Since 2019, CLTC has provided the Cal Cybersecurity Research Fellowship, made possible through the generous support of Tim M. Mather, CLTC External Advisor and a Cal alumnus (Class of ´81).
We are excited to announce the two awardees for Fall 2025: Changcheng Fan, a postdoctoral researcher, and Tianneng Shi, a PhD student in Computer Science, advised by Professor Dawn Song. Abstracts for the Fellows’ projects are included below.
Changcheng Fan, Postdoctoral Researcher
CensorLab: An AI-Driven Testbed for Simulating and Defending Against Censorship Mechanisms
The dynamics of Internet censorship and circumvention mirror an adversarial security arms race: when censors deploy new blocking mechanisms, the circumvention community reacts by identifying weaknesses in these systems to bypass it. This reactive model, however, limits our ability to anticipate and mitigate future censorship advances—especially as censors increasingly employ artificial intelligence (AI) and machine learning (ML) for detection and control.
We propose CenGuard, a high-performance testbed that leverages AI-driven emulation and automation to study, predict, and defend against evolving censorship techniques. CenGuard integrates ML-based traffic analysis and automated scenario generation to emulate both real-world and hypothetical censorship strategies, including ML-powered traffic classifiers and adaptive filtering systems. By incorporating principles from Security Orchestration, Automation, and Response (SOAR), the platform enables researchers to automatically detect weakness in circumvention tools, generate new censorship strategies, and simulate defensive countermeasures in a controlled environment.
This research aims to advance the state of proactive cybersecurity by (1) developing ML models to automatically characterize and respond to censorship behaviors; (2) enabling rapid, reproducible experimentation on emerging censorship tactics; and (3) providing a robust open framework for the security community to explore AI-enabled cyber defense strategies in adversarial network environments.
Tianneng Shi, PhD student, Computer Science
Evaluating and Enhancing AI Agents’ End-to-End Cybersecurity Capabilities
AI has the potential to transform cybersecurity by enabling systems that can autonomously detect, analyze, and remediate software vulnerabilities. However, existing evaluations of AI systems in this domain remain narrow in scope, focusing primarily on capture-the-flag-style tasks and educational scenarios that fail to capture the end-to-end complexity of real-world software security discovery and remediation. To address this gap, we propose developing a new end-to-end cybersecurity benchmark that comprehensively evaluates AI agents’ abilities across the full lifecycle of vulnerability discovery, PoC generation, and patch validation.
The proposed project will operate at scale, integrating real-world software repositories to create executable environments where agents can identify vulnerabilities, generate PoC, apply candidate patches, and verify both vulnerability mitigation and functional correctness through automated testing. Each instance will be containerized for reproducibility and will support reinforcement learning based agent training to help improve cybersecurity capabilities.
By providing the standardized, reproducible benchmark for AI-driven vulnerability discovery and patch, this project will establish a foundation for advancing autonomous and trustworthy cyber defenders. The resulting framework will enable systematic evaluation and iterative improvement of AI systems for security orchestration, automation, and response (SOAR), directly supporting the goal of developing AI that can meaningfully assist or automate defensive cybersecurity operations at scale.
