School of Computer Science · Nanjing University

Compiler & Security Lab

We explore compiler-based approaches to strengthen software security, network security, and system security — building tools that find hidden flaws before they become exploits.

30+
Zero-Day Bugs Found
CCS '25
Top-Tier Publication
5
Protocols Covered

What We Do

🔬 Research Areas

  • Compiler-based program analysis
  • Automated differential testing
  • Network protocol security
  • Software supply chain security
  • AI-assisted vulnerability detection

🛠️ Our Approach

We build practical tools grounded in compiler techniques — static analysis, dynamic instrumentation, and automated test generation — to uncover vulnerabilities in real-world software and network systems.

Featured Works

🔀

ToDiff

Automated differential testing for interior gateway routing protocols. 30+ zero-day bugs found in OSPF, IS-IS, RIP, BABEL and OpenFabric.

CCS 2025

Coming Soon

Latest News

  • 🎉 (05/2025) ToDiff accepted to CCS 2025.
  • 🎉 (03/2025) ToDiff now supports RIP, BABEL, and OpenFabric.
  • 📄 (01/2025) Preprint: Validating IGPs via Equivalent Topology Synthesis.
  • 🔍 (12/2024) ToDiff detected 26 zero-day bugs in OSPF and IS-IS.