LLM4Sec | AIS2 Lab

EuroSys

No More Translation at Runtime: LLM-Empowered Static Binary Translation

Zhibo Liu, Huaijin Wang, Wai Kin Wong, Daoyuan Wu, and Shuai Wang

In Proc. ACM SIGOPS European Conference on Computer Systems (EuroSys), 2026

@inproceedings{liu2026nomoretranslation,
  top_sys_conf = {true},
  llm4sec = {true},
  title = {No More Translation at Runtime: LLM-Empowered Static Binary Translation},
  author = {Liu, Zhibo and Wang, Huaijin and Wong, Wai Kin and Wu, Daoyuan and Wang, Shuai},
  booktitle = {Proc. ACM SIGOPS European Conference on Computer Systems (EuroSys)},
  year = {2026}
}

ASE

Detecting Various DeFi Price Manipulations with LLM Reasoning

Juantao Zhong, Daoyuan Wu, Ye Liu, Maoyi Xie, Yang Liu, Yi Li, and Ning Liu

In Proc. IEEE/ACM Automated Software Engineering (ASE), 2025

Bib

@inproceedings{zhong2025detecting,
  top_se_conf = {true},
  llm4sec = {true},
  title = {Detecting Various DeFi Price Manipulations with LLM Reasoning},
  author = {Zhong, Juantao and Wu, Daoyuan and Liu, Ye and Xie, Maoyi and Liu, Yang and Li, Yi and Liu, Ning},
  booktitle = {Proc. IEEE/ACM Automated Software Engineering (ASE)},
  year = {2025}
}

TSE

ACFix: Guiding LLMs with Mined Common RBAC Practices for Context-Aware Repair of Access Control Vulnerabilities in Smart Contracts

Lyuye Zhang, Kaixuan Li, Kairan Sun, Daoyuan Wu, Ye Liu, Haoye Tian, and Yang Liu

IEEE Transactions on Software Engineering (TSE), 2025

Bib

@article{zhang2025acfix,
  llm4sec = {true},
  title = {ACFix: Guiding LLMs with Mined Common RBAC Practices for Context-Aware Repair of Access Control Vulnerabilities in Smart Contracts},
  author = {Zhang, Lyuye and Li, Kaixuan and Sun, Kairan and Wu, Daoyuan and Liu, Ye and Tian, Haoye and Liu, Yang},
  journal = {IEEE Transactions on Software Engineering (TSE)},
  year = {2025}
}

TSE

Advanced Smart Contract Vulnerability Detection via LLM-Powered Multi-Agent Systems

Zhiyuan Wei, Jing Sun, Yuqiang Sun, Ye Liu, Daoyuan Wu, Zijian Zhang, Xianhao Zhang, Meng Li, Yang Liu, Chunmiao Li, Mingchao Wan, Jin Dong, and Liehuang Zhu

IEEE Transactions on Software Engineering (TSE), 2025

Bib

@article{wei2025advanced,
  llm4sec = {true},
  title = {Advanced Smart Contract Vulnerability Detection via LLM-Powered Multi-Agent Systems},
  author = {Wei, Zhiyuan and Sun, Jing and Sun, Yuqiang and Liu, Ye and Wu, Daoyuan and Zhang, Zijian and Zhang, Xianhao and Li, Meng and Liu, Yang and Li, Chunmiao and Wan, Mingchao and Dong, Jin and Zhu, Liehuang},
  journal = {IEEE Transactions on Software Engineering (TSE)},
  year = {2025}
}

TOSEM

Pre-trained Model-based Actionable Warning Identification: A Feasibility Study

Xiuting Ge, Chunrong Fang, Quanjun Zhang, Daoyuan Wu, Bowen Yu, Qirui Zheng, An Guo, Shangwei Lin, Zhihong Zhao, Yang Liu, and Zhenyu Chen

ACM Transactions on Software Engineering and Methodology (TOSEM), 2025

Bib

@article{ge2025pretrained,
  llm4sec = {true},
  title = {Pre-trained Model-based Actionable Warning Identification: A Feasibility Study},
  author = {Ge, Xiuting and Fang, Chunrong and Zhang, Quanjun and Wu, Daoyuan and Yu, Bowen and Zheng, Qirui and Guo, An and Lin, Shangwei and Zhao, Zhihong and Liu, Yang and Chen, Zhenyu},
  journal = {ACM Transactions on Software Engineering and Methodology (TOSEM)},
  year = {2025}
}

TOSEM

MANDO-LLM: Heterogeneous Graph Transformers with Large Language Models for Smart Contract Vulnerability Detection

Nhat-Minh Nguyen, Hoang H Nguyen, Long Le Thanh, Zahra Ahmadi, Thanh-Nam Doan, Daoyuan Wu, and Lingxiao Jiang

ACM Transactions on Software Engineering and Methodology (TOSEM), 2025

Bib

@article{nguyen2025mando,
  llm4sec = {true},
  title = {MANDO-LLM: Heterogeneous Graph Transformers with Large Language Models for Smart Contract Vulnerability Detection},
  author = {Nguyen, Nhat-Minh and Nguyen, Hoang H and Thanh, Long Le and Ahmadi, Zahra and Doan, Thanh-Nam and Wu, Daoyuan and Jiang, Lingxiao},
  journal = {ACM Transactions on Software Engineering and Methodology (TOSEM)},
  year = {2025}
}

CCS

Measuring and Augmenting Large Language Models for Solving Capture-the-Flag Challenges

Zimo Ji, Daoyuan Wu, Wenyuan Jiang, Pingchuan Ma, Zongjie Li, and Shuai Wang

In Proc. ACM SIGSAC Conference on Computer and Communications Security (CCS), 2025

Bib

@inproceedings{ji2025measuring,
  llm4sec = {true},
  title = {Measuring and Augmenting Large Language Models for Solving Capture-the-Flag Challenges},
  author = {Ji, Zimo and Wu, Daoyuan and Jiang, Wenyuan and Ma, Pingchuan and Li, Zongjie and Wang, Shuai},
  booktitle = {Proc. ACM SIGSAC Conference on Computer and Communications Security (CCS)},
  year = {2025}
}

USENIX Security

Low-Cost and Comprehensive Non-textual Input Fuzzing with LLM-Synthesized Input Generators

Kunpeng Zhang, Zongjie Li, Daoyuan Wu, Shuai Wang, and Xin Xia

In Proc. USENIX Security Symposium, 2025

Bib

@inproceedings{zhang2025lowcost,
  llm4sec = {true},
  title = {Low-Cost and Comprehensive Non-textual Input Fuzzing with LLM-Synthesized Input Generators},
  author = {Zhang, Kunpeng and Li, Zongjie and Wu, Daoyuan and Wang, Shuai and Xia, Xin},
  booktitle = {Proc. USENIX Security Symposium},
  year = {2025}
}

ISSTA

DecLLM: LLM-Augmented Recompilable Decompilation for Enabling Programmatic Use of Decompiled Code

Wai Kin Wong, Daoyuan Wu, Huaijin Wang, Zongjie Li, Zhibo Liu, Shuai Wang, Qiyi Tang, Sen Nie, and Shi Wu

Proceedings of the ACM on Software Engineering (ISSTA), 2025

Bib

@article{wong2025decllm,
  top_se_conf = {true},
  llm4sec = {true},
  title = {DecLLM: LLM-Augmented Recompilable Decompilation for Enabling Programmatic Use of Decompiled Code},
  author = {Wong, Wai Kin and Wu, Daoyuan and Wang, Huaijin and Li, Zongjie and Liu, Zhibo and Wang, Shuai and Tang, Qiyi and Nie, Sen and Wu, Shi},
  journal = {Proceedings of the ACM on Software Engineering (ISSTA)},
  volume = {2},
  number = {ISSTA},
  pages = {1841--1864},
  year = {2025},
  publisher = {ACM New York, NY, USA}
}

ICSE

Combining Fine-Tuning and LLM-Based Agents for Intuitive Smart Contract Auditing with Justifications

Wei Ma, Daoyuan Wu, Yuqiang Sun, Tianwen Wang, Shangqing Liu, Jian Zhang, Yue Xue, and Yang Liu

In Proc. IEEE/ACM Conference on Software Engineering (ICSE), 2025

Bib

@inproceedings{ma2025combining,
  top_se_conf = {true},
  llm4sec = {true},
  title = {Combining Fine-Tuning and LLM-Based Agents for Intuitive Smart Contract Auditing with Justifications},
  author = {Ma, Wei and Wu, Daoyuan and Sun, Yuqiang and Wang, Tianwen and Liu, Shangqing and Zhang, Jian and Xue, Yue and Liu, Yang},
  booktitle = {Proc. IEEE/ACM Conference on Software Engineering (ICSE)},
  year = {2025}
}

NDSS

PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation

Ye Liu, Yue Xue, Daoyuan Wu, Yuqiang Sun, Yi Li, Miaolei Shi, and Yang Liu

In Proc. ISOC Network and Distributed System Security Symposium (NDSS), 2025

Distinguished Paper Award Bib

NDSS 2025 Distinguished Paper Award (10 selected from 211 accepted papers out of 1,311 submissions)

@inproceedings{zhong2025detectinh,
  llm4sec = {true},
  title = {PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation},
  author = {Liu, Ye and Xue, Yue and Wu, Daoyuan and Sun, Yuqiang and Li, Yi and Shi, Miaolei and Liu, Yang},
  booktitle = {Proc. ISOC Network and Distributed System Security Symposium (NDSS)},
  year = {2025}
}

CSUR

Machine Learning for Actionable Warning Identification: A Comprehensive Survey

Xiuting Ge, Chunrong Fang, Xuanye Li, Weisong Sun, Daoyuan Wu, Juan Zhai, Shang-wei Lin, Zhihong Zhao, Yang Liu, and Zhenyu Chen

ACM Computing Surveys (CSUR), 2024

Bib

@article{ge2024machine,
  llm4sec = {true},
  title = {Machine Learning for Actionable Warning Identification: A Comprehensive Survey},
  author = {Ge, Xiuting and Fang, Chunrong and Li, Xuanye and Sun, Weisong and Wu, Daoyuan and Zhai, Juan and Lin, Shang-wei and Zhao, Zhihong and Liu, Yang and Chen, Zhenyu},
  journal = {ACM Computing Surveys (CSUR)},
  year = {2024}
}

ICSE

GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis

Yuqiang Sun, Daoyuan Wu, Yue Xue, Han Liu, Haijun Wang, Zhengzi Xu, Xiaofei Xie, and Yang Liu

In Proc. IEEE/ACM Conference on Software Engineering (ICSE), 2024

Bib

@inproceedings{sun2024gptscan,
  top_se_conf = {true},
  llm4sec = {true},
  title = {GPTScan: Detecting Logic Vulnerabilities in Smart Contracts by Combining GPT with Program Analysis},
  author = {Sun, Yuqiang and Wu, Daoyuan and Xue, Yue and Liu, Han and Wang, Haijun and Xu, Zhengzi and Xie, Xiaofei and Liu, Yang},
  booktitle = {Proc. IEEE/ACM Conference on Software Engineering (ICSE)},
  year = {2024}
}