Ripple in Abyss

2023 Weekly Report Summary

 6842  33 mins  

December 2023 Summary

The state I was in at the start of the month is hard to describe. I wasn't slacking exactly, but I just couldn't muster the drive to keep pushing the research forward... efficiency wasn't high either... maybe because my heart simply could not settle... but there wasn't any particular thing distracting me either... could it be that in winter I wear too many clothes, lack regular exercise, and sit with poor posture, so that physiological fatigue sets in? And isn't the time I spend at night studying other knowledge a little excessive, dragging me to sleep at one in the morning, then up at eight or nine to head to work, and staying in the lab until eleven at night? I need to adjust my state in time! Use the flywheel effect to slip directly into a good research posture, while running an hour-glass timer on the side, drinking water, getting up and moving, and taking bathroom breaks promptly. In the evening, when there is time, I should exercise more.

One downside of slacking off now and then is that I struggle to handle sudden situations, like a pot dropped on me out of the blue. When I'm dealing with these dropped pots, I'm actually quite alert, but when working on my own research I have no inspiration at all. And while taking on the pot, I can't help thinking, ah, my own work isn't done yet, now I'll have even less time. So in normal times I have to push my own topic forward faster, leaving room for unexpected events. It's like saving money to cope with accidental injury.

Bring time into your "tertiary" life more often. If I'm only picking up the phone to scroll through some videos to kill time, I'd rather just sit there blankly and let my mind drift, or read a book. Reduce screen time that has nothing to do with research or self-construction! Mid-month I had dinner with Mr. Kongwen, and listened to him talk about his experience and insights in science and engineering, as well as the wide range of his reading. One should not have a rejecting mindset toward adjacent disciplines; one should also read related articles, at least to the point of being able to converse with people in those fields without trouble. Indeed, a PhD should not just bury his head in his own narrow direction, but should also widely browse the work of related fields, at least understanding what they are doing, what problem they want to solve, and how well they are solving it. Cross-pollination across directions does spawn new ideas. It is said that the methodology of optical research was itself borrowed from the other four foundational theories.

20231225-20231231 Week 42

  • Continue writing the paper this week, aim to finish a draft by mid-January

20231218-20231224 Week 41

  • This week was mainly summarizing the paper outline and handling some project-side things
  • Still need to think deeply, induce the essence of things, and follow the crowd less

20231211-20231217 Week 40

  • This week was advancing paper writing and organizing Zhihu notes; group meeting share over the weekend
  • Also studying the systematic course on Geekbang, getting started with Rust and Go

20231204-20231210 Week 39

  • This week was various experimental analyses
  • There's a paper at Oakland 24 that uses benzene for RCA; reread the paper and organize Zhihu notes
  • Need to settle down and do something that yields lasting self-improvement

November 2023 Summary

This month I pushed the progress of xxx furiously, hoping to make the December 7 Oakland deadline. At the beginning of the month the lab computer's RAM stick failed, so I switched to a spare old machine from the lab, plugged in the original hard drive, and Windows reported that, due to changes in the device hardware, it had become unactivated. So I reformatted the system disk and installed a new Windows. I also merged the previously partitioned drives and, together with the old machine's own drives, suddenly upgraded to 4T, 2333.

What was rather lacking this month was self-improvement work outside of work itself, such as systematically mastering static and dynamic analysis methods, learning more software-security analysis techniques, and so on. I didn't read many new papers either. I have to remember to read and write papers every day! It is a matter of accumulation, and the effect should be measured over a fairly long stretch of time. Mid-month I took advantage of the Double 11 sale to buy an annual Geekbang membership, which was 1,600 to 1,700 yuan cheaper than the daily price, very good value. After this I should also read, study, and digest more! For the first time I seriously made a four-quadrant plan of my recent work tasks, and discovered that the things I had been doing all along were the least urgent and least important... no wonder I felt like every week saw no progress, it was because I wasn't using my time on the right things...

Late in the month I researched the usage of Baidu Netdisk's API, since it was a shame to leave a 2T drive idle! It's just that when uploading files, the server frequently returns 500, presumably some unfixed bug inside. On the last day of November came the doctoral conversion interview, which on the whole was rather perfunctory. Teachers from different fields are like people separated by mountains; some didn't even know whether USENIX or Oakland are CCF-A, and didn't know what fuzzing was...

20231127-20231203 Week 38

  • Doctoral conversion interview
  • Wrote integrated experiment code
  • Continued to push the paper forward

20231120-20231126 Week 37

  • Prepared the slides for next week's doctoral conversion defense
  • Summarized the paper outline and challenges, pushed the paper forward as fast as possible
  • Studied the Baidu Netdisk API, putting long-idle resources to use!

20231113-20231119 Week 36

  • This week the three kinds of experiments were more or less consolidated, ready for comparison experiments (although the results still need careful confirmation, with the experiment code reverse-optimized), and I also did some plotting
  • Work focus shifted to writing the paper

20231106-20231112 Week 35

  • This week brought VSA design over to the ARM architecture and ran some comparison experiments
  • Found a docker compose for an integrated LAMP environment on GitHub; tried it and it works well

20231030-20231105 Week 34

  • Big push on writing the paper and running experiments this week!
  • On Saturday the lab computer's RAM died, then I switched to another retired machine; after swapping the drive Windows refused to activate, so I reinstalled the system... what torture

October 2023 Summary

At the beginning of the month my sleep quality felt poor; in the night I would wake up every two or three hours and then go back to sleep. I suspected it was because of the low AC temperature combined with not pulling the quilt up. On National Day, while taking a shower, I suddenly had a nosebleed for the first time. Could I have caught some incurable illness... Doing 3D modeling in Blender turned out to be quite fun, and it seems you can also make 3D mini-animations. Got to keep learning! I hope to learn it to the level of doing custom face sculpting, hahaha.

Mid-month, my snoring problem worsened, and my roommate slapped the bed in the middle of the night to wake me up. Following advice, I got a snore controller, which can ring or vibrate to alert me when it detects snoring. Using it, it really can wake me up, but after waking I had no idea I had been snoring, and being repeatedly woken in the night left me a little depressed. Intermittent sleep really doesn't feel great. Later I propped up the pillow higher; I'm not sure whether the situation has improved, but at least my roommate hasn't been slapping the bed again.

Why is it that I always feel listless and unproductive? It's because the physical discomfort from sitting too long leads to anxious moods, and in such irritated states it's easy to drift off into distraction no matter what I'm doing. Later I realized that this situation should, on the contrary, prompt one to calm down and reflect on one's strengths and weaknesses. Does the chronic state of being so busy that there is no time to stop and think itself form a feedback loop that further drives the busyness? If so, I have to recognize it in time and break out of it. These past few days I've been arriving at the lab before ten in the morning and leaving after ten at night; I really do feel that this should be the daily rhythm, focused on the research, not thinking about random things. When I'm idle and irritated, I should put together a list of things to pass the time. Properly planning one's time is very important.

Goal-oriented learning is best, but when one doesn't know the goal, how does one know what to learn? A thought that suddenly occurred to me: I could simply take exam papers from related professional certifications and work through them, then learn the things in them I hadn't heard of. In the end I might even pick up a certificate, hh. Or learn new knowledge from CTF challenges, seeing whether the difficulty is a lack of fluency in known knowledge or genuinely new knowledge to be learned, and gauge the value of each problem accordingly. Maybe this is research-mindedness? Things still have to be planned in order to know that there are many, very difficult tasks to complete. Without recognizing this, every day one only indulges in trivial growth, while wasting vast amounts of time. As for paper writing, just push past doubts and write everything you want to express, give the work a foundation. Afterward you can polish, adjust the wording, the structure, the position of the text and so on. Yesterday afternoon was a painful lesson! (Writing the background, hesitating over how to phrase it, finally deleting the background, agonizing over whether the second chapter should have an overview, until finally the entire afternoon was wasted.)

I'm also studying music theory at the same time. It feels like there's a missing piece: a free piece of software that supports multiple ways of identifying notation. I plan to develop one as a WeChat mini-program.

20231023-20231029 Week 33

  • This week is spent writing the paper and the proposal. Tentatively aiming at the Oakland deadline of December 7; even though it definitely won't get in, let's see if we can get some feedback. Time is a bit tight, not sure if it's enough.

20231016-20231022 Week 32

  • The first two days of this week were on preparing materials for the doctoral conversion; the following days were on manually verifying the experiment's ground truth
  • Along the way, helped fix some bugs on the Tu-Zhu site, adding an automatic SMS-sending feature for messages

20231009-20231015 Week 31

  • This week was busy with writing the proposal, drafting the paper outline, analyzing experimental data, modifying code, and preparing the interview materials. Busy, but rewarding.
  • Saturday was the lab team-building outing; Sunday was filling out doctoral conversion application materials.

20231002-20231008 Week 30

  • Continued writing the research code this week. Basically resolved the segmentation fault problem; the cause was that capstone's disassembly results are not 100% accurate.
  • Roughly finished a heuristic ranking strategy, still need to verify the top-5 effect in practice.
  • Started preparing interview materials, started writing the paper.

September 2023 Summary

At the beginning of the month I started learning Unity, to see whether I could pick up a bit of side income~ I'm now up to three clients on the crawler work I'm doing for others, so I've gained a bit of small experience! My own research's experimental results feel OK; the next step is to think about how to optimize further, then write the paper. On top of that, I hope the doctoral conversion at the end of the year goes smoothly! Learning Unity showed me my learning ability is still there; I just have to apply it to my main work, like steadily learning LLVM.

Mid-month I started studying some basics of music theory, hoping that later I could read sheet music. Unity's announcement that they would charge by install caused, frankly, an industry earthquake. Since starting Unity, I feel my long-dormant learning module has been reactivated. While studying Rust and Go recently, I can faintly feel some glimmer of inspiration, with a better grip. People really do have to keep learning and improving! I'm not sure what bacterial pharyngitis I caught, but my throat felt as though something was always blocking it. Dizzy, sore-eyed, weak in the body, it really does take rest to recover.

Toward the end of the month I started studying angr, said to be an excellent binary static-analysis tool. Until now I'd only heard of it and never tried it hands-on. Since it was Mr. Mu's recommendation, I'd better hit it hard! My own topic feels stuck in a bottleneck; I don't know how to optimize the experimental results further, and I have a feeling of not knowing where to start... I hope this National Day holiday I can grab the time and try to nail down the core part.

20230925-20231001 Week 29

  • This week increased the lastN size and found that taint can indeed propagate further. But for some particular cases there's still insufficient taint.
  • Need to think about how to rank using heuristic methods.

20230918-20230924 Week 28

  • This week it feels like I can start writing the paper framework, but the experiments still need to be made more solid.
  • Mo xiang wai qiu — seek nothing outside.

20230911-20230917 Week 27

  • This week I picked up a bit of Vue front-end and built a dashboard for the running state of the lab servers.
  • On my own topic, there should be one last contribution and then wrap-up. Asked zq to help run experiments and analyze the results.
  • From the angle of analyzing results, summarized insights from 7 or 8 papers and posted a Zhihu article.

20230904~20230910 Week 26

  • This week I measured the effect of the topic; compared with the baseline, the time overhead is only 1%. The next problem should be researching how to reduce overtaint.
  • The slides for this week's group meeting were entirely written from a story-telling angle, and they came together very smoothly. Is it because every day this week I was studying Unity, and so I rediscovered the "learning state" and approached things with enthusiasm? Likewise, try to migrate that to the main work as much as possible.
  • Posted a Zhihu article alongside the paper I shared at group meeting. Plan to put all my paper reading on Zhihu from now on; it does seem more professional than CSDN.
  • Recently watching some Bilibili videos, including a piano UP-er who, while playing piano in a mall, was rebuked by a middle-aged woman doing nails upstairs for "disturbing the peace." There are many similar examples, and one cannot help reflecting: where does the root of such arguments and quarrels lie? Each side has its own standpoint, each has needs to satisfy. If only those two sides participate, then aside from one yielding to the other, there seems to be no way to settle it. The argument itself is an outburst of emotion; the dominant party uses it to vent the various pent-up grievances of daily life, abstracting the weaker party into a release valve. As the conflict escalates into personal attacks and broad generalizations, its nature has already changed; it is no longer about resolving the matter itself. At this point a third party is needed to resolve the issue, such as the mall manager in this case.

20230827~20230903 Week 25

  • This week I designed the integrated data-flow tracking code for the topic. Last week's meeting sounded like the main functionality was almost done, perhaps to the point where I could start writing the paper?
  • Summer vacation is over; the junior I'm mentoring was mainly busy with TOEFL and GRE and didn't really participate in research. Yesterday we chatted, and he plans to come back next week; let's see if we can find him a workstation in 320.

August 2023 Summary

At the beginning of the month I was busy reproducing the POMP code. The previous two months I had been busy reimplementing it in Python, and looking back I really stepped into a pit, because the code volume was too large, and C macros and goto statements don't extend well into Python. Structs and container_of also need rather troublesome designs. Switching strategy and just modifying the original code is much simpler; I just need to implement the adaptation for coredump, trace, and binary inputs and a handler adaptation for the ARM instruction set. I'd better grab the time and see if I can finish around the middle of August.

Mid-month I suddenly took an interest in network protocols. Read the sslh code carefully, read the TLS protocol document, ran frp, and compiled a custom SSH application. There were some findings: the version of software automatically installed via apt install is often quite outdated; even with sshd set on a non-common port, you constantly receive malicious connection requests from outside, with hello packets like SSH-2.0-OpenSSH or SSH-2.0-Go or SSH-2.0-libssh, obviously script connections. Also, for some reason the server can't receive UDP packets? A bit strange. When a program crashes, always remember to use gdb plus coredump to analyze, quickly locate the root cause. Remember to setvbuf(stdout, 0, 2, 0) and setvbuf(stderr, 0, 2, 0), to avoid having printf data still in the buffer when the program crashes and never being printed. (fflush(stdout) also works, but you have to write many of them; for debugging, sacrificing performance with setvbuf is more convenient.)

Late in the month I suddenly wanted to mess around with Unity, basically because I wanted to do something interesting and creative. But I was instantly turned away by the art side, having neither the energy nor the time for it, and it doesn't really help my main work either. But thinking from another angle: is this kind of creativity simply more obvious, while my own work also has a lot of new knowledge to explore, a lot of unexcavated creativity that I am ignoring? For example, writing some pwn-college notes and writeups as output? Learning new technologies, organizing and publishing paper-reading notes? My own work has to be sped up. From last December until now, it has been almost a year, all because the actual daily progress is small, and there are problems of redoing work.

20230821~20230826 Week 24

  • This week kept processing the code; found that handlers are actually generic, only the resolver's semantics need handling.
  • The school's summer vacation is almost over; recently I read a bit of extracurricular books every day, a kind of cultivation?

20230814~20230820 Week 23

  • ChatGPT's effectiveness on handlers is still not great, even given rich structured semantics.
  • This week mainly writing code, debugging, processing handlers and resolvers, and adding semantic information to help analysis. Using memory reads and writes along the execution path, can the memory aliasing problem be solved? Needs further exploration.

20230807~20230813 Week 22

  • Continued migrating POMP, mainly handling all kinds of handlers under ARM, around 600+ in total, but probably only several dozen commonly used ones need handling. Considering using ChatGPT to help write some.
  • Out of interest, read the sslh project source carefully and felt I learned quite a bit about C programming conventions. The reading notes will be updated on the tech blog later.

20230731~20230806 Week 21

  • This week was migrating the POMP work. Earlier I had been thinking of rewriting C into Python, but later I realized the amount of code to change was simply too much, and migrating C macros and goto statements to Python is also troublesome. In the end I decided to modify it directly in C; only the three kinds of input information and the ARM handlers need changing (right?).
  • The next-step work might be considered along three angles: automated handler generation, over-taint analysis and reduction, and analysis during LLM interaction.

July 2023 Summary

There may be two things to note. First, start from the question and from value: before reading a paper, based on the title and abstract, think about what the core problem the article is solving is, where its value and significance lie, and what problems it might have (find the flaws and assumptions the article tries to dodge). Second, place importance on summarizing and induction: at the end of each day's work, I must summarize and reflect on what I gained that day, link it to past thoughts, and form a written summary (or slide summary) to consolidate progress. A bit like the homework after class in middle school, encouraging thinking.

In mid-July I was mainly busy rushing the course survey paper and the proposal, with a deadline at the end of July. Because I was going to Shanghai Jiao Tong University at the end of the month for the gossip summer school, I had to grab the time to push hard. The experimental part is still without a clue; the main thing is needing some algorithm to help give a semantic-level analysis. But after reading so many papers, both IoT FL and semantic considerations have actually been done in some articles, just not as the main focus. As for the application scenario and importance, more thought is needed; whether providing semantic information at the assembly level is really necessary. Especially for IoT analysts, they may already possess rich analysis experience and don't need extra guidance (whose correctness is still uncertain).

At the end of July I attended the gossip summer school. The feeling is that one really should do research solidly, and let "research" become an attitude. Whether in academia or in industry, this is a basic capability. There's also self-motivation; I always feel that currently I do not actively go after new knowledge, and my thinking and doing are too superficial. Is it because the topic I'm currently doing isn't very interesting? It should be because I have never thought deeply, never built the relevant foundation, and just jumped in to do it; not knowing whether it's good, I doubt myself and am lost. I need guidance from methodology!

I don't know if it's a passing surge of hormones, but at the end of the month I felt my mindset was excellent: I could settle down, I had the urge to study and explore many things to the bottom, and I also wanted to do some exercise like running on the playground. How can this state be solidified? Is it that I should be in a relationship...? Or sleep earlier each night? Avoid electronic devices before bed? I'm starting to understand why "the body is the capital of revolution" and why "youth is capital." When the body is poor, sitting becomes very uncomfortable, which leads to mental restlessness, and then you can't calm down to do anything. Read more books, read more documents, actively get first-hand information from the source; quality and efficiency are far better than hearsay.

20230724~20230730 Week 20

  • This week I attended gossip summer school; related logs have been published.
  • It looks like there's nothing else coming up next, so I have to speed up the experiments.

20230717~20230723 Week 19

  • The only work this week was writing the RCA survey, the course report due at the end of July.
  • From July 24-28 I'll be at Zhangjiang Institute of Advanced Studies for gossip summer school; hope to finish the coursework as soon as possible and continue pushing the experiment forward.

20230710~20230716 Week 18

  • Read DeFault: Mutual Information-based Crash Triage for Massive Crashes, Historical Spectrum Based Fault Localization, A fault localization approach based on fault propagation context, in preparation for Sunday's group meeting share.
  • Weekend group meeting, shared the solution to the tie problem in spectrum-based FL: one approach is inter-class error propagation, another is information from code's historical version evolution.
  • On Sunday, surprisingly, someone filed an issue on the tech-blog asking for the CSE writeup progress. Looks like that needs to be put on the agenda!

20230703~20230709 Week 17

  • Read roughly the intro of A fault localization approach based on fault propagation context; it aims to address the tie problem in SBFL methods.
  • Looked at the pre of Improving Fault Localization by Integrating Value and Predicate Based Causal Inference Techniques.
  • Briefly read A Survey of Software Fault Localization; FL work can be approached from the two angles of code localization and code analysis.
  • This week the boss assigned me a junior, asked me to take him on for some research over the summer and oversee his thesis.

June 2023 Summary

The attributes of life can be divided into three aspects: reality, virtual, and the intertwined of reality and virtual. The advantage of my major is that, when doing research, it sharpens the intertwined of reality and virtual. For the sake of future planning, in the future I should reduce virtual points and increase reality points. What's important is action; "hesitation leads to defeat" is because there's too much thinking. First use action to dispel stray thoughts, and work efficiency immediately rises sharply.

At the start of the month the boss inspected 320, which counted as a meeting; he pointed out that the current work has the problem of "no hard point." It's not that just because no one has done a particular object you can directly do it; you have to carefully analyze why it is worth doing (rather than it being a simple matter of engineering implementation), only then can you publish a paper. Can existing methods be migrated directly? (Note: method migration, not engineering rewriting or reimplementation, that doesn't count as a new contribution.) If they can, what is the effect? If the effect is poor, what causes the drop? If the effect is good, then there's no need to do it. That is to say, identifying a suitable problem is the most crucial.

By mid-June I was feeling pretty good. Both after waking up in the morning and before sleeping at night, I was able to do some coding study work, and I didn't have feelings of tedium; even in the plainness, I had the motivation to keep working. I hope I can maintain this state. Try to leave the lab only after nine in the evening, and remember to run on the playground, even just one or two laps. Sitting more than ten hours each day has now started to give me bone pains. My lower back and neck can't take it anymore.

That said, Little H in the lab really is the biggest source of noise... when he's not there, the lab is extremely quiet; when he is there, it's incredibly noisy, not a single minute of peace. Either he's making strange sounds, or he's saying irrelevant trivia, insisting on telling everyone what he's doing. And he's haughty all day, as if he's the best thing ever (and although he is indeed strong, generating noise all day really is annoying), really, repeatedly testing my patience.

But from another angle, this also shows that my own focus has been declining; like five or six years ago, when I worked in earnest, I was completely unaffected by the outside world.

I have to think about what abilities I need going forward, and whether the things I'm currently doing help me acquire or improve those abilities. Don't get stuck on momentary satisfaction; study more, make progress every day, look at new things, don't be self-satisfied and shut yourself in. Capability is gradually built up.

At the end of the month I read 《跃迁》 (Leap), and indeed parts of it spoke very well; I'll later jot down notes and post them in 「浮世」 (The Floating World). By the way, on June 30 the China-region Kindle store left the market. A little flash of inspiration: on the 29th I switched to the U.S. region and freshly copied 1G of English articles to the Kindle. Speaking of which, I haven't used it in a long time; once I checked, I realized there were quite a few books I hadn't read.

20230626~20230702 Week 16

  • Read An Empirical Study of Fault Localization Families and Their Combinations, an experimental study of a series of FL methods, gave some interesting conclusions.
  • Read Practitioners' Expectations on Automated Fault Localization, an ISSTA 2016 survey, mainly thinking from the developer's perspective about what properties an FL tool should have, helping further FL work.
  • Skim-read A Universal Data Augmentation Approach for Fault Localization; the insight is to reduce the input to improve DFL's performance. It mainly addresses two problems: too many features in high-dimensional data, and imbalance of positive and negative samples.
  • On Saturday helped review a survey on intelligent fuzz testing.
  • Last week the undergraduate roommates had a small gathering; in the end, while walking on the playground, we discussed whether we could share our daily work progress in our small group. Tried it and indeed it works well.

20230619~20230625 Week 15

  • Skim-read NDSS 2019's One Engine To Serve 'em All: Inferring Taint Rules Without Architectural Semantics, an attempt at cross-architecture taint analysis with self-derived taint rules.
  • Organized work related to Fault Localization, gained an initial understanding of progress in the field.
  • Plan to put paper-reading notes on Zhihu from now on.

20230612~20230618 Week 14

  • Skim-read a series of papers on software fault localization, in preparation for the course survey report.
  • Posted my first article on Zhihu, 《程序根因分析》 (Program Root Cause Analysis), basically a summary of group meeting content. With deeper understanding, I'll revise it later.

20230605~20230611 Week 13

  • Read USENIX Security 2017's POMP, TSE 2021's POMP++, shared at Sunday's group meeting.
  • Organized postmortem-based, spectrum-based, and model-based methods related to root cause.
  • Next week I need to start cranking out the various course reports.

May 2023 Summary

At the start of the month, my research drive was high, and consumption desires had also dropped a lot. It's just that the weather was too hot and made me drowsy, and I was always staying up till one or two; a feeling of spending more than I earn. Compared with the previously very anxious state, now I have a bit of a blind "blocking-as-it-comes" attitude: even knowing that on Friday, Saturday, and Sunday things will be exploding, I can be very leisurely on Monday, Tuesday, Wednesday.

At the beginning of the month, regarding my own work: I really must speed up writing code. I haven't reported results to the teachers for two or three months in a row (because there were no results!). Instead of writing universal code from the start, write code from the case first, then revise as problems arise, and finally think and induce. Writing universal code from the start is too slow, with too many details to consider; it ends up tying my hands.

In mid-May my mindset was much more peaceful. I found that once code is being written and exercise happens daily, the anxious mood does ease up a lot. As for classes, there's absolutely no need to listen attentively (or even attend in person) the way I did as an undergrad. I'd suggest just streaming online via Zhiyun or skipping. Going to class really wastes time and slows research progress, and isn't very useful.

In late May I was a bit out of state, perhaps because I was sleeping too late (2 AM) and getting up too late (9 AM), plus a fellow student in the lab who was constantly noisy with shouting; I felt my mind couldn't settle. Could I try to treat this disturbance also as a way to cultivate the mind? My own work feels stuck in a bottleneck; some complex root cause analysis feels especially complex to write in traditional code. Maybe I also need to refer to similar implementations by other works? Like the various reverse-engineering work on Linux.

Finish the assigned tasks as early as possible, only then is it possible to handle some sudden matters, my own matters, extracurricular matters. Don't drag your feet until the assigned task is finished at the last minute, with no proactive improvement of your own. This is a basic condition; don't get the order wrong. Otherwise, over time, a great inertia will form. Make concrete, quantifiable daily plans; if a task is decomposable, break it into multiple checkpoints; if the workload is uncertain, allocate time slices to rotate through (1h*n), to control your behavior.

When listening to others, listen for what's between the lines, and don't speak in a blunt way either. Run things through your head before speaking and acting.

20230529~20230604 Week 12

  • Read NDSS 2023's RR, used for the data-security-and-privacy-protection course presentation
  • Collected and organized articles related to Oakland 2023

20230522~20230528 Week 11

  • Realized that not every paper needs to be read end to end; there's no point. Have to learn to skim.
  • Analyzed Fuzzware's crashes and summarized causes of program crashes
  • Prepared next Thursday's paper presentation
  • Data-collection task, statistics from the yearbook data

20230515~20230521 Week 10

  • Continued reading papers and writing code
  • In half a day, put up a website that gathered the article titles of the four top security conferences plus ICSE and ISSTA from the past four or five years. Since mkdocs has very good search, it's very convenient to search articles on the site. The URL is here

20230508~20230514 Week 9

  • Read POMP, work on collecting traces using PT to do reverse execution and reconstruct registers for root cause analysis; it's a bit similar to my own work's idea
  • Took the weekend off; next week is the fourth week of summer term, the master's first-year life is nearing its end; have to grab the time to push through various course assignments

20230501~20230507 Week 8

  • This week's group meeting share was the FuzzNG work from this year's NDSS, fuzzing Linux kernel without depending on description; the idea may have referred to senior Gao Ning's VShuttle
  • This Saturday I attended the FIT forum and made some meeting minutes
  • My own topic this week saw a lot of detailed parts written out, and even some preliminary experimental results on a small portion of the test objects; I feel that as long as I seriously start it up every day to write, there will be new progress
  • Human potential is unlimited! These past few days I've gotten up at 6:50 in the morning, taken no nap, and managed to push through; that gives almost three more hours of research practice than before

April 2023 Summary

Each day I leave myself far too little time to be sober, to think independently, to be away from electronic devices. The only times that feel meaningful are the forced sobriety before bed and the reflection after waking, where I can slow down and consider how my recent state of mind has been.

First, what I can directly feel is that I'm doing things less and less with my brain engaged. I'm no longer willing to think about the meaning of things, and the affairs of others suddenly have nothing to do with me. My field of vision is also narrow, with no developmental perspective; daily self-improvement is very limited. Forgetful, sleepy.

It may also be that high calorie and sugar intake has begun to give me toothaches, bloating, fatigue, hair loss, chest tightness when running, and reduced wound healing.

I always forget what I'm supposed to do, and once I decide, I keep procrastinating; spending money like water, not preparing for how to find a job after graduation. I don't enter contests or activities, I'm not focused on awards, and even research is a thinly-veiled going-through-the-motions.

There's actually no need to give up CTF just because the things I'm currently doing don't connect to it. I can quietly learn a little something every day on my own. When you encounter a problem, there's actually nothing all that hard about it; just like high-school knowledge that once felt very hard now looks like a child's playhouse. The various problems I encounter now are really more about psychological pressure. I have to take them lightly mentally, study the relevant knowledge in earnest, plug the gaps, and at the same time grasp both the big framework and the small details, only then is it possible to handle these problems with ease. You can't get fat in one bite; the key is bit-by-bit accumulation. Just learn slowly. While the good times at school still remain.

20230424~20230430 Week 7

  • Didn't read any new papers this week
  • On my own topic, the basic framework is more or less in place; the specific detail parts are still being written. The summer-term courses are heavy and don't really mean much; they slow down research progress.
  • Didn't learn any new knowledge either; been a bit lazy.
  • Recently chatted with people around me about job-hunting after graduation; the situation feels rather tense. Should I start preparing interview-experience guides and algorithm problems now?

20230417~20230423 Week 6

  • The first few days of this week were rushing the proposal, quickly read a few articles
  • On the weekend studied 《逆向工程核心原理》 (Core Principles of Reverse Engineering)
  • Removed the technical section from this blog. Plan to put it separately in tech book and migrate the current content over there; not yet deployed.

20230410~20230416 Week 5

  • Friday is the 2024 Oakland spring deadline; organized experimental data
  • Read NDSS BAR 2023's RCABench, which raised several points in RCA work: inconsistent ground truth, initial seed, augmentation method and augmentation time, and so on
  • Continued studying the capstone framework
  • The crawler odd jobs are basically wrapped up; just a few wrap-up tasks remain.

20230403~20230409 Week 4

  • Continued helping with the Revision experiments
  • Read ICSE 2012's ReBucket, work on crash clustering for Microsoft's WER system, mainly to understand the background
  • Read NDSS 2018's What You Corrupt Is Not What You Crash, to understand the silent crash problem in embedded device testing compared with Linux
  • Studying capstone, a binary disassembly framework
  • On the weekend went to Shenzhen to attend InforSec!

March 2023 Summary:

The main time this month was spent handling the experimental part of the previous work's revision; I was still on it up until early April. The boss called everyone for a meeting on March 6, and gave us a month at the time to make a demo and see if there were results. Now a month has passed, and I feel that progress on my own work has not really been very large. I've been considering the question of the meaning of the work, haven't read any related-work papers, and have been uncertain about whether doing it is meaningful, so I've been dragging my feet, even on the implementation of some of my own designs. Apart from not being sure how to write things due to lack of relevant experience, and not knowing what tools are available, many of the ideas seem to have been done in articles ten years ago, so my continuing on it doesn't bring new points, and I haven't found insights for new scenarios. But whether the scenario itself even exists is also a question. As for reproduction and migration of existing work, only half done, because I'm unsure whether it's a technical issue or a methodological one, and I haven't pushed it forward. All in all, this month leaves a lot of room for improvement.

What did I learn this month? Aside from reading a few papers, learning of a few new research websites, and finishing one module on pwn college, the new tools I had originally planned to study still haven't been started. Everyone says you need "many axes" to solve new problems, and only practice makes that possible!

20230327~20230402 Week 3

  • The main work was continuing to handle the Revision experiments and testing on new test objects
  • Found a website that can analyze and visualize citation relationships among papers, connectedpapers; feels very useful! It can quickly help you understand related literature in a field and the logical relationships among them!
  • Found a domestic site similar to overleaf, Slager; can quickly produce personal resumes and slides!
  • Aurora is really hard; though the code is simple, Rust syntax is just too odd; the small details of collect — I can't figure out why a step ago there were elements and the next step it's an empty list?

20230320~20230326 Week 2

  • Tried to migrate Aurora over to Fuzzware, hit technical problems, not yet solved
  • Organized the Revision experiments and continued root cause analysis
  • Briefly read ICSE 2023's fault-localization work based on the Android framework and Microsoft's ICSE 2016 mem-dump-based work, and shared at group meeting
  • Chatted with senior sister about her experience pursuing a doctorate; feels like maybe just a master's and going into industry would be better, since I don't have the self-driven motivation to do a PhD

20230313~20230319 Week 1

  • Continued the crawler odd jobs
  • Organized 5 sets of experimental data, updated revision figures and data; analyzed two supplemental experiments to find the root cause of bugs
  • Briefly read GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs, Oakland 2022

Past Records