Yanjie Zhao

Yanjie Zhao

🎃 About Me

I joined Huazhong University of Science and Technology in March 2024, and my collaborating supervisor is Prof. Haoyu Wang.

In 2019, I obtained my Bachelor’s degree from Beijing University of Posts and Telecommunications. Subsequently, I commenced my doctoral studies at Monash University, where I had the privilege of being supervised by Prof. Li Li and Prof. John Grundy. I completed my PhD at Monash University in September 2023.

My research operates at the intersection of Large Language Models (LLMs), Software Engineering, and Software Security. I am dedicated to building intelligent tools that automate and secure the software lifecycle, particularly addressing the security and fragmentation challenges in today’s cross-platform and cross-language ecosystems. My ultimate goal is to create a more unified, efficient, and secure software development paradigm. If you would like to reach me, please send an email to yanjie_zhao@hust.edu.cn or carolzhao233@gmail.com.

🎉 News

  • 🔝 Excited to announce the 1st International Workshop on Large Language Model Supply Chain Analysis (LLMSC 2025), co-located with @ISSTA 2025! Join us in Trondheim, Norway.
  • 🔝 Excited to announce the 1st International Workshop on LLM App Store Analysis (LLMapp 2025), co-located with @FSE 2025! Join us in Trondheim, Norway.

📌 Selected Publications

(* Equal Contribution, # Corresponding Author)

Direction 1: AI for SE & Security

  • [LLM4SE Survey] Xinyi Hou*, Yanjie Zhao*, et al. “Large Language Models for Software Engineering: A Systematic Literature Review.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2024. 🚀 1k+ Citations

  • [Declarative UI Gen] Ting Zhou*, Yanjie Zhao*, et al. “DeclarUI: Bridging Design and Development with Automated Declarative UI Code Generation.” FSE 2025.

  • [LLM for Fuzzing] Hanxiang Xu*, Wei Ma*, Ting Zhou, Yanjie Zhao#, et al. “CKGFuzzer: LLM-Based Fuzz Driver Generation Enhanced By Code Knowledge Graph.” ICSE 2025, Industry Challenge Track. 🏅 Best Paper Award

  • [Binary Decompilation] Xinyu She*, Yanjie Zhao*, and Haoyu Wang. “WaDec: Decompiling WebAssembly Using Large Language Model.” ASE 2024.

Direction 2: SE & Security for AI Systems

  • [LLM App Store Security] Xinyi Hou*, Yanjie Zhao*, and Haoyu Wang. “On the (In)Security of LLM App Stores.” The 46th IEEE Symposium on Security and Privacy (IEEE S&P), 2025.

  • [LLM Fingerprinting] Zehao Wu*, Yanjie Zhao*, and Haoyu Wang. “TensorGuard: Gradient-Based Model Fingerprinting for LLM Similarity Detection and Family Classification.” ASE 2025.

  • [LLM Supply Chain Security] Jian Zhao*, Shenao Wang*, Yanjie Zhao#, et al. “Models Are Codes: Towards Measuring Malicious Code Poisoning Attacks on Pre-trained Model Hubs.” ASE 2024, Industry Track.

📝 Full Publications

(* Equal Contribution, # Corresponding Author)

2026

  • Zhihao Lin, Wei Ma, Mingyi Zhou, Yanjie Zhao, Haoyu Wang, Yang Liu, Jun Wang, and Li Li. “MazeBreaker: Multi-Agent Reinforcement Learning for Dynamic Jailbreaking of LLM Security Defenses.” ICSE 2026. [Paper]

2025

  • Xinyi Hou*, Yanjie Zhao*, and Haoyu Wang#. “On the (In)Security of LLM App Stores.” The 46th IEEE Symposium on Security and Privacy (IEEE S&P 2025). [Paper]

  • Chao Wang*, Yanjie Zhao*, Jiapeng Deng, and Haoyu Wang#. “Born with a Silver Spoon: On the (In)Security of Native Granted App Privileges in Custom Android ROMs.” The 46th IEEE Symposium on Security and Privacy (IEEE S&P 2025). [Paper]

  • Ziwei Yan*, Yanjie Zhao*, and Haoyu Wang#. “VoiceWukong: Benchmarking Deepfake Voice Detection.” USENIX Security 2025. [Paper]

  • Sheng Cao, Hao Zhou, Songzhou Shi, Yanjie Zhao, and Haoyu Wang. “Parcel Mismatch Demystified: Addressing a Decade-Old Security Challenge in Android.” CCS 2025. [Paper]

  • Zehao Wu*, Yanjie Zhao*, and Haoyu Wang. “TensorGuard: Gradient-Based Model Fingerprinting for LLM Similarity Detection and Family Classification.” ASE 2025. [Paper]

  • Miao Zhang, Shenao Wang, Guilin Zheng, Yanjie Zhao, and Haoyu Wang. “Demystifying Cookie Sharing Risks in WebView-based Mobile App-in-app Ecosystems.” ASE 2025. [Paper]

  • Ting Zhou*, Yanjie Zhao*, Xinyi Hou, Xiaoyu Sun, Kai Chen#, and Haoyu Wang#. “DeclarUI: Bridging Design and Development with Automated Declarative UI Code Generation.” FSE 2025. [Paper]

  • Chenxu Wang*, Tianming Liu*, Yanjie Zhao, Minghui Yang, and Haoyu Wang#. “LLMDroid: Enhancing Automated Mobile App GUI Testing Coverage with Large Language Model Guidance.” FSE 2025. [Paper]

  • Jiapeng Deng, Tianming Liu, Yanjie Zhao, Chao Wang, Lin Zhang, and Haoyu Wang. “Walls Have Ears: Demystifying Notification Listener Usage in Android Apps.” ISSTA 2025. [Paper]

  • Haodong Li, Xiao Cheng, Yanjie Zhao, Guosheng Xu, Guoai Xu, and Haoyu Wang. “Understanding Model Weaknesses: A Path to Strengthening DNN-Based Android Malware Detection.” ISSTA 2025. [Paper]

  • Xinyu She*, Yue Liu*, Yanjie Zhao, Yiling He, Li Li, Chakkrit Tantithamthavorn, Zhan Qin, and Haoyu Wang#. “Pitfalls in Language Models for Code Intelligence: A Taxonomy and Survey.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2025. [Paper]

  • Hanxiang Xu*, Wei Ma*, Ting Zhou, Yanjie Zhao#, Kai Chen, Qiang Hu, Yang Liu, and Haoyu Wang. “CKGFuzzer: LLM-Based Fuzz Driver Generation Enhanced By Code Knowledge Graph.” ICSE 2025, Industry Challenge Track. [Paper] 🏅 Best Paper Award

  • Hongzhou Rao, Yanjie Zhao#, Wenjie Zhu, Ling Xiao, Meizhen Wang, and Haoyu Wang. “CodeMorph: Mitigating Data Leakage in Large Language Model Assessment.” ICSE 2025, Industry Challenge Track. [Paper]

  • Zhaonan Wu, Yanjie Zhao#, Chen Wei#, Zirui Wan, Yue Liu, and Haoyu Wang. “CommitShield: Tracking Vulnerability Introduction and Fix in Version Control Systems.” ICSE 2025, Industry Challenge Track. [Paper]

  • Qiang Ke*, Xinyi Hou*, Yanjie Zhao#, and Haoyu Wang. “ClauseBench: Enhancing Software License Analysis with Clause-Level Benchmarking.” ICSE 2025, Industry Challenge Track. [Paper]

  • Yinglin Xie*, Xinyi Hou*, Yanjie Zhao, Kai Chen, and Haoyu Wang. “LLM App Squatting and Cloning.” FSE 2025, Industry Track. [Paper]

  • Tianming Liu, Jiapeng Deng, Yanjie Zhao, Xiao Chen, Xiaoning Du, Li Li, and Haoyu Wang. “Are iOS Apps Immune to Abusive Advertising Practices?” FSE 2025, Industry Track. [Paper]

  • Dongxun Su*, Yanjie Zhao*, Xinyi Hou, Shenao Wang, and Haoyu Wang. “GPT Store Mining and Analysis.” Internetware 2025. [Paper]

  • Ningyuan Li, Yanjie Zhao#, Shenao Wang, Zehao Wu, and Haoyu Wang#. “Exploring Typo Squatting Threats in the Hugging Face Ecosystem.” Internetware 2025. [Paper]

  • Wangchenlu Huang, Shenao Wang, Yanjie Zhao, Tianxiang Wang, Yuhao Gao, Guosheng Xu, and Haoyu Wang. “Seeing is (Not) Believing: The Mirage Card Attack Targeting Online Social Networks.” Internetware 2025. [Paper]

  • Xinyi Hou*, Yanjie Zhao*, and Haoyu Wang. “The Next Frontier of LLM Applications: Open Ecosystems and Hardware Synergy.” 2030 Software Engineering Workshop, co-located with FSE 2025. [Paper]

  • Hongzhou Rao*, Yanjie Zhao*, Xinyi Hou, Shenao Wang, and Haoyu Wang. “Software Engineering for Large Language Models: Research Status, Challenges and the Road Ahead.” 2030 Software Engineering Workshop, co-located with FSE 2025. [Paper]

  • Shenao Wang, Yanjie Zhao, Yinglin Xie, Zhao Liu, Xinyi Hou, Quanchen Zou, and Haoyu Wang. “Towards Reliable Vector Database Management Systems: A Software Testing Roadmap for 2030.” 2030 Software Engineering Workshop, co-located with FSE 2025. [Paper]

  • Chao Wang, Wei Dai, Yanjie Zhao, Liangxuan Wu, and Haoyu Wang. “Towards Secure and Reliable Mobile AI Agents: Visions for Future Research.” 2030 Software Engineering Workshop, co-located with FSE 2025. [Paper]

  • Jiale Wu, Yanjie Zhao, Tianming Liu, and Haoyu Wang. “Mobile App Analysis in the New Era: Challenges and the Road Ahead.” 2030 Software Engineering Workshop, co-located with FSE 2025. [Paper]

  • Yanjie Zhao and Haoyu Wang#. “AI Model Genome.” The 1st Workshop on Software Genomics (SWGeno’25), co-located with FSE 2025. [Paper]

2024

  • Xinyi Hou*, Yanjie Zhao*, Yue Liu, Zhou Yang, Kailong Wang, Li Li, Xiapu Luo, David Lo, John Grundy, and Haoyu Wang#. “Large Language Models for Software Engineering: A Systematic Literature Review.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2024. [Paper]

  • Xinyu She*, Yanjie Zhao*, and Haoyu Wang#. “WaDec: Decompiling WebAssembly Using Large Language Model.” ASE 2024. [Paper]

  • Jian Zhao*, Shenao Wang*, Yanjie Zhao#, Xinyi Hou, Kailong Wang, Peiming Gao, Yuanchao Zhang, Chen Wei#, and Haoyu Wang. “Models Are Codes: Towards Measuring Malicious Code Poisoning Attacks on Pre-trained Model Hubs.” ASE 2024, Industry Track. [Paper]

  • Zikan Dong*, Yanjie Zhao*, Tianming Liu, Chao Wang, Guosheng Xu, Guoai Xu, Lin Zhang, and Haoyu Wang#. “Same App, Different Behaviors: Uncovering Device-specific Behaviors in Android Apps.” ASE 2024, Industry Track. [Paper]

  • Xinyi Zheng*, Chen Wei*, Shenao Wang, Yanjie Zhao, Peiming Gao#, Yuanchao Zhang, Kailong Wang#, and Haoyu Wang. “Towards Robust Detection of Open Source Software Supply Chain Poisoning Attacks in Industry Environments.” ASE 2024, Industry Track. [Paper]

  • Liangxuan Wu*, Yanjie Zhao*, Chao Wang, Tianming Liu, and Haoyu Wang#. “A First Look at LLM-powered Smartphones.” A-Mobile 2024, co-located with ASE 2024. [Paper]

  • Chao Wang*, Tianming Liu*, Yanjie Zhao, Lin Zhang, Xiaoning Du, Li Li, and Haoyu Wang#. “Towards Demystifying Android Adware: Dataset and Payload Location.” A-Mobile 2024, co-located with ASE 2024. [Paper]

  • Xinyi Hou, Yanjie Zhao, Shenao Wang, and Haoyu Wang. “GPTZoo: A Large-scale Dataset of GPTs for the Research Community.” ASE 2024, The New Ideas and Emerging Results (NIER) Track. [Paper]

  • Yanjie Zhao, Xinyi Hou, Shenao Wang, and Haoyu Wang. “LLM App Store Analysis: A Vision and Roadmap.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2024. [Paper]

  • Shenao Wang, Yanjie Zhao, Xinyi Hou, and Haoyu Wang. “Large Language Model Supply Chain: A Research Agenda.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2024. [Paper]

  • Daihang Chen, Yonghui Liu, Mingyi Zhou, Yanjie Zhao, Haoyu Wang, Shuai Wang, Xiao Chen, Tegawendé F. Bissyandé, Jacques Klein, and Li Li. “LLM for Mobile: An Initial Roadmap.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2024. [Paper]

  • Liangxuan Wu, Yanjie Zhao, Xinyi Hou, Tianming Liu, and Haoyu Wang. “ChatGPT Chats Decoded: Uncovering Prompt Patterns for Superior Solutions in Software Development Lifecycle.” MSR 2024, Mining Challenge Track. [Paper]

Papers Published During PhD Studies

  • Yanjie Zhao*, Tianming Liu*, Haoyu Wang, Yepang Liu, John Grundy, and Li Li. “Are Mobile Advertisements in Compliance with App’s Age Group?” WWW 2023. [Paper]

  • Yanjie Zhao, Li Li, Kui Liu, and John Grundy. “Towards Automatically Repairing Compatibility Issues in Published Android Apps.” ICSE 2022. [Paper]

  • Yanjie Zhao, Li Li, Haoyu Wang, Qiang He, and John Grundy. “APIMatchmaker: Matching the Right APIs for Supporting the Development of Android Apps.” IEEE Transactions on Software Engineering (TSE), 2022. [Paper]

  • Pei Liu*, Yanjie Zhao*, Haipeng Cai, Mattia Fazzini, John Grundy, and Li Li. “Automatically Detecting API-induced Compatibility Issues in Android Apps: A Comparative Analysis (Replicability Study).” ISSTA 2022. [Paper]

  • Yanjie Zhao, Li Li, Haoyu Wang, Haipeng Cai, Tegawendé F. Bissyandé, Jacques Klein, and John Grundy. “On the Impact of Sample Duplication in Machine Learning based Android Malware Detection.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2021. [Paper]

  • Yanjie Zhao, Li Li, Xiaoyu Sun, Pei Liu, and John Grundy. “Icon2Code: Recommending Code Implementations for Android GUI Components.” Information and Software Technology (IST), 2021. [Paper]

  • Yanjie Zhao, Yue Zhang, and Haoyu Wang. “Potential Risks Arising from the Absence of Signature Verification in Miniapp Plugins.” The 2023 ACM Workshop on Secure and Trustworthy Superapps. [Paper]

  • Yanjie Zhao, Haoyu Wang, Lei Ma, Yuxin Liu, Li Li, and John Grundy. “Knowledge Graphing Git Repositories: A Preliminary Study.” SANER 2019, ERA Track. [Paper]

  • Yanjie Zhao, Li Li, Xiaoyu Sun, Pei Liu, and John Grundy. “Code Implementation Recommendation for Android GUI Components.” ICSE 2022, Demonstrations Track. [Paper]

  • Pei Liu, Yanjie Zhao, Mattia Fazzini, Haipeng Cai, John Grundy, and Li Li. “Automatically Detecting Incompatible Android APIs.” ACM Transactions on Software Engineering and Methodology (TOSEM), 2023. [Paper]

  • Xiaoyu Sun, Xiao Chen, Yanjie Zhao, Pei Liu, John Grundy, and Li Li. “Mining Android API Usage to Generate Unit Test Cases for Pinpointing Compatibility Issues.” ASE 2022. [Paper]

  • Tianzhi Ma, Yanjie Zhao, Li Li, and Liang Liu. “CiD4HMOS: A Solution to HarmonyOS Compatibility Issues.” ASE 2023, Industry Challenge Track. [Paper]

  • Shenao Wang, Yanjie Zhao, Kailong Wang, and Haoyu Wang. “On the Usage-scenario-based Data Minimization in Mini Programs.” The 2023 ACM Workshop on Secure and Trustworthy Superapps. [Paper]

  • Haonan Hu, Yue Liu, Yanjie Zhao, Yonghui Liu, Xiaoyu Sun, Chakkrit Tantithamthavorn, and Li Li. “Detecting Temporal Inconsistency in Biased Datasets for Android Malware Detection.” A-Mobile 2023, co-located with ASE 2023. [Paper]

  • Pei Liu, Xiaoyu Sun, Yanjie Zhao, Yonghui Liu, John Grundy, and Li Li. “A First Look at CI/CD Adoptions in Open-Source Android Apps.” A-Mobile 2022, co-located with ASE 2022. [Paper]

  • Pingfan Kong, Li Li, Jun Gao, Timothée Riom, Yanjie Zhao, Tegawendé F. Bissyandé, and Jacques Klein. “Anchor: Locating Android Framework-specific Crashing Faults.” Automated Software Engineering Journal (JASE), 2021. [Paper]

  • Pei Liu, Li Li, Yanjie Zhao, Xiaoyu Sun, and John Grundy. “AndroZooOpen: Collecting Large-scale Open Source Android Apps for the Research Community.” MSR 2020, Data Track. [Paper]

📚 Educations

  • 2015.09 - 2019.06, B.Eng., Beijing University of Posts and Telecommunications, Beijing, China.
  • 2019.07 - 2019.09, Visitor, University of Luxembourg, Luxembourg.
  • 2019.09 - 2023.09, Ph.D., Monash University, Melbourne, Australia.
  • Continuously pursue knowledge and never cease learning…

💼 Services

  • PC Member – FSE 2026, APSEC 2025 ERA Track, APSEC 2025 SEIP Track, ASE 2025, FSE 2025, ISSTA 2025, WWW 2025, IWQoS 2025, ISSTA 2024, WWW 2024, APSEC 2024, ASE NIER 2024, CCS 2024 Artifact Evaluation, MOBILESoft 2024, MOBILESoft 2023
  • Journal Reviewer – ACM Transactions on Software Engineering and Methodology (TOSEM), IEEE Transactions on Software Engineering (TSE), ACM Computing Surveys (CSUR), Empirical Software Engineering (EMSE), Journal of Systems and Software (JSS), IEEE Transactions on Reliability
  • Workshop Organizer – LLMapp 2025 (co-located with FSE 2025), LLMSC 2025 (co-located with ISSTA 2025)
  • Publicity Chair – EASE 2026, MOBILESoft 2023

🏆 Honors and Awards

  • 2019 - Monash Graduate Scholarship (MGS).
  • 2019 - Outstanding Graduate of Beijing City.
  • 2019 - “Triple-A” Student of Beijing City.
  • 2018 - Cyber Security Scholarship of China Internet Development Foundation (one of the 66 award-winning undergraduates nationwide).
  • 2017 - China National Scholarship.
  • 2017 - Meritorious Winner of MCM/ICM.
  • 2017 - First Prize in Beijing Contest District in CUMCM.
  • 2017 - Second Prize in the China National Cryptography Competition.
  • 2016 - China National Scholarship.

Unicorn