Yunlong Xing

Ph.D. Candidate

Center for Secure Information Systems

Department of Information Sciences and Technology

George Mason University

Email: yxing4 [at] gmu [dot] edu

Address: Research Hall, Suite 417

My name is Yunlong Xing, and I am currently a Ph.D. candidate in the Center for Secure Information Systems (CSIS) at George Mason University, under the supervision of Dr. Kun Sun. Prior to this, I earned a Master’s degree in Engineering with a focus on Cyberspace Security from Wuhan University in June 2021, where I was advised by Dr. Fei Yan. I also received a Bachelor’s degree in Engineering in Information Security from Wuhan University in June 2018. My research interests include Automatic Program Repair (APR), Software Security, and Container Security.

What's New

[DIMVA 2025] In April 2025, our paper (multi-language security patches) was accepted by DIMVA 2025.
[Summer Research Assistantship 2025] In March 2025, the Summer Research Assistantship of George Mason University was awarded.
[USENIX Security 2025] In February 2025, our paper (security patch unraveling) was accepted by USENIX Security 2025.
[CSAW 2024] In October 2024, our paper (patch generation on NPD) was selected as one of the 15 finalists of CSAW 2024 Applied Research Competition.
[USENIX Security 2024] In September 2023, our paper (patch generation on NPD) was accepted by USENIX Security 2024.

Selected Publications [Full Publications]

Conference Papers

DISPATCH: Unraveling Security Patches from Entangled Code Changes [paper]

Shiyu Sun*, Yunlong Xing*, Xinda Wang, Shu Wang, Qi Li, and Kun Sun.

In 34th USENIX Security Symposium (USENIX Security), Seattle, WA, 2025.

(* indicates equal contribution)

An Empirical Study of Multi-Language Security Patches in Open Source Software [paper]

Shiyu Sun, Yunlong Xing, Grant Zou, Xinda Wang, and Kun Sun.

In 22nd Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Austria, 2025.

(Acceptance Rate: 25/114 = 21.9%)

What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check [paper]

Yunlong Xing, Shu Wang, Shiyu Sun, Xu He, Kun Sun, and Qi Li.

In 33rd USENIX Security Symposium (USENIX Security), Philadelphia, PA, 2024.

(Acceptance Rate - Summer Review Cycle: 98/515 = 19.0%)

🎖 Top 15 Finalists (among 194 submissions) of CSAW 2024 Applied Research Competition

Cross Container Attacks: The Bewildered eBPF on Clouds [paper]

Yi He*, Roland Guo*, Yunlong Xing, Xijia Che, Kun Sun, Zhuotao Liu, Ke Xu, and Qi Li.

In 32nd USENIX Security Symposium (USENIX Security), Anaheim, CA, 2023.

(Acceptance Rate - Fall Review Cycle: 155/531 = 29.2%)

Exploring Security Commits in Python [paper]

Shiyu Sun, Shu Wang, Xinda Wang, Yunlong Xing, Elisa Zhang, and Kun Sun.

IEEE International Conference on Software Maintenance and Evolution (ICSME), Bogotá, Colombia, 2023.

(Acceptance Rate: 27/119 = 22.7%)

SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images [paper]

Yunlong Xing, Jiahao Cao, Xinda Wang, Sadegh Torabi, Kun Sun, Fei Yan, and Qi Li.

IEEE Conference on Communications and Network Security (CNS), Austin, TX, 2022.

BinProv: Binary Code Provenance Identification without Disassembly [paper]

Xu He, Shu Wang, Yunlong Xing, Pengbin Feng, Haining Wang, Qi Li, Songqing Chen, and Kun Sun.

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Limassol, Cyprus, 2022.

(Acceptance Rate: 35/139 = 25.2%)

Journal Papers

A Hybrid System Call Profiling Approach for Container Protection [paper]

Yunlong Xing*, Xinda Wang*, Sadegh Torabi, Zeyu Zhang, Lingguang Lei, and Kun Sun.

IEEE Transactions on Dependable and Secure Computing (TDSC), 2023.

(* indicates equal contribution) (Impact Factor: 7 as 2023)

The Devil is in the Detail: Generating System Call Whitelist for Linux Seccomp [paper]

Yunlong Xing, Jiahao Cao, Kun Sun, Fei Yan, and Shengye Wan.

Future Generation Computer Systems (FGCS), 2022.

(Impact Factor: 7.3 as 2022)

Talks & Presentations

What IF Is Not Enough? Fixing Null Pointer Dereference With Contextual Check [slides]
In 33rd USENIX Security Symposium (USENIX Security), Philadelphia, PA, August 2024.
In 21st NYU CSAW Applied Research Competition, Brooklyn, NY, November 2024.
Cross Container Attacks: The Bewildered eBPF on Clouds [slides]
In 32nd USENIX Security Symposium (USENIX Security), Anaheim, CA, August 2023.
SysCap: Profiling and Crosschecking Syscall and Capability Configurations for Docker Images [slides]
IEEE Conference on Communications and Network Security (CNS), Austin, TX, October 2022.

Honors & Awards

Summer Research Assistantship of George Mason University (2025)
Top 15 Finalists of NYU CSAW Applied Research Competition (2024)
33rd USENIX Security Symposium Student Travel Grant (2024)
32nd USENIX Security Symposium Student Travel Grant (2023)
First Prize of 10th China’s National College Student Information Security Contest (2017)
Second Class Academic Scholarship of Wuhan University (2017)
Third Prize of China’s National University Mobile Internet Application Innovation Contest (2016)

Academic Services

Artifacts Evaluation Committee
- Annual Computer Security Applications Conference (ACSAC) (2023/2024)
Conference Reviewer
- IEEE International Conference on Computer Communications (INFOCOM) (2024/2025/2026)
- IEEE Military Communications Conference (MILCOM) (2023/2025)
Journal Reviewer
- IEEE Transactions on Dependable and Secure Computing (TDSC) (2025)
- IEEE Transactions on Information Forensics & Security (TIFS) (2024)
- ACM Transactions on Privacy and Security (TOPS) (2024)
- Computers & Security (2023/2024/2025)
External Reviewer
- IEEE Symposium on Security and Privacy (S&P) (2025)
- Network and Distributed System Security Symposium (NDSS) (2024)
- Annual Computer Security Applications Conference (ACSAC) (2019/2023)
- IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2020)

Page updated

Google Sites

Report abuse