JINGQIN LIN
Academic Profile

JINGQIN LIN

Cybersecurity / Malware Analysis & Vulnerability Detection / LLM Security Applications

Updated: June 14, 2026
Zhuhai, Guangdong, China / Los Angeles, CA, USA jingqinlin7@gmail.comGithub
JINGQIN LIN

My research interests include malware analysis, reverse engineering, LLM security, LLM-based automated analysis systems, and automated vulnerability detection. I am currently engaged in vulnerability detection research as a research intern in Professor Jianwei Zhuge’s group at the Network and Information Security Laboratory (NISL), Institute for Network Sciences and Cyberspace at Tsinghua University, which focuses on cyberspace security education and research. I have project experience in malware detection engines, dynamic behavior analysis, endpoint security software, and kernel firewall experiments. I have published a monograph, hold software copyrights, have pending invention patents, and contribute through technical courses and community outreach.

Malware AnalysisReverse EngineeringLLM Security ApplicationsLLM Automated Analysis SystemsAutomated Vulnerability DetectionCPythonQtLinuxRadare2Cuckoo SandboxRAGAPI Hook

Two National Software Copyrights for Computer Security Software

National Invention Patent Publication: Cluster Scheduling and Detection Strategy for Terminal Security Equipment (Under Substantive Examination)

Monograph: "Large Language Models Reconstructing Malware Detection" published by Tsinghua University Press

Palimpsest: LLM-Enhanced IoT Firmware Decompilation Pseudocode System

Python, LLM, Ghidra, CodeQL, Multi-Agent, Vulnerability Detection

  • Palimpsest is an LLM-assisted framework that enhances code semantics from Ghidra decompilation output to facilitate CodeQL database creation. It is optimized specifically for IoT device firmware and CodeQL database construction.
  • The primary application scenario focuses on semantic enhancement of IoT device firmware code for CodeQL database creation, adapting to subsequent firmware vulnerability tracking analysis and Software Composition Analysis (SCA) based on CodeQL.

LLM Agent-Based Automated Malware Sample Reverse Engineering System

Radare2, Qwen, RAG, Reverse Engineering, Malware Analysis

  • Developed an automated malware sample reverse engineering system based on the Radare2 disassembly engine and the Qwen series of Large Language Models.
  • Designed a multi-role mechanism where core roles handle task scheduling and main analysis workflow construction, while auxiliary roles clean up function disassembly results.
  • Enhanced analysis precision through Retrieval-Augmented Generation (RAG) to complete analysis knowledge.
  • Capable of analyzing basic CFF obfuscated samples and generating accurate reports.

LLM-Enhanced Dynamic Behavior Analysis System for Malware

Cuckoo Sandbox, Qwen, Jinja2, Dynamic Analysis, IOC

  • Implemented dynamic analysis of malware samples by combining the open-source Cuckoo Sandbox system with the Qwen series of Large Language Models.
  • Automated the submission of analysis tasks to the sandbox system and performed automated interpretation of sandbox reports and attack chain reconstruction.
  • Generated comprehensive dynamic behavior analysis reports using Jinja2 report templates.
  • Reports include core threat behaviors of the sample, key Indicators of Compromise (IOCs), and malicious threat scoring metrics.

AETHERSCOPE Endpoint Security Software

C, Python, Qt, Windows, Endpoint Security, SQLite3

  • Served as an upgraded version of the Huiling Endpoint Security Software, refactoring underlying detection capabilities.
  • Implemented detection capabilities including sample hashing, binary signature matching, rogue software digital signature features, entropy analysis, and import table scoring.
  • Adopted a hybrid local and cloud database structure for the virus database.
  • Developed the underlying detection engine in C, the Windows UI in Qt, and the cloud engine and security center functions in Python.
  • Planned to integrate an AI malware detection engine to enhance analysis capabilities and kernel-level threat interception functions.

ECHO Malware Detection Engine

C, Python, Linux, KMP, Malware Detection

  • Completely rewrote the underlying engine of the 2022 Huiling Endpoint Security Software.
  • Implemented hash and binary signature matching capabilities based on the KMP algorithm, better aligning with practical detection workflows.
  • Implemented in C combined with Python on Linux.
  • Implemented heuristic analysis based on sample import tables, allowing for coarse-grained scoring combined with sample import function information.
  • The project received a National Software Copyright Certificate and the Second Prize in the Guangdong Provincial Division of the National Information Literacy Competition.

Linux Kernel Firewall Experiment

Linux, Netfilter, Kernel Hook, Qt, Cybersecurity

  • Hooked APIs at the system kernel level through the Linux Netfilter underlying framework.
  • Combined kernel-user space communication technology to achieve interception of access to specific IPs and ports.
  • Supported simultaneous blocking of multiple IPs and ports.
  • Implemented a simple interface using Qt.

Huiling Endpoint Security Software

Developer · C, Qt, API Hook, MD5, Endpoint Security

  • A complete endpoint security software implementing malware detection via binary signature + MD5 hash matching technology.
  • Includes R3 layer API Hook technology to intercept the creation of malicious files and processes.
  • Implemented the underlying engine in C and the UI interface in Qt.
  • The project received a National Software Copyright Certificate and the First Prize in the Guangdong Provincial Division of the National Information Literacy Competition.

Institute for Network Sciences and Cyberspace, Tsinghua University (Network and Information Security Laboratory)

Internship · Research Intern

  • Participated in network and information security research.
  • Focused on malware analysis, reverse engineering, and LLM-based automated analysis.

Pasadena City College, USA

College · Cybersecurity

The Affiliated High School of Central China Normal University (Zhuhai), Guangdong Province

High School

First Prize, Guangdong Provincial Division, 2023 National Information Technology Literacy Competition

National Information Technology Literacy Competition

Second Prize, Guangdong Provincial Division, 2025 National Information Technology Literacy Competition

National Information Technology Literacy Competition

First Place in Informatics Independent Recruitment Examination, The Affiliated High School of Central China Normal University (Zhuhai)

The Affiliated High School of Central China Normal University (Zhuhai)

First Place in Informatics Independent Recruitment Examination, Zhuhai Experimental Middle School

Zhuhai Experimental Middle School

Tencent Volunteer Teaching 2026

AI Course Volunteer Teacher

Accumulated 140+ Hours of Volunteer Service

Volunteer

Student Union Member

Member of the School Publicity Department

School Sports Meet Referee

Referee

School New Year's Gala Volunteer

Volunteer

Member of Los Angeles Regional College AI Student Working Group (LARC)

Course Instructor at Kanxue Forum

Author at FreeBuf Security Community

2024 Shanghai Cybersecurity Expo (Attendee)

HACK PROVE 2025 World White Hat Conference (Attendee)

LayerOne 2026 – Los Angeles Security Conference (Attendee)