Download PDF

Work History

Jul 2015Present

Senior Security Engineer

Ant Financial Group {asa. Alibaba Group}


SDL: Security assessment and approval of projects (alipay wallet, mybank, koubei) in stages of production requirement, system design, system implementation and testing. Vulnerability research 

Promote the deployment of security products in mybank company. Improve security architecture of mybank company. 

Data Minning: Data mining for attack detection and etc.

Protection Solutions: Anti-cheating, Machine manipulation detection.

Protection Productions: Software protection solutions for elf and apk.

Reverse Engineering: competitor reverse, malware reverse.

Penetration testing and security acceptance checking

Threat response.

System OS vulnerability hunting.

Jan 2015Jul 2015

Senior Mobile Threat Researcher

Trend Micro


Advanced threat research 

Vulnerability research 

Design and implement frameworks for 0day hunting

Quick response solutions for new threats

Data mining for new/related malwares/threats

Underground research

Systems for processing volume samples 

Participate in design and implement of the next generation antivirus engine 

Solutions to keep top 3 in Benchmark tests(AV-Test, AVC)

White papers/Technical blogs/Zero day vulnerabilities

Jul 2013Dec 2014

Threat Analyze Engineer

Trend Micro


Reverse Engineering

Malware analyse and detection rules

New threat research and quick protection rules

Competitor Reverse

Solutions to keep top 3 in Benchmark tests(AV-Test, AVC)


Sep 2010Jul 2013

Master's Degree in Computer Science

Shandong University(211,985)

Got scholarships/adwards nine times

Got privilege for entering graduate college without entrance examination

Sep 2006Jul 2010

Bachelor's Degree in Software Engineering

Shandong University(211,985)

Got scholarships two times

Honors & Awards

(In Shandong University)






(In TrendMicro)

Jul 2014 : Engineer of Month  (with certificate of award)

Dec 2014: Employee of Quarter  (with trophy cup)

Jan 2015: TrendLabs Mobile Master Blogger Award (with trophy cup)

Jun 2015, Be invited as a speaker by ISCR 2015 (Seoul, 2015-06-08)

(In Ant Financial Group)

Aug 2016 : Be invited as a speaker by Security World 2016 (Seoul, 2016-08-25)


(In TrendMicro:)

1. Sourcing System 

    Web crawler hunting samples

2. Blackcert automation system

    Generate blackcert signatures with a Cluster and Rules

3. FakeFinder System

    Detect fake/repack applications automaticly with a Classifier and Rules

4. Backend System v1.0 

     Powerful backend system to process volume samples and contribute detections

5. Backend System v2.0

    More powerful backend system with a new generation of antivirus engine, supporting patterns of much more complex, generic and accurate

6. ApkInfo System

    System to extract information from apk file and store in Intelligent analysis system

7. FakeId monitor system

     System for analyzing new coming samples and hunting fresh malwares exploiting the fakeId vulerability

8. CertChain Checker

     Module for check which certification files packed inside the apk are used for signing truly.

9. Competitor Reverse

    gdb scripts for automation are developed 

    Other automation systems 

10. Mobile Browser Fuzzing Framework

    Framework for fuzzing android browsers hunting 0-day vulnerabilities.

    Six fuzzer modules integrated in now.  

11. Participated in the design and implement of new generation antivirus engine (under developing)

     New generation, more powerful. 

12, VulSalmonHunter System (under developing)

    System used to scan ARM binaries and find possible vulnerability points. 

13, ELKIntellengence V1.0:

     Big data anlaysis platform based on ELK.

14, Two vulnerabilities on Android OS:

      As described in this blog:      

      --  AndroidManifest with DTD technology crashes android OS.

      -- AndroidManifest declaring too many icons turns Android devices into bricks. 

(In Ant Financial Group:)

1. Design and implemented "VulSalmonHunter" System:

    Used to detect flaws and vulnerabilities in ARM ELF files automatically, based on taint analysis algorithm. 

2. Design and implemented "AlipayWalletAutoFuzzer" System: 

    System to fuzz alipay wallet web requests and rpc requests automatically. 

3. Corpus-based Fuzzing System for mac osx using lldb-python.

      vulnerabilities on Mac OSX/IOS operating systems. 

          - CVE-2016-4667

         - CVE-2016-4688

    --  Several Crash/DoS Issues on Mac OSX/IOS operating systems.

 4. (Android/Linux)Kernel Fuzzing System: 

      -- passive fuzzing system

      -- fuzzing system based on recording and replay. 

5. Big scale distributed fuzzing system for pdf, video and font files. 

6. Attack detection and defense system for Lucky Money Activities of  2015 Spring Festival  

7. Security Model using mobile phone sensor data based on machine learning. 


(In Shandong University)

  • Shaomang Huang, Jun Ma, Qian Zhao. A Novel Moving Objects Detection Model Based on Images Registration within Sliding Time Windows.The Eighth Conference on Application of Image and Graphics Technology (IGTA), 2013.

(In TrendMicro)

White Paper: 

The South Korean Fake Banking App Scam

Technical Blogs:

Vulnerability in Spotify Android App May Lead to Phishing

The Dangers of the Android FakeID Vulnerability

AppLock Vulnerability Leaves Configuration Files Open for Exploit

Same Origin Policy Bypass Vulnerability Has Wider Reach Than Thought

Facebook Users Targeted By Android Same Origin Policy Exploit

Malformed AndroidManifest.xml in Apps Can Crash Mobile Devices

Mobile Malware Gang Steals Millions from South Korean Users