Zhiwei Lin

National University of Singapore

I'm currently advised by Prof. Zhenkai Liang at National University of Singapore. My research focuses on AI for Security, Network Security, and Program Analysis, with particular emphasis on vulnerability discovery and exploitation techniques.

I'm also a core member of the CTF team 0x401, where I compete in cybersecurity challenges and develop practical skills in vulnerability research.

Publications

ASE 2025 PDF

A Large-Scale Evolvable Dataset for Model Context Protocol Ecosystem and Security Analysis

40th IEEE/ACM International Conference on Automated Software Engineering, Tool Demonstrations

Zhiwei Lin, Bonan Ruan, Jiahao Liu, Weibo Zhao

ASE 2025 PDF

Propagation-Based Vulnerability Impact Assessment for Software Supply Chains

40th IEEE/ACM International Conference on Automated Software Engineering

Bonan Ruan, Zhiwei Lin, Jiahao Liu, Chuqi Zhang, Kaihang Ji, Zhenkai Liang

USENIX Security 2024 PDF

CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks

33th USENIX Security Symposium

Ziyu Lin, Zhiwei Lin, Ximeng Liu, Jianjun Chen, Run Guo, Cheng Chen, Shaodong Xiao

arXiv PDF

Detecting and Measuring Security Implications of Entangled Domain Verification in CDN

Preprint

Ziyu Lin, Zhiwei Lin, Run Guo, Jianjun Chen, Mingming Zhang, Ximeng Liu, Tianhao Yang, Zhuoran Cao, Robert H. Deng

Experience

2025.7 - Present

Security Engineer

Ant Group

2024.8 - 2025.6

Research Assistant

CURIOSITY Lab, National University of Singapore

2024.5 - 2024.8

Security Engineering Intern

Ant Group

2024.1 - 2024.5

Research Intern

CURIOSITY Lab, National University of Singapore

2023.8 - 2023.10

Security Research Intern

QI-ANXIN Technology

2023.3 - 2023.10

Research Intern

NISL, Tsinghua University

Awards

1st Prize

2023 National College Student Information Security Contest (CTF)

Champion

2022 Anxun Cup CTF (National Finals)

3rd Prize

2022 D³CTF (International)

CVE

CVE-2023-51770, CVE-2023-46227, CVE-2023-41578, CVE-2023-42268

Zhiwei Lin

Publications

A Large-Scale Evolvable Dataset for Model Context Protocol Ecosystem and Security Analysis

Propagation-Based Vulnerability Impact Assessment for Software Supply Chains

CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks

Detecting and Measuring Security Implications of Entangled Domain Verification in CDN

Talks

CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks

Experience

Security Engineer

Research Assistant

Security Engineering Intern

Research Intern

Security Research Intern

Research Intern

Education

Master of Computing

Bachelor of Engineering

Awards