason University was awarded.
[USENIX Security 2025] In February 2025, our paper (security patch unraveling) was accepted by USENIX Security 2025.
[CSAW 2024] In October 2024, our paper (patch generation on NPD) was selected as one of the 15 finalists of CSAW 2024 Applied Research Competition.
[USENIX Security 2024] In September 2023, our paper (patch generation on NPD) was accepted by USENIX Security 2024.
Selected Publications [Full Publications]
Conference Papers
DISPATCH: Unraveling Security Patches from Entangled Code Changes [paper]
Shiyu Sun*, Yunlong Xing*, Xinda Wang, Shu Wang, Qi Li, and Kun Sun.
In 34th USENIX Security Symposium (USENIX Security), Seattle, WA, 2025.
(* indicates equal contribution)
An Empirical Study of Multi-Language Security Patches in Open Source Software [paper]
Shiyu Sun, Yunlong Xing, Grant Zou, Xinda Wang, and Kun Sun.
In 22nd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Austria, 2025.
(Acceptance Rate: 25/114 = 21.9%)
What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check [paper]
Yunlong Xing, Shu Wang, Shiyu Sun, Xu He, Kun Sun, and Qi Li.
In 33rd USENIX Security Symposium (USENIX Security), Philadelphia, PA, 2024.
(Acceptance Rate - Summer Review Cycle: 98/515 = 19.0%)
🎖 Top 15 Finalists (among 194 submissions) of CSAW 2024 Applied Research Competition
Cross Container Attacks: The Bewildered eBPF on Clouds [paper]
Yi He*, Roland Guo*, Yunlong Xing, Xijia Che, Kun Sun, Zhuotao Liu, Ke Xu, and Qi Li.
In 32nd USENIX Security Symposium (USENIX Security), Anaheim, CA, 2023.
(Acceptance Rate - Fall Review Cycle: 155/531 = 29.2%)
Exploring Security Commits in Python [paper]
Shiyu Sun, Shu Wang, Xinda Wang, Yunlong Xing, Elisa Zhang, and Kun Sun.
IEEE International Conference on Software Maintenance and Evolution (ICSME), Bogotá, Colombia, 2023.
(Acceptance Rate: 27/119 = 22.7%)
SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images [paper]
Yunlong Xing, Jiahao Cao, Xinda Wang, Sadegh Torabi, Kun Sun, Fei Yan, and Qi Li.
IEEE Conference on Communications and Network Security (CNS), Austin, TX, 2022.
BinProv: Binary Code Provenance Identification without Disassembly [paper]
Xu He, Shu Wang, Yunlong Xing, Pengbin Feng, Haining Wang, Qi Li, Songqing Chen, and Kun Sun.
International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Limassol, Cyprus, 2022.
(Acceptance Rate: 35/139 = 25.2%)
Journal Papers
A Hybrid System Call Profiling Approach for Container Protection [paper]
Yunlong Xing*, Xinda Wang*, Sadegh Torabi, Zeyu Zhang, Lingguang Lei, and Kun Sun.
IEEE Transactions on Dependable and Secure Computing (TDSC), 2023.
(* indicates equal contribution) (Impact Factor: 7 as 2023)
The Devil is in the Detail: Generating System Call Whitelist for Linux Seccomp [paper]
Yunlong Xing, Jiahao Cao, Kun Sun, Fei Yan, and Shengye Wan.
Future Generation Computer Systems (FGCS), 2022.
(Impact Factor: 7.3 as 2022)
Talks & Presentations
Toward Smarter Memory Safety Automation: From Traditional APR to LLM-Assisted Frameworks
AI Club at George Mason University, Fairfax, VA, November 2025.
What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check [slides]
In 33rd USENIX Security Symposium (USENIX Security), Philadelphia, PA, August 2024.
In 21st NYU CSAW Applied Research Competition, Brooklyn, NY, November 2024.
Cross Container Attacks: The Bewildered eBPF on Clouds [slides]
In 32nd USENIX Security Symposium (USENIX Security), Anaheim, CA, August 2023.
SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images [slides]
IEEE Conference on Communications and Network Security (CNS), Austin, TX, October 2022.
Honors & Awards
Summer Research Assistantship of George Mason University (2025)
Top 15 Finalists of NYU CSAW Applied Research Competition (2024)
33rd USENIX Security Symposium Student Travel Grant (2024)
32nd USENIX Security Symposium Student Travel Grant (2023)
First Prize of 10th China’s National College Student Information Security Contest (2017)
Second Class Academic Scholarship of Wuhan University (2017)
Third Prize of China’s National University Mobile Internet Application Innovation Contest (2016)
Academic Services
Artifacts Evaluation Committee
Annual Computer Security Applications Conference (ACSAC) (2023/2024)
Conference Reviewer
IEEE International Conference on Computer Communications (INFOCOM) (2024/2025/2026)
IEEE Military Communications Conference (MILCOM) (2023/2025)
Journal Reviewer
IEEE Transactions on Dependable and Secure Computing (TDSC) (2025)
IEEE Transactions on Information Forensics & Security (TIFS) (2024/2025)
ACM Transactions on Privacy and Security (TOPS) (2024)
Computers & Security (2023/2024/2025)
Discrete Mathematics, Algorithms and Applications (DMAA) (2025/2026)
External Reviewer
IEEE Symposium on Security and Privacy (S&P) (2025)
Network and Distributed System Security Symposium (NDSS) (2024)
Annual Computer Security Applications Conference (ACSAC) (2019/2023)
IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2020)