GitHub zzjas x zzjas98 LinkedIn zijie-zhao Google Scholar Scholar

About me

I am Zijie Zhao, a fourth year PhD student in the PL/FM/SE group at University of Illinois Urbana-Champaign advised by Lingming Zhang.

My research interests lie at the intersection of systems security and large language models (LLMs). My work explores combining LLMs with traditional security techniques such as fuzzing and program analysis to build scalable, automated tools for vulnerability discovery and mitigation in foundational software systems such as compilers, operating system kernels, and web browsers.

I obtained my bachelor's and master's degree in Computer Science at University of California San Diego.

Publication

AnyPoC: Universal Proof-of-Concept Test Generation for Scalable LLM-Based Bug Detection

Zijie Zhao, Chenyuan Yang, Weidong Wang, Yihan Yang, Ziqi Zhang, Lingming Zhang

arXiv 2026

arXiv Bugs Found

KNighter: Transforming Static Analysis with LLM-Synthesized Checkers

Chenyuan Yang, Zijie Zhao, Zichen Xie, Haoyu Li, Lingming Zhang

SOSP 2025

ACM DL GitHub

Kernelgpt: Enhanced kernel fuzzing via large language models

Chenyuan Yang, Zijie Zhao, Lingming Zhang

ASPLOS 2025

ACM DL GitHub

WaVe: a verifiably secure WebAssembly sandboxing runtime

Evan Johnson, Evan Laufer, Zijie Zhao, Shravan Narayan, Stefan Savage, Deian Stefan, Fraser Brown

IEEE S&P 2023 🏆 Distinguished Paper Award

IEEE GitHub

Industry Experience

May - Aug 2024, Feb - Aug 2025

Graduate Intern

  • Built a source code level fuzzer MoveSmith for the Aptos Move Compiler and VM stack.
  • MoveSmith is able to generate complex Move programs with high valid rate by respecting rules for language features like ability constraints, lifetime, and ownership.
  • To date, MoveSmith has found 50+ bugs in both the compiler and the VM.
  • Implemented an LLM-based Move program generator to automatically generate diverse tests for new language features.

GitHub

June - Sept 2019

Software Engineer Intern

  • Used React.js, MobX.js, and Bootstrap to build complex web-based financial applications.
  • Maintained existing server-rendered applications built by Ruby on Rails.
  • Reduced page loading time from 18s to 2s and data saving time from 100s to 15s.
  • Optimized over 2400 SQL queries into 600 queries.

Teaching Experience

  • UIUC CS 527: Topics in Software Engineering
  • UIUC CS 427: Software Engineering I
  • UCSD CSE 127: Intro to Computer Security
  • UCSD CSE 21: Mathematics for Algorithms and Systems
  • UCSD CSE 12: Basic Data Structures and OOD
  • UCSD CSE 11: Introduction to Java

Selected Bugs

A selection of bugs that my work found:

  • Firefox
  • Linux kernel
    • CVE-2024-23851, CVE-2023-52429, CVE-2024-23848, CVE-2024-23850, CVE-2024-25739, CVE-2024-23849, CVE-2024-25740, CVE-2024-26655, CVE-2024-25741, CVE-2024-43825, CVE-2024-50103
  • OpenSSL
    • CVE-2026-35188