Lingling Fan (范玲玲)

I am now an Associate Professor (100 Young Academic Leaders of Nankai University) at Nankai University. I had previously worked as a Postdoctoral Research Fellow with Prof. Liu Yang in Nanyang Technological University, Singapore since 2019. I obtained my Ph.D. degree from East China Normal University, China, in 2019, under the supervision of Prof. Lihua Xu (NYU Shanghai). I had been a Research Assistant in Cyber Security Lab of NTU (2017-2019).

My research interests include Software Security Analysis, Software Testing and Analysis, and Big Data-driven Analysis.

Email: linglingfan(at)nankai.edu.cn

Publications

•  [TSE 2024] "Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries", Fangyuan Zhang, Lingling Fan*, Sen Chen, Miaoying Cai, Sihan Xu, and Lida Zhao, IEEE Transactions on Software Engineering (TSE), 2024. [PDF] 
•  [ICSE 2025] "EP-Detector: Automatic Detection of Error-prone Operation Anomalies in Android Applications", Chenkai Guo, Qianlu Wang, Naipeng Dong, Lingling Fan*, Tianhong Wang, Weijie Zhang, Enbao Chen, Zheli Liu, Lu Yu, In Proceedings of the the 47th International Conference on Software Engineering (ICSE 2025), 2025. [PDF] 
•  [ESEC/FSE 2023] "Automated and Context-Aware Repair of Color-Related Accessibility Issues for Android Apps", Yuxin Zhang, Sen Chen, Lingling Fan, Chunyang Chen, Xiaohong Li, In Proceedings of the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023), 2023. [PDF] 
•  [ESEC/FSE 2023] "Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java", Kaixuan Li, Sen Chen, Lingling Fan, Ruitao Feng, Han Liu, Chengwei Liu, Yang Liu, and Yixiang Chen, In Proceedings of the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2023), 2023. [PDF] 
•  [ASE 2023] "Scene-Driven Exploration and GUI Modeling for Android Apps", Xiangyu Zhang, Lingling Fan*, Sen Chen, Yucheng Su, and Boyuan Li, In Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023), 2023. [PDF] 
•  [ASE 2023] "Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem", Lyuye Zhang, Chengwei Liu, Sen Chen, Zhengzi Xu, Lingling Fan, Lida Zhao, Yiran Zhang, and Yang Liu, In Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE 2023), 2023. [PDF] 
•  [ISSTA 2023] "LiResolver: License Incompatibility Resolution for Open Source Software", Sihan Xu, Ya Gao, Lingling Fan*, Linyu Li, Xiangrui Cai, and Zheli Liu, In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA), 2023. [PDF] 
•  [ICSE 2023] "Compatible Remediation on Vulnerabilities from Third-Party Libraries for Java Projects",Lvye Zhang, Chengwei Liu, Zhengzi Xu, Sen Chen, Lingling Fan, Lida Zhao, Jiahui Wu, and Yang Liu, In Proceedings of the 45th International Conference on Software Engineering (ICSE), 2023. [PDF] 

  ACM SIGSOFT Distinguished Paper Award

•  [ICSE 2023] "Compatibility Issue Detection for Android Apps Based on Path-Sensitive Semantic Analysis", Sen Yang, Sen Chen, Lingling Fan*, Sihan Xu, Zhanwei Hui, and Song Huang, In Proceedings of the 45th International Conference on Software Engineering (ICSE), 2023. [PDF] 
•  [ICSE 2023] "A Web-Based Tool for Using Storyboard of Android Apps", Yuxin Zhang, Sen Chen, and Lingling Fan, In Proceedings of the 45th International Conference on Software Engineering (ICSE-Demo), 2023. [PDF] 
•  [TDSC 2022] "Towards Understanding and Mitigating Audio Adversarial Examples for Speaker Recognition", Guangke Chen, Zhe Zhao, Fu Song, Sen Chen, Lingling Fan, Feng Wang, and Jiashui Wang, IEEE Transactions on Dependable and Secure Computing (TDSC), 2022. [PDF] 
•  [ASE 2022] "AUSERA: Automated Security Vulnerability Detection for Android Apps", Sen Chen, Yuxin Zhang, Lingling Fan, Jiaming Li, and Yang Liu, In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE-Demo), 2022. [PDF] 
•  [ASE 2022] "Has My Release Disobeyed Semantic Versioning? Static Detection Based On Semantic Differencing", Lyuye Zhang, Chengwei Liu, Zhengzi Xu, Sen Chen, Lingling Fan, Bihuan Chen, and Yang Liu, In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2022. [PDF] 

  ACM SIGSOFT Distinguished Paper Award

•  [TDSC 2022] "AS2T: Arbitrary Source-To-Target Adversarial Attack on Speaker Recognition Systems", Guangke Chen, Zhen Zhao, Fu Song, Sen Chen, Lingling Fan, and Yang Liu, IEEE Transactions on Dependable and Secure Computing (TDSC), 2022. [PDF] 
•  [TSE 2022] "Automatically Distilling Storyboard with Rich Features for Android Apps", Sen Chen, Lingling Fan*, Chunyang Chen, and Yang Liu, IEEE Transactions on Software Engineering (TSE), 2022. (* Corresponding author) [PDF] 
•  [TOSEM 2022] "LiDetector: License Incompatibility Detection for Open Source Software", Sihan Xu, Ya Gao, Lingling Fan*, Zheli Liu, Yang Liu, and Hua Ji, ACM Transactions on Software Engineering and Methodology (TOSEM), 2022. (* Corresponding author) [PDF] 
•  [ICSE 2022] "Demystifying the Vulnerability Propagation and Its Evolution via Dependency Trees in the NPM Ecosystem", Chengwei Liu, Sen Chen, Lingling Fan, Bihuan Chen, Yang Liu, and Xin Peng, the 44th International Conference on Software Engineering (ICSE), 2022. [PDF] 
•  [TITS 2021] "DeepSuite: A Test Suite Optimizer for Autonomous Vehicles",Sihan Xu, Zhiyu Wang, Lingling Fan*, Xiangrui Cai, Hua Ji, Siau-Cheng Khoo, Brij Bhooshan Gupta, IEEE Transactions on Intelligent Transportation Systems (TITS), 2021. (* Corresponding author) [PDF] 
•  [TSE 2021] "Research on Third-Party Libraries in Android Apps: A Systematic Literature Review", Xian Zhan, Tianming Liu, Lingling Fan*, Li Li, Sen Chen, Xiapu Luo, Yang Liu, IEEE Transactions on Software Engineering (TSE), 2021. (* Corresponding author) [PDF] 
•  [APSEC 2021] "IconChecker: Anomaly Detection of Icon-Behaviors for Android Apps", Yuxuan Li, Ruitao Feng, Sen Chen, Qianyu Guo, Lingling Fan and Xiaohong Li, the 28th Asia-Pacific Software Engineering Conference (APSEC 2021), 2021. [PDF] 
•  [TSE 2021] "Accessible or Not? An Empirical Investigation of Android App Accessibility", Sen Chen, Chunyang Chen, Lingling Fan*, Mingming Fan, Xian Zhan, and Yang Liu, IEEE Transactions on Software Engineering (TSE), 2021. (* Corresponding author) [PDF] 
•  [ISSRE 2021] "Peeking into the Gray Area of Mobile World: An Empirical Study of Unlabeled Android Apps", Sen Chen, Lingling Fan*, Cuiyun Gao, Fu Song, and Yang Liu, International Symposium on Software Reliability Engineering (ISSRE), 2021. (* Corresponding author) [PDF] 
•  [SCIS 2021] "Towards Characterizing Bug Fixes through Dependency-Level Changes", Di Cui, Lingling Fan, Sen Chen, Yuanfang Cai, Qinghua Zheng, Yang Liu, and Ting Liu, SCIENCE CHINA Information Sciences (SCIS), 2021. [PDF] 
•  [FCS 2021] "VenomAttack: Automated and Adaptive Activity Hijacking in Android", Pu Sun, Sen Chen, Lingling Fan, Pengfei Gao, Fu Song, Min Yang, Frontiers of Computer Science (FCS), 2021. [PDF] 
•  [IJIS 2021] "Advanced Evasion Attacks and Mitigations on Practical ML-Based Phishing Website Classifiers", Fu Song, Yusi Lei, Sen Chen, Lingling Fan, and Yang Liu, the International Journal of Intelligent Systems (IJIS), 2021. [PDF]  (IF 10.312)
•  [ICSE 2021] "ATVHUNTER: Reliable Version Detection of Third-Party Libraries for Vulnerability Identification in Android Applications", Xian Zhan, Lingling Fan, Sen Chen, Feng Wu, Tianming Liu, Xiapu Luo, and Yang Liu, In Proceedings of the 43rd International Conference on Software Engineering (ICSE'2021), Madrid, Spain, 2021. [PDF] 

  ACM SIGSOFT Distinguished Paper Award

•  [TOSEM 2020] "Why an Android App is Classified as Malware? TowardsMalware Classification Interpretation", Bozhi Wu, Sen Chen, Cuiyun Gao, Lingling Fan, Yang Liu, Weiping Wen and Michael R. Lyu, ACM Transactions on Software Engineering and Methodology (TOSEM), 2020. [PDF]  (IF 3.857)
•  [TSE 2020] "Why My App Crashes? Understanding and Benchmarking Framework-specific Exceptions of Android apps", Ting Su, Lingling Fan*, Sen Chen, Yang Liu, Lihua Xu, Geguang Pu and Zhendong Su, IEEE Transactions on Software Engineering (TSE), 2020. (* Corresponding author) [PDF]  [Dataset]  (IF 6.520)
•  [ASE 2020] "Automated Third-party Library Detection for Android Applications: Are We There Yet?", Xian Zhan, Lingling Fan*, Tianming Liu, Sen Chen, Li Li, Haoyu Wang, Yifei Xu, Xiapu Luo, Yang Liu, The 35th IEEE/ACM International Conference on Automated Software Engineering (ASE'20), 2020. (93/414 = 22.5%) (* Corresponding author) [PDF]
•  [S&P 2021] "Who is Real Bob? Adversarial Attacks on Speaker Recognition Systems", Guangke Chen, Sen Chen, Lingling Fan, Xiaoning Du, Zhe Zhao, Fu Song, Yang Liu, In Proceedings of the IEEE Security and Privacy (Oakland'2021), 2021. [PDF] 

- Demonstrated to be effective on commercial systems such as Talentedsoft and Microsoft Azure.

•  [ICSE 2020] "An Empirical Assessment of Security Risks of Global Android Banking Apps", Sen Chen, Lingling Fan, Guozhu Meng, Ting Su, Minhui Xue, Yinxing Xue, Yang Liu, and Lihua Xu, In Proceedings of the 42nd International Conference on Software Engineering (ICSE'2020), Seoul, South Korea, 2020. (129/617 = 20.9%) [PDF] 

- 52 out of 126 vulnerabilities have been patched by 21 banking entities so far, including HSBC (UK and China) and OCBC (Singapore), and AUSERA has been packaged as an online service to provide mobile app security assessment.

•  [TDSC 2020] "GUI-Squatting Attack: Automated Generation of Android Phishing Apps", Sen Chen, Lingling Fan*, Chunyang Chen, Minhui Xue, Yang Liu, and Lihua Xu, IEEE Transaction on Dependenable and Secure Computing (TDSC), 2020. (* Corresponding author) [PDF]  (IF 7.040)
•  [SANER 2020] "CORE: Automating Review Recommendation for Code Changes", Jing Kai Siow, Cuiyun Gao, Lingling Fan, Sen Chen, and Yang Liu, In Proceedings of the 27th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2020), London, Ontario, Canada, 2020. (21.1% = 44/199) [PDF] 
•  [ICSE 2019] "StoryDroid: Automated Generation of Storyboard for Android Apps", Sen Chen, Lingling Fan, Chunyang Chen, Ting Su, Wenhe Li, Yang Liu, Lihua Xu, In Proceedings of the 41st ACM/IEEE International Conference on Software Engineering (ICSE'2019), Montréal, QC, Canada, 2019. (acceptance rate: 109/529 = 20.6%) [PDF] 
•  [ICSE 2019] "A Large-scale Empirical Study on Industrial Fake Apps", Chongbin Tang, Sen Chen, Lingling Fan*, Lihua Xu, Yang Liu, Zhushou Tang and Liang Dou, In Proceedings of the 41st ACM/IEEE International Conference on Software Engineering (ICSE'2019), SEIP, Montréal, QC, Canada, 2019. (acceptance rate: 30/135 = 22%) (* Corresponding author) [PDF] 
•  [SANER 2019] "How Can We Craft Large-Scale Mobile Malware? An Automated Poisoning Attack" , Sen Chen, Minhui Xue, Lingling Fan, Lei Ma, Yang Liu and Lihua Xu, In Proceedings of the 26th IEEE International Conference on Software Analysis, Evolution, and Reengineering, AI4Mobile, Hangzhou, China, 2019
•  [SANER 2019] "Automated Cross-Platform GUI Code Generation for Mobile Apps", Sen Chen, Lingling Fan, Ting Su, Lei Ma, Yang Liu and Lihua Xu, In Proceedings of the 26th IEEE International Conference on Software Analysis, Evolution, and Reengineering, AI4Mobile, Hangzhou, China, 2019
•  [ASE 2018] "Efficiently Manifesting Asynchronous Programming Errors in Android Apps", Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu and Geguang Pu, In 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE'18), Montpellier, France, 2018. (acceptance rate: 69/346 = 19.9%) [PDF] 
•  [ICSE 2018] "Large-Scale Analysis of Framework-Specific Exceptions in Android Apps", Lingling Fan, Ting Su, Sen Chen, Guozhu Meng, Yang Liu, Lihua Xu, Geguang Pu and Zhendong Su, In Proceedings of the 40th International Conference on Software Engineering (ICSE'2018), Gothenburg, Sweden, 2018. (acceptance rate: 105/502 = 20.9%) [PDF] [BibTex]  [Website] [Slides] [Press]

  ACM SIGSOFT Distinguished Paper Award

•  [ESEC/FSE 2018] "Are Mobile Banking Apps Secure? What Can be Improved?", Sen Chen, Ting Su, Lingling Fan, Guozhu Meng, Minhui Xue, Yang Liu, Lihua Xu, In Proceedings of the 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE'2018), Industrial Track, Florida, United States, 2018. [PDF] 
•  [NASAC 2018] "AUSERA: Large-Scale Automated Security Risk Assessment of Global Mobile Banking Apps", Sen Chen, Guozhu Meng, Ting Su, Lingling Fan, Minhui Xue, Yinxing Xue, Yang Liu, and Lihua Xu, National Software Application Conference (NASAC'2018), Shenzhen, China, 2018. [PDF] 
•  [COSE 2017] "Automated Poisoning Attacks and Defenses in Malware Detection System: An Adversarial Machine Learning Approach", Sen Chen, Minhui Xue, Lingling Fan, Shuang Hao, Lihua Xu, Haojin Zhu, and Bo Li, In Proceedings of the Elsevier Computers & Security (COSE'2017), 2017. [PDF] (IF 3.579)
•  [CCS 2016] "POSTER: Accuracy vs. Time Cost: Detecting Android Malware through Pareto Ensemble Pruning", Lingling Fan, Minhui Xue, Sen Chen, Lihua Xu, Haojin Zhu, In Proceedings of the ACM Conference on Computer and Communications Security (CCS'2016), Vienna, Austria, 2016. [PDF]

•  [APSEC 2016] "Model-Based Continuous Verification", Lingling Fan, Sen Chen, Lihua Xu, Zongyuan Yang, Huibiao Zhu, In Proceedings of the IEEE ASIA-Pacific Software Engineering Conference (APSEC'2016), Hamilton, New Zealand, 2016. (acceptance rate: 19.7%) [PDF]

Awards

ACM SIGSOFT Distinguished Paper Award, ASE, October, 2022

ACM SIGSOFT Distinguished Paper Award, ICSE, May, 2021

Outstanding graduates of Shanghai, China, May 2019

ACM SIGSOFT Distinguished Paper Award, ICSE, May, 2018

Research Tool Award, NASAC, 2018

National Scholarship, The Ministry of Education, China, 2018

ACM SIGSOFT CAPS Award, ASE, ACM, 2018

Outstanding student of ECNU, China, December 2015

Outstanding graduates of Shanghai, China, June 2014

Academic Services

Proceeding chair of Internetware 2020

Financial chair of APSEC 2020

Reviewer of the Journal TIFS, TDSC, TSE TOSEM COSE

PC member of AI4Mobile 2019 ICECCS 2020, ASE 2021, ISSRE 2021, ASE 2022, FSE 2022, ISSRE 2022, ICECCS 2022

Co-reviewer of ASE 2018, 2019, 2020 USENIX Security 2018, 2019, CCS 2018, 2019, Oakland 2018, 2019, ESEC/FSE 2019