I am an Assistant Professor of Computer Science at Wake Forest University (WFU) since 2025. My research interests include Software Security and Software Engineering. My research aims to bridge the gap between theoretical security knowledge and practical implementation. This includes developing comprehensive security frameworks to identify, demonstrate, and mitigate vulnerabilities in open-source software systems, with the goal of equipping developers with enhanced guidance for addressing code vulnerabilities effectively.
Before joining WFU, I worked as a Trust Engineer at LinkedIn from 2023 to 2024. I obtained my Ph.D. degree from Virginia Tech in 2023 under the supervision of Dr. Na Meng and Dr. Daphne (Danfeng) Yao. I received my master's degree from Missouri University of Science and Technology in 2018 and bachelor's degree from Northeastern University (China) in 2016. During my Ph.D. studies, I spent the summer of 2021 at TikTok's Application Security team under the supervision of Dr. Yu Ding and Dr. Peng Li.
I am looking for self-motivated student, if you're interested, please email me with a bio about yourself, including your CV and transcript!
Research Topics
- Mitigate Software Supply Chain Vulnerabilities: [ICSE24], [TSE23], [ICPC22].
- Secure Large Language Models: [ESEC/FSE24] [NDSS24], [SEA4DQ]
Selected Publications
-
MASTERKEY: Automated Jailbreak Across Multiple Large Language Model Chatbots, The Network and Distributed System Security Symposium (NDSS), 2024 [link to paper]
Gelei Deng, Yi Liu, Yuekang Li, Kailong Wang, Ying Zhang, Zefeng Li, Haoyu Wang, Tianwei Zhang, and Yang Liu
-
Glitch Tokens in Large Language Models: Categorization Taxonomy and Effective Detection, The ACM International Conference on the Foundations of Software Engineering (FSE) 2024. [link to paper]
Yuxi Li, Yi Liu, Gelei Deng, Ying Zhang, Wenjia Song, Ling Shi, Kailong Wang, Yuekang Li, Yang Liu and Haoyu Wang.
-
Broadly Enabling KLEE to Effortlessly Find Unrecoverable Errors in Rust, 46th International Conference on Software Engineering (ICSE), SEIP, 2024. [link to paper]
Ying Zhang, Peng Li, Yu Ding, Wang Lingxiang, Dan Williams, and Na Meng.
-
Example-Based Vulnerability Detection and Repair in Java Code, 30th IEEE/ACM International Conference on Program Comprehension (ICPC), 2022. [link to paper]
Ying Zhang, Ya Xiao, Mahir Kabir, Danfeng (Daphne)Yao, and Na Meng.
-
Automatic Detection of Java Cryptographic API Misuses: Are We There Yet?, Transactions on Software Engineering (TSE), 2022. [link to paper]
Ying Zhang, Mahir Kabir, Ya Xiao, Danfeng (Daphne)Yao, and Na Meng.
more ...