😀 About Me
Hi, there! I’m a master student in the School of Cyber Science and Engineering at Huazhong University of Science and Technology (HUST), supervised by Prof. Haoyu Wang. I also have the privilege of working closely with Dr. Kailong Wang & Dr. Yanjie Zhao, from whom I have learned a great deal. Previously, I received my B.Eng. degree at Xidian University, under supervision of Prof. Hui Li in June 2023.
I am interested in improving the security of mobile systems and having an impact in the real world. My current research interests include Mobile Security (Especially Mini-Programs), OSS Security and LLM Security:
- Mobile Security: Super/Mini App Security
- OSS Security: Supply Chain Poisoning
- LLM Security: Jailbreak, LLM4Security
If you would like to reach me, please send an email to shenaowang@hust.edu.cn.
Here are my close friends’ homepages: Xinyi Hou, Yanjie Zhao, Liu Wang, Ningke Li.
🎉 News
-
[08 May 2024] Our paper title “Large Language Models for Cyber Security: A Systematic Literature Review” is available on arXiv.
-
[30 Apr 2024] Our paper titled “Large Language Model Supply Chain: A Research Agenda” is accepted by SE 2030.
-
[30 Apr 2024] Our paper titled “LLM App Store Analysis: A Vision and Roadmap” is accepted by SE 2030.
-
[09 Jan 2024] Our paper titled “MiniScope: Automated UI Exploration and Privacy Inconsistency Detection of MiniApps via Two-phase Iterative Hybrid Analysis” is available on arXiv.
-
[03 Dec 2023] Our work on privacy analysis of mini-programs win the third prize in Prototype Competition of ChinaSoft 2023.
-
[20 Aug 2023] Our work on privacy compliance of mini-programs win the highest prize in CISCN 2023 (with me serving as a co-advisor).
-
[15 Aug 2023] Our paper on malicious npm/pypi package detection is accepted by ASE 2023 (Industry Challenge Track, full paper).
-
[18 Jul 2023] Our paper on WeChat AppSecret Leaks is accepted by ASE 2023.
-
[25 Jun 2023] I receive my B.Eng. degree at Xidian University. :)
-
[16 May 2023] I give a presentation at the first Cyber Security Innovation Forum in Wuhan, with a topic of “Research on Permission Abuse in Android Apps”.
-
[28 Sep 2022] I become a member of SECURITY PRIDE Research Group.
📝 Publications
(* Equal Contribution)
Preprint
-
MiniScope: Automated UI Exploration and Privacy Inconsistency Detection of MiniApps via Two-phase Iterative Hybrid Analysis
Shenao Wang, Yuekang Li, Kailong Wang, Yi Liu, Hui Li, Yang Liu, Haoyu Wang [Paper] -
Large Language Models for Cyber Security: A Systematic Literature Review
Hanxiang Xu, Shenao Wang, Ningke Li, Kailong Wang, Yanjie Zhao, Kai Chen, Ting Yu, Yang Liu, Haoyu Wang [Paper]
Peer-Reviewed
-
Large Language Model Supply Chain: A Research Agenda
Shenao Wang, Yanjie Zhao, Xinyi Hou, Haoyu Wang.
The International Workshop on Software Engineering in 2030 (SE 2030, co-located with FSE’24) [Paper] -
LLM App Store Analysis: A Vision and Roadmap
Yanjie Zhao, Xinyi Hou, Shenao Wang, Haoyu Wang.
The International Workshop on Software Engineering in 2030 (SE 2030, co-located with FSE’24) [Paper] -
On the Usage-scenario-based Data Minimization in Mini Programs
Shenao Wang, Yanjie Zhao, Kailong Wang, Haoyu Wang.
The 2023 ACM Workshop on Secure and Trustworthy Superapps (SaTS’23, co-located with CCS’23) [Paper] -
MalWuKong: Towards Fast, Accurate, and Multilingual Detection of Malicious Code Poisoning in OSS Supply Chains
Ningke Li, Shenao Wang, Mingxi Feng, Kailong Wang, Meizhen Wang, Haoyu Wang.
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE’23), Industry Challenge Track (full paper) [Paper] -
WeMinT: Tainting Sensitive Data Leaks in WeChat Mini-Programs
Shi Meng, Liu Wang, Shenao Wang, Kailong Wang, Xusheng Xiao, Guangdong Bai, Haoyu Wang.
The 38th IEEE/ACM International Conference on Automated Software Engineering (ASE’23) [Paper]
🎓 Educations
- 2019.09 - 2023.06, B.Eng., Xidian University, Xi’an, China.
- 2023.09 until now, M.S., Huazhong University of Science and Technology, Wuhan, China.
👾 Experiences
- 2024.01 until now, Research Intern, Ant Group (MYBank), Hangzhou, China.
🏆 Honors and Awards
- 2023 - Bronze Award of National College Student Innovation Competition(中国国际大学生创新大赛)[reference]
- 2023 - Third Prize of Prototype Competition in ChinaSoft’23 (软件研究成果原型系统竞赛) [reference]
- 2023 - Outstanding Graduate of Shaanxi Province [reference]
- 2023 - Outstanding Bachelor Thesis of Xidian University (Title: Research and Implementation of Permission Abuse Detection Method for Mobile Mini-programs) [reference]
- 2022 - President Scholarship of Xidian University (5 undergraduates among 5300+, the highest student honor in Xidian University) [reference]
- 2022 - National Scholarship (Top 1%) [reference]
- 2022 - Xiaomi Special Scholarship (5 undergraduates among 5300+)
- 2022 - First Prize of National Digital Forensics Competition (美亚杯中国电子数据取证大赛, 19/764) [reference]
- 2022 - First Prize/Most Innovative and Entrepreneurial Value Award (最具创新创业价值奖, 2/728) of National College Student Information Security Contest (全国大学生信息安全竞赛-作品赛, CISCN for short) [reference]
- 2022 - Meritorious Winner of MCM/ICM (Problem A) [reference]
- 2021 - First Prize of the National Cryptographic Competition (全国密码技术竞赛) [reference]
- 2021 - First Prize of CUMCM in Shannxi Province [reference]
🌟 Grants
- 2022.10-2023.10 Research on Detection Methods of Permission Abuse in Android/iOS Apps, Cyber Security Academy Student Innovation Funding (一流网络安全学院学生创新资助计划, 优秀项目[6/240]), Funded by CSAC and NIO