Ziyi Guo(Roland Guo) (CV) [Gallery] , [Google Scholar] Northwestern UniversityEvanston, IL, USA. |
[2024.08] Our Team 42-b3yond-6ug won DARPA's AIxCC SemiFinal at DEFCON 32, awarded $2 million. [link]
[2024.07] Awarded Student Grant from USENIX Security'24
[2024.06] Page Spray is accepted by USENIX Security 2024. [link]
[2024.02] Our Team 42-b3yond-6ug won $1 million from DARPA's Artificial Intelligence Cyber Challenge(AIxCC), top 7 in the world. I learn a lot from Professors and Mates! [link]
I love hacking. I'm core member of 42-b3yong-6ug. I play CTF in r3kapig.
I received my Bachelor Degree from Sichuan University, Aug. 2023. Then started pursuing my CS Ph.D. in Northwestern, since Sept. 2023. Before joining in Northwestern, I was a Research Assistant at NISL, Tsinghua Univ., Security Researcher at Xuanwu Lab in Tencent, focusing on Vulnerability Exploitation.
Vulnerability Exploitation, Hacking Techniques.
LLMs for System Security.
Security Researcher @ Tencent Xuanwu Lab [2021.11 ~ 2022.3]
Research Assistant @ Tsinghua University [2022.3 ~ 2023.5]
Research Assistant @ Northwestern University [2022.6 ~ Now]
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation.
Ziyi Guo, Dang K Le, Zhenpeng Lin, Kyle Zeng, Ruoyu Wang, Tiffany Bao, Yan Shoshitaishvili, Adam Doupé, Xinyu Xing
- USENIX Security 2024.
CAMP: Compiler and Allocator-based Heap Memory Protection.
Zhenpeng Lin, Zheng Yu, Ziyi Guo, Simone Campanoni, Peter Dinda, Xinyu Xing
- USENIX Security 2024.
Cross Container Attacks: The Bewildered eBPF on Clouds.
Yi He* and Roland Guo*, Yunlong Xing, Xijia Che, Kun Sun, Zhuotao Liu, Ke Xu, Qi Li
- USENIX Security 2023.
Guiding LLMs fix realworld vulnerabilities.
- Under Review.
Safeguarding Critical Software Infrastructure through Novel AI Systems
News reports cover 42-b3yond-6ug: UWaterloo , DARPA , InfoSecurity Magazine , MeriTalk , Cyberscoop , Dark Reading , ExecutiveGov , The Readable , Science of Security , The Register
Artifact Evaluation Program Committee(AEC): USENIX Security 2024, ISSTA 2024
External Reviewer: IEEE S&P 2024, IEEE S&P 2025
Northwestern University, Ph.D., Computer Science.
September 2023 to Present, Evanston, USA
Sichuan University, B.E., Cyber Security.
September 2019 to July 2023, Chengdu, China
Winner of DARPA's AIxCC SemiFinal at DEFCON 32.
World Finalist, DEFCON 29 CTF
World Finalist, DEFCON 30 CTF
I wrote some tech blogs for people who want to learn vulnerability exploitation in Kanxue
I discovered and reported many realworld vulnerabilities, such as: [CVE-2024-25431, CVE-2024-27527, CVE-2024-27528, CVE-2024-27529, CVE-2024-27530, CVE-2023-48105, CVE-2024-27532 and etc] for Web3 Projects. Also some credits, like: [expression injection vulnerability]