Zhuoran (Newt) Tan

If it’s right, time will catch up.

PhD Candidate · Building ML-driven detection systems for AI/software supply chain threats

I am a PhD candidate in Computing Science at the University of Glasgow, building detection and defense systems for modern software and AI supply chains.

My work sits at the intersection of security engineering and machine learning: I design graph-based models and runtime analysis pipelines that turn raw logs, execution traces, and dependency graphs into actionable threat signals — from detecting malicious open-source packages to reconstructing multi-stage APT campaigns.

I write production-grade tools in Python, Go, and Rust, and contribute actively to open-source security projects.

Research Interests

• Software & AI Supply Chain Security — dependency attacks, model poisoning, SBOM/SLSA enforcement
• Threat Detection & Attack Attribution — log parsing, causal reasoning, anomaly detection at scale
• Graph Learning for Security — temporal graphs, provenance graphs, attack-chain reconstruction

Recent News

• 2026-03 — !! Our LLM Supply Chain Security position work has been accepted at LLMSC (co-located with FSE 2026)
• 2026-03 — Check the new arxiv for advanced supply chain simulation
• 2026-02 — Started my visiting to University of Edinburgh

Medium · GitHub · Google Scholar · LinkedIn · ResearchGate · Credly

Posts

• Dec 24, 2025

  Distributed Graph Processing in Practice: From Python Parallelism to Rust and Go

subscribe via RSS