Seminar Schedule
Spring 2023-2024
| Date | Speaker | Title | Conference | Download |
| 2.23 | Tian Dong | |||
| 3.1 | Zhiyong Liu | |||
| Peilin Luo | ||||
| 3.8 | Yichi Zhang | |||
| 3.15 | Yanbo Xu | |||
| Linxi Jiang | ||||
| 3.22 | Tong Zhu | |||
| 3.29 | Hongzhi Luo | |||
| Fazhong Liu | ||||
| 4.12 | Zhen Huang | |||
| 4.19 | Yunmeng Shu | |||
| Junxian Li | ||||
| 4.26 | Tian Dong | |||
| 5.10 | Hongliang Yong | |||
| Muchen Pan | ||||
| 5.17 | Zhen Huang | |||
| 5.24 | Yanbo Xu | |||
| Yichi Zhang | ||||
| 5.31 | Tong Zhu | |||
| 6.7 | Zhiyong Liu | |||
| Hongliang Yong |
Autumn 2023
| Date | Speaker | Title | Conference | Download |
| 9.18 | Yichi Zhang | Messy States of Wiring: Vulnerabilities in Emerging Personal Payment Systems | USENIX 2021 | |
| 9.25 | Zhiyong Liu | TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks | USENIX 2023 | PPT |
| Le Yu | Thesis | |||
| 10.9 | Ke Tang | PrivGuard: Privacy Regulation Compliance Made Easier | USENIX 2022 | PPT |
| 10.16 | Yunmeng Shu | VILLAIN: Backdoor Attacks Against Vertical Split Learning | USENIX 2023 | |
| 10.23 | Jiachun Li | Inducing Wireless Chargers to Voice Out for Inaudible Command Attacks | Oakland 2023 | |
| Hongzhi Luo | AEX-Notify: Thwarting Precise Single-Stepping Attacks through Interrupt Awareness for Intel SGX Enclaves | USENIX 2023 | ||
| 10.30 | Peilin Luo | No Linux, No Problem: Fast and Correct Windows Binary Fuzzing via Target-embedded Snapshotting | USENIX 2023 | |
| Muchen Pan | Nowhere to Hide: Detecting Live Video Forgery via Vision-WiFi Silhouette Correspondence | INFOCOM 2023 | ||
| 11.06 | Zhen Huang | SoK: Taxonomy of Attacks on Open-Source Software Supply Chains | Oakland 2023 | |
| 11.13 | Hongliang Yong | An Input-Agnostic Hierarchical Deep Learning Framework for Traffic Fingerprinting | USENIX 2023 | |
| Jiaxin Yan | Mid-term Report | |||
| 11.20 | Tong Zhu | Project Report | ||
| 11.27 | Hui Liu, Yuxia Zhan | Thesis | ||
| Le Zhang, Jia Xiang | Thesis | |||
| 12.04 | Tian Dong | |||
| 12.11 | Chengyang Liu | |||
| 12.18 | Hongliang Yong | |||
| Zhiyong Liu | ||||
| 12.25 | Yunmeng Shu | |||
| Hongzhi Luo |
Spring 2022
| Date | Speaker | Title | Conference | Download |
| 2.22 | Hongzhi Luo | Building a High-performance Fine-grained Deduplication Framework for Backup Storage with High Deduplication Ratio |
USENIX ATC 2022 | |
| Hongliang Yong | Towards Automatically Reverse Engineering Vehicle Diagnostic Protocols | USENIX 2022 | PPT | |
| 3.1 | Zhiyong Liu | Leaky Forms: A Study of Email and Password Exfiltration Before Form Submission | USENIX 2022 | PPT |
| 3.8 | Le Zhang | Paralyzing Drones via EMI Signal Injection on Sensory Communication Channels | NDSS 2023 | PPT |
| Jia Xiang | StrongBox: A GPU TEE on Arm Endpoints | CCS 2022 | ||
| 3.15 | Yuxia Zhan | SoundLock: A Novel User Authentication Scheme for VR Devices Using Auditory-Pupillary Response | NDSS 2023 | PPT |
| 3.22 | Jiachun Li | “OK, Siri” or “Hey, Google”: Evaluating Voiceprint Distinctiveness Via Content-based PROLE Score | USENIX 2022 | PPT |
| Tian Dong | CHKPLUG: Checking GDPR Compliance of WordPress Plugins via Cross-language Code Property Graph | NDSS 2023 | PPT | |
| 3.29 | Ke Tang | A Large-scale Temporal Measurement of Android Malicious Apps: Persistence, Migration, and Lessons Learned | USENIX 2022 | PPT |
| 4.12 | Zhen Huang | SCRAPS: Scalable Collective Remote Attestation for Pub-Sub IoT Networks with Untrusted Proxy Verifier |
USENIX 2022 | |
| 4.19 | Linxi Jiang | Demystifying Exploitable Bugs in Smart Contracts |
ICSE 2023 | |
| 4.26 | Tong Zhu | Khaleesi: Breaker of Advertising & Tracking Request Chains | USENIX 2022 | |
| 5.10 | Chenyang Liu | Cross-Language Attacks | NDSS 2022 | PPT |
| Hui Liu | Tap: Transparent and Privacy-Preserving Data Services | USENIX 2023 | PPT | |
| 5.17 | Yichi Zhang | |||
| 5.24 | Fazhong Liu | |||
| Haoxuan Xu | ||||
| 5.31 | Hongzhi Luo | |||
| Ganxiang Yang |
Autumn 2022
| Date | Speaker | Title | Conference | Download |
| 9.29 | Jiachun Li | FakeGuard: Exploring Haptic Response to Mitigate the Vulnerability in Commercial Fingerprint Anti-Spoofing | NDSS 2022 | PPT |
| 10.13 | Tian Dong | Are Attribute Inference Attacks Just Imputation? | CCS 2022 | PPT |
| Hongliang Yong | BROKENWIRE : Wireless Disruption of CCS Electric Vehicle Charging | NDSS 2023 | PPT | |
| 10.20 | Zhiyong Liu | A Large-scale and Longitudinal Measurement Study of DKIM Deployment | USENIX 2022 | PPT |
| 10.28 | Zhen Huang | Introduction to Zero-Knowledge Pro | PPT | |
| Linxin Jiang | Binoculars:Contention-Based Side-Channel Attacks Exploiting the Page Walker | USENIX 2022 | ||
| 11.4 | Ganxiang Yang | SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX | USENIX 2022 | PPT |
| 11.10 | Le Yu | CGM: An Enhanced Mechanism for Streaming Data Collection with Local Differential Privacy | VLDB 2021 | PPT |
| Yichi Zhang | “Gambling Scam Detection” Literature Review | |||
| 11.17 | Ke Tang | A Large-scale Investigation into Geodifferences in Mobile Apps | USENIX 2022 | PPT |
| 11.25 | Le Zhang | Method Confusion Attack on Bluetooth Pairing | IEEE S&P 2021 | PPT |
| Yuxia Zhan | Everything I want to share about Privacy Policy | PPT | ||
| 12.2 | Hui Liu | Caring about Sharing: User Perceptions of Multiparty Data Sharing | USENIX 2022 | PPT |
| 12.9 | Tong Zhu | The Inventory is Dark and Full of Misinformation Understanding the Abuse of Ad Inventory Pooling in the Ad-Tech Supply Chain | PPT | |
| Haoxuan Xu | Preventing Use-After-Free Attacks with Fast Forward Allocation | USENIX 2021 | ||
| 12.16 | Jia Xiang | Narrator: Secure and Practical State Continuity for Trusted Execution in the Cloud | ACM CCS 2022 | |
| 12.23 | Hongliang Yong | Rolling Colors: Adversarial Laser Exploits against Traffic Light Recognition | USENIX 2022 | PPT |
| Zhiyong Liu | LTrack: Stealthy Tracking of Mobile Phones in LTE | USENIX 2022 | PPT | |
| 12.30 | Hongzhi Luo |
Spring 2022
| Date | Speaker | Title | Conference | Download |
| 2.25 | Yuxia Zhan | OVRSEEN: Auditing Network Traffic and Privacy Policies in Oculus VR | USENIX 2022 | PPT |
| Hui Liu | When the Curious Abandon Honesty: Federated Learning Is Not Private | PPT | ||
| 3.4 | Jia Xiang | Native Client: A Sandbox for Portable, Untrusted x86 Native Code | IEEE S&P 2009 | |
| 4.8 | Le Zhang | Lend Me Your Ear: Passive Remote Physical Side Channels on PCs | USENIX 2022 | PPT |
| Haotian Hu | SAID: State-aware Defense Against Injection Attacks on In-vehicle Network | USENIX 2022 | PPT | |
| 4.15 | Binhan Xi | On the Security Risks of NAS | USENIX 2022 | PPT |
| 4.22 | Jiachun Li | I Always Feel Like Somebody’s Sensing Me! A Framework to Detect, Identify, and Localize Clandestine Wireless Sensors | USENIX 2021 | PPT |
| Zhen Huang | Civet: An Efficient Java Partitioning Framework for Hardware Enclaves | USENIX 2020 | ||
| 4.29 | Shaofeng Li | Are We There Yet? Timing and Floating Attacks on Different Privacy Systems | IEEE S&P 2022 | PPT |
| 5.6 | Tong Zhu | Finding Bugs Using Your Own Code: Detecting Functionally-similar yet Inconsistent Code | USENIX 2021 | |
| Tian Dong | Hyperparameter Tuning with Renyi Differential Privacy | ICLR 2022 | PPT | |
| 5.13 | Le Yu | Privacy Odometers and Filters: Pay-as-you-Go Composition | NIPS 2016 | PPT |
| 5.20 | Yan Meng | GhostTalk: Interactive Attack on Smartphone Voice System Through Power Line | NDSS 2022 | PPT |
| Yichi Zhang | How Machine Learning Is Solving the Binary Function Similarity Problem | USENIX 2022 | PPT | |
| 5.27 | Xinyu Wang | SpecHammer: Combining Spectre and Rowhammer for New Speculative Attacks | IEEE S&P 2022 | PPT |
| 6.3 | Ke Tang | Understanding Worldwide Private Information Collection on Android | NDSS 2021 | PPT |
Autumn 2021
| Date | Speaker | Title | Conference | Download |
| 10.8 | Yuxia Zhan | AdCube: WebVR Ad Fraud and Practical Confinement of Third-Party Ads | USENIX 2021 | PPT |
| Hui Liu | Extracting Training Data from Large Language Models | PPT | ||
| 10.15 | Jia Xiang | Hurdle Securing Jump Instructions Against Code Reuse Attacks | ASPLOS 2020 | |
| 10.22 | Le Zhang | Wireless Charging Power Side-Channel Attacks | CCS 2021 | PPT |
| Haotian Hu | Detection of Message Injection Attacks onto the CAN Bus using Similarity of Successive Messages-Sequence Graphs | PPT | ||
| 10.29 | Binhan Xi | SmashEx: Smashing SGX Enclaves Using Exceptions | CCS 2021 | PPT |
| 11.5 | Xinyu Wang | Trojan Source: Invisiable Vulnerabilities | PPT | |
| Zirui Peng | Entangled watermark as a Defense against Model Extraction | USENIX 2021 | PPT | |
| 11.12 | Zhen Huang | DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks | USENIX 2016 | |
| 11.19 | Jiachun Li | Charger-Surfing: Exploiting a Power Line Side- Channel for Smartphone Information Leakage | USENIX 2021 | PPT |
| 11.26 | Tian Dong | BLACKSMITH: Scalable Rowhammering in the Frequency Domain | IEEE S&P 2022 | PPT |
| Tong Zhu | Discussion on advertising fraud | |||
| 12.3 | Le Yu | Eclipse: Preserving Differential Location Privacy Against Long-Term Observation Attacks | TMC 2020 | PPT |
| Yan Meng | Inferring Live Speech and Speaker Identity via AR/VR Motion Sensors | MobiCom | PPT | |
| 12.10 | Yichi Zhang | Understanding Malicious Cross-library Data Harvesting on Android | PPT | |
| 12.17 | Shaofeng Li | Cache Telepathy: Leveraging Shared Resource Attacks to Learn DNN Architectures | USENIX 2020 | PPT |
| 12.24 | Brain Storm |
Spring 2021
| Date | Speaker | Title | Conference | Download |
| 3.12 | Le Zhang | EarArray: Defending against DolphinAttack via Acoustic Attenuation | NDSS 2021 | PPT |
| Haotian Hu | A Generic Technique for Automatically Finding Defense-Aware Code Reuse Attacks | CCS 2020 | PPT | |
| 3.19 | Binhan Xi | Security Analysis of the Democracy Live Online Voting System | USENIX 2021 | PPT |
| 3.26 | Ruoxu Yang | Security of GPS/INS based On-road Location Tracking Systems | NDSS 2019 | PPT |
| Suibin Sun | DNS Cache Poisoning Attack Reloaded: Revolutions with Side Channels | CCS 2020 | PPT | |
| 4.2 | Chengyong-xiao Wei | PrivacyFlash Pro: Automating Privacy Policy Generation for Mobile Apps | NDSS 2021 | PPT |
| 4.9 | Hui Liu | Mind Your Weight(s): A Large-scale Study on Insufficient Machine Learning Model Protection in Mobile APPs | USENIX 2021 | |
| Ya Fang | PriSEC: A Privacy Settings Enforcement Controller | USENIX 2021 | PPT | |
| 4.16 | Youqun Li | Tales of Favicons and Caches: Persistent Tracking in Modern Browsers | NDSS 2021 | PPT |
| 4.23 | Yuxia Zhan | Secure Multi User Content Sharing for Augmented Reality Applications | USENIX 2019 | PPT |
| 5.14 | Yan Meng | Securing Voice Interface via Ubiquitous Wireless Sensing | PPT | |
| 5.21 | Shaofeng Li | Stealthy Backdoors as Compression Artifacts | PPT | |
| Tong Zhu | Understanding and Detecting International Revenue Share Fraud | NDSS 2021 | PPT | |
| 5.28 | Brandon Falk | Self-Illusion: A Study on Cognition of Role-Playing in Immersive Virtual Environments | ||
| Jiachun Li | Recent Focus in IoT (Internet of Things) | PPT | ||
| 6.4 | Le Yu | R2DP: A Universal and Automated Approach to Optimizing the Randomization Mechanisms of Differential Privacy for Utility Metrics with No Known Optimal Distributions | CCS 2020 | PPT |
Fall 2020
| Date | Speaker | Title | Conference | Download |
| 9.11 | Le Zhang | Chaperone: Real-time Locking and Loss Prevention for Smartphones | USENIX 2020 | PPT |
| Haotian Hu | Towards HTTPS Everywhere on Android: We Are Not There Yet | USENIX 2020 | PPT | |
| 9.18 | Binhan Xi | TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applicaitons | NDSS 2020 | PPT |
| 9.25 | Le Yu | Sufficient Statistics | RAR | |
| Jiachun Li | Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems | USENIX 2020 | PPT | |
| 10.9 | Youqun Li | Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses | S&P 2020 | PPT |
| 10.16 | Shaofeng Li | Information Leakage in Embedding Models | CCS 2020 | |
| Brandon Falk | OcuLock: Exploring Human Visual Systemfor Authentication in Virtual RealityHead-mounted Display | NDSS 2021 | ||
| 10.23 | Yan Meng | Thwarting Replay Attacks and Their Defects | PPT | |
| 10.30 | Suibin Sun | Impersonation-as-a-Service: Characterizing the Emerging Criminal Infrastructure for User Impersonation at Scale | CCS 2020 | PPT |
| Ruoxu Yang | Drift with Devil: Security of Multi-Sensor Fusion based Localization in High-Level Autonomous Driving under GPS Spoofing | USENIX 2020 | ||
| 11.6 | Lu Zhou | Plug N Pwned : Comprehensive Vulnerability Analysis of OBD II Dongles as A New Over the Air Attack Surface in Automotive IoT | USENIX 2020 | |
| 11.13 | Yichi Zhang | Brainstorm Section | ||
| Chengyongxiao Wei | From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security | USENIX 2020 | ||
| 11.20 | Tong Zhu | FIRMSCOPE: Automatic Uncovering of Privilege-Escalation Vulnerabilities in Pre-Installed Apps in Android Firmware | USENIX 2020 | |
| 11.27 | Hui Liu | Adversarial Semantic Collisions | EMNLP 2020 | PPT |
Spring 2020
| Date | Speaker | Title | Conference | Download |
| 2.14 | Lei Zhang | Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving | CCS 2020 | PPT |
| Yichi Zhang | MadDroid: Characterizing and Detecting Devious Ad Contents for Android Apps | i3w 2020 | ||
| 2.21 | Xinyu Wang | Neural Network Inversionin Adversarial Setting via Background Knowledge Alignment | CCS 2019 | |
| Chengyongxiao Wei | (Un)informed Consent: Studying GDPR Consent Notices in the Field | CCS 2019 | PPT | |
| 2.28 | Ke Tang | What Are You Searching For? A Remote Keylogging Attack on Search Engine Autocomplete | USENIX 2019 | PPT |
| Le Yu | Location Privacy Protection in Vehicle-Based Spatial Crowdsourcing via Geo-Indistinguishability | ICDCS 2019 | PPT | |
| 3.6 | Shaofeng Li | Humpty Dumpty: Controlling Word Meanings via Corpus Poisoning* | Okland 2020 | PPT |
| Lu Zhou | EASI: Edge-Based Sender Identification on Resource-Constrained Platforms for Automotive Networks | NDSS2020 | PPT | |
| 3.13 | Suibin Sun | Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals | NDSS2020 | PPT |
| Tong Zhu | FraudDroid: Automated Ad Fraud Detection for Android APP | ESEC/FSE 2018 | PPT | |
| 3.20 | Ruoxu Yang | All Your GPS Are Belong To Us: Towards Stealthy Manipulation of Road Navigation Systems | USENIX 2018 | PPT |
| Jinlei Li | PEEVES: Physical Event Verification in Smart Homes | CCS 2019 | PPT | |
| 4.3 | Brandon Falk | Novel Encryption Method of GPS Information in Image File Using Format-preserving Encryption | IMIS 2019 | |
| Yixiao Fei | Privacy Risks of Securing Machine Learning Models against Adversarial Examples | CCS 2019 | PPT | |
| 4.10 | Jiachun Li | PDVocal: Towards Privacy-preserving Parkinson’s Disease Detection using Non-speech Body Sounds | Mobicom 2019 | PPT |
| Peilin Wu | Beyond Digital Domain: Fooling Deep learning Based Recognition System in Physical World | AAAI 2020 | PPT | |
| 5.1 | Shufan Zhang | A Brief Tutorial on Sparse Vector Technique | ||
| Binhan Xi | Learning-based Practical Smartphone Eavesdropping with Built-in Accelerometer | NDSS 2020 | PPT | |
| 5.8 | Lu Yan | ParmeSan: Sanitizer-guided Greybox Fuzzing | USENIX 2020 | |
| Haotian Hu | Encrypted DNS =⇒ Privacy? A Traffic Analysis Perspective | NDSS 2020 | PPT | |
| 5.22 | Jiahao Yu | Certified Robustness to Adversarial Examples with Differential Privacy | S&P 2019 | PPT |
| Hui Liu | Universal Adversarial Training | CVPR 2017 | PPT | |
| 5.29 | Ren Zhou | Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms | USENIX 2019 | PPT |
Autumn 2019
| Date | Speaker | Title | Conference | Download |
| 10.11 | Ruoxu Yang | ORide: APrivacy-PreservingyetAccountableRide-HailingService | USENIX 2017 | PPT |
| Suibin Sun | Business Email Phishing Detection and Characterizing | USENIX 2019 | PPT | |
| 10.18 | Jinlei Li | Looking from the Mirror: Evaluating IoT Device Security through Mobile Companion Apps | USENIX 2019 | PPT |
| Brandon Falk | Data-Intensive Routing in Delay-Tolerant Networks | INFOCOM 2019 | PPT | |
| 10.25 | Yixiao Fei | Cache Telepathy: Leveraging Shared Resource Attacks to Learn DNN Architectures | USENIX 2020 | PPT |
| Chengyongxiao Wei | Hearst Patterns Revisited: Automatic Hypernym Detection from Large Text Corpora | ACL 2018 | ||
| 11.1 | Peilin Wu | Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning | Okland 2020 | PPT |
| Brandon Falk | VoicePop: A Pop Noise based Anti-spoofing System for Voice Authentication on Smartphones | INFOCOM 2019 | ||
| 11.15 | Suibin Sun | Multi-view clustering and evaluations | PPT | |
| Binhan Xi | Understanding Black-box Predictions via Influence Functions | ICML 2017 | ||
| 11.22 | Lei Zhang | Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable Systems | PPT | |
| Lu Yan | ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery | INFOCOM 2019 | ||
| 11.29 | Yichi Zhang | Understanding IOS-based Crowdturfing Through Hidden UI Analysis | USENIX 2019 | PPT |
| Xinyu Wang | Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning | |||
| 12.6 | Zichang Wang | LibreCAN: Automated CAN Message Translator | CCS 2019 | PPT |
| Le Yu | All Your Clicks Belong to Me: Investigating Click Interception on the Web | USENIX 2019 |
Spring 2019
| Date | Speaker | Title | Conference | Download |
| 3.14 | Jinlei Li | Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services | NDSS 2019 | PPT PDF |
| Suibin Sun | Yet Another Text Captcha Solver:A Generative Adversarial Network Based Approach | CCS 2018 | PPT | |
| 3.21 | Peilin Wu | ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android | CCS 2018 | PPT |
| Shaofeng Li | Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks | IEEE S&P 2019 | PPT | |
| 3.28 | Xinyu Wang | ML-Leaks: Model and Data Independent Membership Inference Attacks and Defenses on Machine Learning Models | NDSS 2019 | PPT |
| Tong Zhu | MAPS: Scaling Privacy Compliance Analysis to a Million Apps | PoPETs 2019 | PPT | |
| 4.4 | Yan Meng | Geo-locating Drivers: A Study of Sensitive Data Leakage in Ride-Hailing Services | NDSS 2019 | PPT |
| Yichi Zhang | Do Android Taint Analysis Tool Keep their Promises? | ESEC/FSE 2018 | PPT | |
| 4.11 | Tong Zhu | Can We Trust the Privacy Policies of Android Apps? | DSN 2016 | PPT |
| Suibin Sun | Yet Another Text Captcha Solver: A Generative Adversarial Network Based Approach | CCS 2018 | PPT | |
| 4.18 | Ke Tang | IoTGuard Dynamic Enforcement of Security and Safety Policy in Commodity IoT | NDSS 2019 | PPT |
| Lu Yan | Exploiting Unintended Feature Leakage in Collaborative Learning | IEEE S&P 2018 | PPT | |
| 4.25 | Le Yu | Differential Privacy | PPT | |
| Yichi Zhang | A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through AppleWireless Direct Link (AWDL) | USENIX 2019 | PPT | |
| 5.2 | Chong Xiang | No-Jump-into-Latency in China’s Internet! Toward Last-Mile Hop Count Based IP Geo-localization | IWQoS 2019 | PPT |
| 5.9 | Zichang Wang | Detecting Attacks Against Robotic Vehicles: A Control Invariant Approach | CCS 2018 | PPT |
| Ruoxu Yang | On the Economics of Offline Password Cracking | IEEE S&P 2018 | PPT |