Zheng Yu

About Me (CV)

My name is Zheng Yu. I am currently a Security Research Engineer at DepthFirst. I am working on building AI systems to enhance the security of software and system. My goal is to enhance the security of programs with minimal human intervention.

I completed my PhD in the Computer Science department at Northwestern University, advised by Prof. Xinyu Xing. I obtained my bachelor's degree from the ACM Honor Class at Shanghai Jiao Tong University, majoring in Computer Science. My advisor was Prof. Chao Li. Additionally, I was also very fortunate to be advised by Prof. Meng Xu at the University of Waterloo during my research visits.

Besides, I am very interested in and good at algorithm design. I was an OIer when I was studying at Yali. I am also a CTF player; I used to play CTF with Nu1L and StrawHat.

Outside of research, I enjoy traveling and painting, including watercolor and sketching. Here is a gallery that is still under construction.

News

[2026.03] I joined DepthFirst as a Security Research Engineer! I am excited to work with the talented team.
[2026.03] I passed the PhD defense at Northwestern University! Thanks to my committee members: Prof. Xinyu Xing, Prof. Peter Dinda, Prof. Yan Chen, Prof. Kexin Pei. Here is my slides and thesis.
[2025.11] I got 🥈 Runner-up in Technical Impact Award of CSAW Applied Research Competition (ARC) 2025!
[2025.11] I was invited to be a PC member for LLM4Code 2026, which is co-located with ICSE 2026!
[2025.10] I passed the PhD proposal exam at Northwestern University! Thanks to my committee members: Prof. Xinyu Xing, Prof. Peter Dinda, Prof. Yan Chen and Prof. Kexin Pei. Here is my slides.
[2025.10] PatchAgent is accepted to CSAW Applied Research Competition (ARC) 2025 as Finalist!
[2025.09] PortGPT is accepted to S&P 2026!
[2025.08] Our team, 42-b3yond-6ug, won rank 6 at AIxCC Finals!
[2025.06] Awarded Student Grant from USENIX Security 2025!
[2025.01] PatchAgent is accepted to USENIX Security 2025!
[2024.12] I got the Master of Science degree in Computer Science from Northwestern University!
[2024.10] I passed the PhD qualifying exam at Northwestern University! Thanks to my committee members: Prof. Xinyu Xing, Prof. Peter Dinda, and Prof. Yan Chen. Here is my slides.
[2024.09] Awarded Student Grant from ACM CCS 2024!
[2024.08] Our team, 42-b3yond-6ug, won the AIxCC Semi-Finals and was awarded $2 million. I had the honor of designing the program repair system for the competition.
[2024.07] Awarded Student Grant from USENIX Security 2024!
[2024.06] LLM-Fuzzer is accepted to USENIX Security 2024!
[2024.05] ShadowBound is accepted to USENIX Security 2024!
[2024.02] Our team, 42-b3yond-6ug, received funding of $1 million from AIxCC.
[2023.09] CAMP is accepted to USENIX Security 2024!

Publications

* indicates equal contribution.

Patch Validation in Automated Vulnerability Repair [Paper] [arXiv] [Code]
Zheng Yu, Wenxuan Shi, Xinqian Sun, Zheyun Feng, Meng Xu, Xinyu Xing
arXiv 2603.06858
PortGPT: Towards Automated Backporting Using Large Language Models [Paper] [Code]
Zheng Yu*, Zhaoyang Li*, Jingyi Song, Meng Xu, Yuxuan Luo, Dongliang Mu
IEEE Symposium on Security and Privacy (S&P) 2026
Generated Patches Have Been Merged into Linux 6.1.
PatchAgent: A Practical Program Repair Agent Mimicking Human Expertise [Paper] [Slides] [Code - 100+ Stars] [Demo] [USENIX Poster] [CSAW Poster]
Zheng Yu, Ziyi Guo, Yuhang Wu, Jiahao Yu, Meng Xu, Dongliang Mu, Yan Chen, Xinyu Xing
USENIX Security Symposium 2025 (Long Presentation)
DARPA AIxCC Finalist / CSAW 25 ARC Runner-up / Generated Patches Have Been Used in Production.
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization [Paper] [Code - 20+ Stars] [Slides]
Zheng Yu, Ganxiang Yang, Xinyu Xing
USENIX Security Symposium 2024
LLM-Fuzzer: Scaling Assessment of Large Language Model Jailbreaks [Paper] [Code - 500+ Stars] [Slides]
Jiahao Yu, Xingwei Lin, Zheng Yu, Xinyu Xing
USENIX Security Symposium 2024
Geekcon 2023 Annual Breakthrough Awards / Integrated into Microsoft Azure PyRIT
CAMP: Compiler and Allocator-based Heap Memory Protection [Paper] [Code - 40+ Stars] [Slides]
Zhenpeng Lin; Zheng Yu, Ziyi Guo; Simone Campanoni; Peter Dinda; Xinyu Xing
USENIX Security Symposium 2024
FIRST: Exploiting the Multi-Dimensional Attributes of Functions for Power-Aware Serverless Computing [Paper]
Lu Zhang, Chao Li, Xinkai Wang, Weiqi Feng, Zheng Yu, Quan Chen, Jingwen Leng, Minyi Guo, Pu Yang, Shang Yue
IEEE International Parallel & Distributed Processing Symposium (IPDPS) 2023

Talks

Reversing MCU with Firmware Emulation [Code]
BlackHat Europe 2022, London, UK

Work & Teaching Experience

DepthFirst Mar. 2026 – Present

Security Research Engineer San Francisco, CA, USA
AI Security Team
CertiK Jan. 2026 – Mar. 2026

Security Researcher New York, NY, USA
Smart Contract Security Team
Northwestern University Sep. 2025 – Dec. 2025

Teaching Assistant Evanston, IL, USA
Operating Systems (COMP_SCI 343), Instructor: Dr. Branden Ghena
University of Waterloo Jun. 2025 – Sep. 2025

Visiting Graduate Researcher Waterloo, Ontario, Canada
CrySP Lab, Advisor: Prof. Meng Xu
Northwestern University Sep. 2024 – Dec. 2024

Teaching Assistant Evanston, IL, USA
Introduction to Computer Security (COMP_SCI 350), Instructor: Prof. Xinyu Xing
Google Summer of Code Apr. 2022 – Oct. 2022

GSOC Project Mentor Remote
Bridging Qiling and Static Analysis
JD.COM, Inc. Jun. 2021 – May 2022

Security Engineer Beijing, China
Application Security Team - Firmware Emulation
Shanghai Jiao Tong University Sep. 2019 – May 2021

Infrastructure Engineer Shanghai, China
Information and Network Center
Shanghai Jiao Tong University Jun. 2019 – Sep. 2019

Teaching Assistant Shanghai, China
Programming Design and Data Structures (CS151), Instructor: Prof. Huiyu Weng

Honors & Awards

CSAW Applied Research Competition Finalist & Technical Impact Award Runner-up 2025
NYU Tandon School of Engineering - PatchAgent Project
USENIX Security Student Grant Recipient 2024, 2025
USENIX Association
DARPA AIxCC Advanced Finals 2024
Top Finalist - Team 42-b3yond-6ug
ACM CCS Student Grant Recipient 2024
ACM SIGSAC Conference on Computer and Communications Security
DEFCON CTF Finals - 5th Place 2023
Team StrawHat (7th Place in 2022)
Outstanding Graduate Award 2022
Shanghai Jiao Tong University
Zhiyuan Honor Scholarship 2018-2021
Shanghai Jiao Tong University (Top 2% annually)
China National Olympiad in Informatics - Silver Medal 2017
China Computer Federation (CCF) - Top 100 Nationally

Media Coverage

Academic Services

Program Committee Member: LLM4Code 2026 , ICLR 2026 , NeurIPS 2025 , ICML 2025 , ICLR 2025 , AISTATS 2025 , AAAI-UC 2025 , NeurIPS 2024 , ICECI 2024
Artifact Evaluation Committee Member: CCS 2025 , NDSS 2025 , USENIX Security 2025 , ATC 2024 , OSDI 2024 , ISSTA 2024 , USENIX Security 2024 , CCS 2024 , CCS 2023
Journal Reviewer: IEEE TDSC , PeerJ CS , IEEE TIFS