My Publications

Following is a list of of my published papers. The provided copies are only your own study and research, and should not be used fcommercial purposes.

For citation information, you may refer to my Google Scholar page.

You can also visit my DBLP page for a list of my published papers.

Note:

  1. in follwoing list, the authors denoted with a start * are either my PhD students, Research Assistants, Final Year Project Students, or Visiting Students.

  2. Some download links are broken. I will fix it soon.

Refereed Journal Papers

  1. Jiongyi Chen*, Fenghao Xu*, Shuaike Dong*, Wei Sun*, and Kehuan Zhang. Authorisation inconsistency in iot third­party integration. IET Inf. Secur., 16(2):133–143, 2022. PDF
    doi:10.1049/ise2.12043

  2. Linjun Wu, Yupeng Hu, Kehuan Zhang, Wenjia Li, Xiaolin Xu, and Wanli Chang. FLAM­PUF: A response­feedback­based lightweight anti­machine­learning­attack PUF. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst., 41(11):4433–4444, 2022. PDF
    doi:10.1109/TCAD.2022.3197696

  3. Yang Liu, Ting Liu, Hong Sun*, Kehuan Zhang, and Pengfei Liu. Hidden electricity theft by exploiting multiple­pricing scheme in smart grids. IEEE Trans. Inf. Forensics Secur., 15:2453–2468, 2020. PDF
    doi:10.1109/TIFS.2020.2965276

  4. Jixin Zhang*, Zheng Qin, Hui Yin, Lu Ou, and Kehuan Zhang. A feature­hybrid malware variants detection using CNN based opcode embedding and BPNN based API embedding. Comput. Secur., 84:376–392, 2019. PDF
    doi:10.1016/j.cose.2019.04.005

  5. Rui Liu*, Junbin Liang, Jiannong Cao, Kehuan Zhang, Wenyu Gao, Lei Yang, and Ruiyun Yu. Understanding mobile users’ privacy expectations: A recommendation­based method through crowdsourcing. IEEE Trans. Serv. Comput., 12(2):304–318, 2019. PDF
    doi:10.1109/TSC.2016.2636285

  6. Jixin Zhang*, Zheng Qin, Kehuan Zhang, Hui Yin, and Jingfu Zou. Dalvik opcode graph based android malware variants detection using global topology features. IEEE Access, 6:51964–51974, 2018. PDF
    doi:10.1109/ACCESS.2018.2870534

  7. Jixin Zhang*, Kehuan Zhang, Zheng Qin, Hui Yin, and Qixin Wu. Sensitive system calls based packed malware variants detection using principal component initialized multilayers neural networks. Cybersecur., 1(1):10, 2018. PDF
    doi:10.1186/s42400-018-0010-y

  8. Wenrui Diao*, Rui Liu*, Xiangyu Liu*, Zhe Zhou*, Zhou Li, and Kehuan Zhang. Accessing mobile user’s privacy based on IME personalization: Understanding and practical attacks. J. Comput. Secur., 26(3):283–309, 2018. PDF
    doi:10.3233/JCS-16909

  9. Rui Liu*, Jiannong Cao, Kehuan Zhang, Wenyu Gao, Junbin Liang, and Lei Yang. When privacy meets usability: Unobtrusive privacy permission recommendation system for mobile apps based on crowdsourcing. IEEE Trans. Serv. Comput., 11(5):864–878, 2018. PDF
    doi:10.1109/TSC.2016.2605089

  10. Zhe Zhou*, Wenrui Diao*, Xiangyu Liu*, Zhou Li, Kehuan Zhang, and Rui Liu*. Vulnerable GPU memory management: Towards recovering raw data from GPU. Proc. Priv. Enhancing Technol., 2017(2):57–73, 2017. PDF
    doi:10.1515/popets-2017-0016

Refereed Conference Papers

  1. Rui Li*, Wenrui Diao, Shishuai Yang, Xiangyu Liu, Shanqing Guo, and Kehuan Zhang. Lost in conversion: Exploit data structure conversion with attribute loss to break android systems. In 32nd USENIX Security Symposium (USENIX Security 23), Anaheim, CA, August 2023. USENIX Association. Top conference. PDF or USENIX website

  2. Fan Yang*, Jiacen Xu*, Chunlin Xiong, Zhou Li, and Zhang Kehuan. PROGRAPHER: An anomaly detection system based on provenance graph embedding. In 32nd USENIX Security Symposium (USENIX Security 23), Anaheim, CA, August 2023. USENIX Association. Top conference. PDF or USENIX website

  3. Kong Huang*, YuTong Zhou*, Ke Zhang*, Jiacen Xu*, Chen Jiongyi, Tang Di, and Zhang Kehuan. HOMESPY: The invisible sniffer of infrared remote control of smart TVs. In 32nd USENIX Security Symposium (USENIX Security 23), Anaheim, CA, August 2023. USENIX Association. Top conference. PDF or USENIX website

  4. Xing Zhang, Jiongyi Chen*, Chao Feng, Ruilin Li, Wenrui Diao*, Kehuan Zhang, Jing Lei, and Chaojing Tang. Default: Mutual information­based crash triage for massive crashes. In 44th IEEE/ACM 44th International Conference on Software Engineering, ICSE 2022, Pittsburgh, PA, USA, May 25­27, 2022, pages 635–646. ACM, 2022. Top conference. PDF
    doi:10.1145/3510003.3512760

  5. Menghan Sun*, Zirui Song*, Xiaoxi Ren, Daoyuan Wu, and Kehuan Zhang. Lica: A fine­grained and path­sensitive linux capability analysis framework. In 25th International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2022, Limassol, Cyprus, October 26­28, 2022, pages 364–379. ACM, 2022. PDF
    doi:10.1145/3545948.3545966

  6. Jianqi Du, Fenghao Xu*, Chennan Zhang, Zidong Zhang, Xiaoyin Liu, Pengcheng Ren, Wenrui Diao*, Shanqing Guo, and Kehuan Zhang. Identifying the BLE misconfigurations of iot devices through companion mobile apps. In 19th Annual IEEE International Conference on Sensing, Communication, and Networking, SECON 2022, Stockholm, Sweden, September 20­23, 2022, pages 343–351. IEEE, 2022. PDF
    doi:10.1109/SECON55815.2022.9918597

  7. Xiao Yi*, Daoyuan Wu, Lingxiao Jiang, Yuzhou Fang, Kehuan Zhang, and Wei Zhang. An empirical study of blockchain system vulnerabilities: modules, types, and patterns. In Abhik Roychoudhury, Cristian Cadar, and Miryung Kim, editors, Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE 2022, Singapore, Singapore, November 14­18, 2022, pages 709–721. ACM, 2022. PDF
    doi:10.1145/3540250.3549105

  8. Fenghao Xu*, Siyu Shen*, Wenrui Diao*, Zhou Li, Yi Chen*, Rui Li, and Kehuan Zhang. Android on PC: on the security of end­user android emulators. In Yongdae Kim, Jong Kim, Giovanni Vigna, and Elaine Shi, editors, CCS ’21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15 ­ 19, 2021, pages 1566–1580. ACM, 2021. Top conference. PDF
    doi:10.1145/3460120.3484774

  9. Zhaoyang Lyu*, Minghao Guo, Tong Wu, Guodong Xu, Kehuan Zhang, and Dahua Lin. Towards evaluating and training verifiably robust neural networks. In IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2021, virtual, June 19­25, 2021, pages 4308–4317. Computer Vision Foundation / IEEE, 2021. Top conference. PDF, or CVPR website
    doi:10.1109/CVPR46437.2021.00429

  10. Di Tang*, XiaoFeng Wang, Haixu Tang, and Kehuan Zhang. Demon in the variant: Statistical analysis of dnns for robust backdoor contamination detection. In Michael Bailey and Rachel Greenstadt, editors, 30th USENIX Security Symposium, USENIX Security 2021, August 11­13, 2021, pages 1541–1558. USENIX Association, 2021. Top conference. PDF

  11. Shuaike Dong*, Zhou Li, Di Tang*, Jiongyi Chen*, Menghan Sun*, and Kehuan Zhang. Your smart home can’t keep a secret: Towards automated fingerprinting of iot traffic. In Hung­Min Sun, Shiuh­Pyng Shieh, Guofei Gu, and Giuseppe Ateniese, editors, ASIA CCS ’20: The 15th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, October 5­9, 2020, pages 47–59. ACM, 2020. PDF
    doi:10.1145/3320269.3384732

  12. Jiongyi Chen*, Chaoshun Zuo, Wenrui Diao*, Shuaike Dong*, Qingchuan Zhao, Menghan Sun*, Zhiqiang Lin, Yinqian Zhang, and Kehuan Zhang. Your iots are (not) mine: On the remote binding between iot devices and users. In 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2019, Portland, OR, USA, June 24­27, 2019, pages 222–233. IEEE, 2019. PDF
    doi:10.1109/DSN.2019.00034

  13. Fenghao Xu*, Wenrui Diao*, Zhou Li, Jiongyi Chen*, and Kehuan Zhang. Badbluetooth: Breaking android security mechanisms via malicious bluetooth peripherals. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24­27, 2019. The Internet Society, 2019. Top conference. PDF, or NDSS homepage

  14. Jiongyi Chen*, Menghan Sun*, and Kehuan Zhang. Security analysis of device binding for ip­based iot devices. In IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom Workshops 2019, Kyoto, Japan, March 11­15, 2019, pages 900–905. IEEE, 2019. PDF
    doi:10.1109/PERCOMW.2019.8730580

  15. Li Zhang, Jiongyi Chen*, Wenrui Diao*, Shanqing Guo, Jian Weng, and Kehuan Zhang. Cryptorex: Large­scale analysis of cryptographic misuse in iot devices. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019, Chaoyang District, Beijing, China, September 23­25, 2019, pages 151–164. USENIX Association, 2019. PDF

  16. Wenrui Diao*, Yue Zhang, Li Zhang, Zhou Li, Fenghao Xu*, Xiaorui Pan, Xiangyu Liu*, Jian Weng, Kehuan Zhang, and XiaoFeng Wang. Kindness is a risky business: On the usage of the accessibility apis in android. In 22nd International Symposium on Research in Attacks, Intrusions and Defenses, RAID 2019, Chaoyang District, Beijing, China, September 23­25, 2019, pages 261–275. USENIX Association, 2019. PDF

  17. Kan Yuan, Di Tang*, Xiaojing Liao, XiaoFeng Wang, Xuan Feng, Yi Chen, Menghan Sun*, Haoran Lu, and Kehuan Zhang. Stealthy porn: Understanding real­world adversarial images for illicit online promotion. In 2019 IEEE Symposium on Security and Privacy, SP 2019, San Francisco, CA, USA, May 19­23, 2019, pages 952–966. IEEE, 2019. Top conference. PDF
    doi:10.1109/SP.2019.00032

  18. Zhe Zhou*, Di Tang*, Wenhao Wang, Xiaofeng Wang, Zhou Li, and Kehuan Zhang. Beware of your screen: Anonymous fingerprinting of device screens for off­line payment protection. In Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03­07, 2018, pages 77–88. ACM, 2018. PDF
    doi:10.1145/3274694.3274721

  19. Jiongyi Chen*, Wenrui Diao*, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun*, Ronghai Yang, and Kehuan Zhang. Iotfuzzer: Discovering memory corruptions in iot through app­based fuzzing. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18­21, 2018. The Internet Society, 2018. Top conference. PDF

  20. Di Tang*, Zhe Zhou*, Yinqian Zhang, and Kehuan Zhang. Face flashing: a secure liveness detection protocol based on light reflections. In 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18­21, 2018. The Internet Society, 2018. Top conference. PDF

  21. Shuaike Dong*, Menghao Li, Wenrui Diao*, Xiangyu Liu*, Jian Liu, Zhou Li, Fenghao Xu*, Kai Chen, Xiaofeng Wang, and Kehuan Zhang. Understanding android obfuscation techniques: A large­scale investigation in the wild. In Raheem Beyah, Bing Chang, Yingjiu Li, and Sencun Zhu, editors, Security and Privacy in Communication Networks ­ 14th International Conference, SecureComm 2018, Singapore, August 8­10, 2018, Proceedings, Part I, volume 254 of Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, pages 172–192. Springer, 2018. PDF
    doi:10.1007/978-3-030-01701-9_10

  22. Ronghai Yang, Wing Cheong Lau, Jiongyi Chen*, and Kehuan Zhang. Vetting single sign­on SDK implementations via symbolic reasoning. In William Enck and Adrienne Porter Felt, editors, 27th USENIX Security Symposium, USENIX Security 2018, Baltimore, MD, USA, August 15­17, 2018, pages 1459–1474. USENIX Association, 2018. Top conference. PDF

  23. Zhe Zhou*, Zhou Li, and Kehuan Zhang. All your vms are disconnected: Attacking hardware virtualized network. In Gail­Joon Ahn, Alexander Pretschner, and Gabriel Ghinita, editors, Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, CODASPY 2017, Scottsdale, AZ, USA, March 22­24, 2017, pages 249–260. ACM, 2017. PDF
    doi:10.1145/3029806.3029810

  24. Xiaolong Bai, Zhe Zhou*, XiaoFeng Wang, Zhou Li, Xianghang Mi, Nan Zhang, Tongxin Li, Shi­Min Hu, and Kehuan Zhang. Picking up my tab: Understanding and mitigating synchronized token lifting and spending in mobile payment. In Engin Kirda and Thomas Ristenpart, editors, 26th USENIX Security Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16­18, 2017, pages 593–608. USENIX Association, 2017. Top conference. PDF

  25. Zhe Zhou*, Tao Zhang, Sherman S. M. Chow, Yupeng Zhang, and Kehuan Zhang. Efficient authenticated multi­pattern matching. In Xiaofeng Chen, XiaoFeng Wang, and Xinyi Huang, editors, Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 ­ June 3, 2016, pages 593–604. ACM, 2016. PDF
    doi:10.1145/2897845.2897906

  26. Ronghai Yang, Guanchen Li, Wing Cheong Lau, Kehuan Zhang, and Pili Hu. Model­based security testing: An empirical study on oauth 2.0 implementations. In Xiaofeng Chen, XiaoFeng Wang, and Xinyi Huang, editors, Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, May 30 ­ June 3, 2016, pages 651–662. ACM, 2016. PDF
    doi:10.1145/2897845.2897874

  27. Yannan Liu, Lingxiao Wei, Zhe Zhou*, Kehuan Zhang, Wenyuan Xu, and Qiang Xu. On code execution tracking via power side­channel. In Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi, editors, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24­28, 2016, pages 1019–1031. ACM, 2016. Top conference. PDF
    doi:10.1145/2976749.2978299

  28. Wenrui Diao*, Xiangyu Liu*, Zhou Li, and Kehuan Zhang. No pardon for the interruption: New inference attacks on android through interrupt timing analysis. In IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22­26, 2016, pages 414–432. IEEE Computer Society, 2016. Top conference. PDF
    doi:10.1109/SP.2016.32

  29. Kun Du, Hao Yang, Zhou Li, Hai­Xin Duan, and Kehuan Zhang. The ever­changing labyrinth: A large­scale analysis of wildcard DNS powered blackhat SEO. In Thorsten Holz and Stefan Savage, editors, 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10­12, 2016, pages 245–262. USENIX Association, 2016. Top conference. PDF

  30. Wenrui Diao*, Xiangyu Liu*, Zhou Li, and Kehuan Zhang. Evading android runtime analysis through detecting programmed interactions. In Matthias Hollick, Panos Papadimitratos, and William Enck, editors, Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, WISEC 2016, Darmstadt, Germany, July 18­22, 2016, pages 159–164. ACM, 2016. PDF
    doi:10.1145/2939918.2939926

  31. Xiangyu Liu*, Zhe Zhou*, Wenrui Diao*, Zhou Li, and Kehuan Zhang. When good becomes evil: Keystroke inference with smartwatch. In Indrajit Ray, Ninghui Li, and Christopher Kruegel, editors, Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12­16, 2015, pages 1273–1285. ACM, 2015. Top conference. PDF
    doi:10.1145/2810103.2813668

  32. Wenrui Diao*, Xiangyu Liu*, Zhe Zhou*, Kehuan Zhang, and Zhou Li. Mind­reading: Privacy attacks exploiting cross­app keyevent injections. In Günther Pernul, Peter Y. A. Ryan, and Edgar R. Weippl, editors, Computer Security ­ ESORICS 2015 ­ 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21­25, 2015, Proceedings, Part II, volume 9327 of Lecture Notes in Computer Science, pages 20–39. Springer, 2015. PDF
    doi:10.1007/978-3-319-24177-7_2

  33. Rui Liu*, Jiannong Cao, Lei Yang, and Kehuan Zhang. Priwe: Recommendation for privacy settings of mobile apps based on crowdsourced users’ expectations. In Onur Altintas and Jia Zhang, editors, 2015 IEEE International Conference on Mobile Services, MS 2015, New York City, NY, USA, June 27 ­ July 2, 2015, pages 150–157. IEEE Computer Society, 2015. PDF
    doi:10.1109/MobServ.2015.30

  34. Xiangyu Liu*, Zhe Zhou*, Wenrui Diao*, Zhou Li, and Kehuan Zhang. An empirical study on android for saving non­shared data on public storage. In Hannes Federrath and Dieter Gollmann, editors, ICT Systems Security and Privacy Protection ­ 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26­28, 2015, Proceedings, volume 455 of IFIP Advances in Information and Communication Technology, pages 542–556. Springer, 2015. PDF
    doi:10.1007/978-3-319-18467-8_36

  35. Wenrui Diao*, Xiangyu Liu*, Zhe Zhou*, and Kehuan Zhang. Your voice assistant is mine: How to abuse speakers to steal information and control your phone. In Cliff Wang, Dijiang Huang, Kapil Singh, and Zhenkai Liang, editors, Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, SPSM@CCS 2014, Scottsdale, AZ, USA, November 03 ­ 07, 2014, pages 63–74. ACM, 2014. PDF
    doi:10.1145/2666620.2666623

  36. Zhe Zhou*, Wenrui Diao*, Xiangyu Liu*, and Kehuan Zhang. Acoustic fingerprinting revisited: Generate stable device ID stealthily with inaudible sound. In Gail­Joon Ahn, Moti Yung, and Ninghui Li, editors, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3­7, 2014, pages 429–440. ACM, 2014. Top conference. PDF
    doi:10.1145/2660267.2660300

  37. Zhou Li, Kehuan Zhang, Yinglian Xie, Fang Yu, and XiaoFeng Wang. Knowing your enemy: understanding and detecting malicious web advertising. In Ting Yu, George Danezis, and Virgil D. Gligor, editors, the ACM Conference on Computer and Communications Security, CCS’12, Raleigh, NC, USA, October 16­18, 2012, pages 674–686. ACM, 2012. Top conference. PDF
    doi:10.1145/2382196.2382267

  38. Kehuan Zhang, Xiao­yong Zhou, Yangyi Chen, XiaoFeng Wang, and Yaoping Ruan. Sedic: privacy­aware data intensive computing on hybrid clouds. In Yan Chen, George Danezis, and Vitaly Shmatikov, editors, Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17­21, 2011, pages 515–526. ACM, 2011. Top conference. PDF
    doi:10.1145/2046707.2046767

  39. Roman Schlegel, Kehuan Zhang, Xiao­yong Zhou, Mehool Intwala, Apu Kapadia, and XiaoFeng Wang. Soundcomber: A stealthy and context­aware sound trojan for smartphones. In Proceedings of the Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, 6th February ­ 9th February 2011. The Internet Society, 2011. Top conference. PDF

  40. Kehuan Zhang, Zhou Li, Rui Wang, XiaoFeng Wang, and Shuo Chen. Sidebuster: automated detection and quantification of side­channel leaks in web application development. In Ehab Al­Shaer, Angelos D. Keromytis, and Vitaly Shmatikov, editors, Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4­8, 2010, pages 595–606. ACM, 2010. Top conference. PDF
    doi:10.1145/1866307.1866374

  41. Zhou Li, Kehuan Zhang, and XiaoFeng Wang. Mash­if: Practical information­flow control within client­side mashups. In Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2010, Chicago, IL, USA, June 28 ­ July 1 2010, pages 251–260. IEEE Computer Society, 2010. PDF
    doi:10.1109/DSN.2010.5544312

  42. Shuo Chen, Rui Wang, XiaoFeng Wang, and Kehuan Zhang. Side­channel leaks in web applications: A reality today, a challenge tomorrow. In 31st IEEE Symposium on Security and Privacy, S&P 2010, 16­19 May 2010, Berleley/Oakland, California, USA, pages 191–206. IEEE Computer Society, 2010. Top conference. PDF
    doi:10.1109/SP.2010.20

  43. Kehuan Zhang and XiaoFeng Wang. Peeping tom in the neighborhood: Keystroke eavesdropping on multi­user systems. In Fabian Monrose, editor, 18th USENIX Security Symposium, Montreal, Canada, August 10­14, 2009, Proceedings, pages 17–32. USENIX Association, 2009. Top conference. PDF

  44. Rui Wang, XiaoFeng Wang, Kehuan Zhang, and Zhuowei Li. Towards automatic reverse engineering of software security configurations. In Peng Ning, Paul F. Syverson, and Somesh Jha, editors, Proceedings of the 2008 ACM Conference on Computer and Communications Security, CCS 2008, Alexandria, Virginia, USA, October 27­31, 2008, pages 245–256. ACM, 2008. Top conference. PDF
    doi:10.1145/1455770.1455802

Book Chapters

  1. Book Chapter: Xiaoxi Ren, Zhe Zhou, Di Tang, Kehuan Zhang. Security implications of non­digital components. DOI: DOI: 10.1049/PBCS066E_ch10. In book: ”Frontiers in hardware security and trust theory, design and practice”, ISBN:9781785619281, published by The Institution of Engineering and Technology in 2020. Link to chapter page

  2. Book Chapter: Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, Kehuan Zhang. An Empirical Study on Android for Saving Non­shared Data on Public Storage. Chapter 5 of ”Protecting Mobile Networks and Devices: Challenges and Solutions”. Auerbach Publications (November 17, 2016). ISBN­10: 1498735835, ISBN­13: 978­1498735834. Notes: Contribution: 50% Link to Google Book Page

Non-Referreed Papers published on arXiv.org

This list is for your reference only, as new versions of the papers listed below may have already been accepted or published as journal/conference papers.

  1. Hui Liu*, Bo Zhao, Kehuan Zhang, and Peng Liu. Nowhere to hide: A lightweight unsupervised detector against adversarial examples. CoRR, abs/2210.08579, 2022. PDF arXiv:2210.08579,
    doi:10.48550/arXiv.2210.08579

  2. Zhaoyang Lyu*, Minghao Guo, Tong Wu, Guodong Xu, Kehuan Zhang, and Dahua Lin. Towards evaluating and training verifiably robust neural networks. CoRR, abs/2104.00447, 2021. PDF or arXiv website, arXiv:2104.00447

  3. Xiao Yi*, Daoyuan Wu, Lingxiao Jiang, Kehuan Zhang, and Wei Zhang. Diving into blockchain’s weaknesses: An empirical study of blockchain system vulnerabilities. CoRR, abs/2110.12162, 2021. Top conference. PDF, or arXiv website, arXiv:2110.12162

  4. Di Tang*, Xiaofeng Wang, Haixu Tang, and Kehuan Zhang. Demon in the variant: Statistical analysis of dnns for robust backdoor contamination detection. CoRR, abs/1908.00686, 2019. PDF or arXiv website, arXiv:1908.00686

  5. Shuaike Dong*, Zhou Li, Di Tang*, Jiongyi Chen*, Menghan Sun*, and Kehuan Zhang. Your smart home can’t keep a secret: Towards automated fingerprinting of iot traffic with neural networks. CoRR, abs/1909.00104, 2019. PDF or arXiv website, arXiv:1909.00104

  6. Shuaike Dong*, Menghao Li, Wenrui Diao*, Xiangyu Liu*, Jian Liu, Zhou Li, Fenghao Xu*, Kai Chen, Xiaofeng Wang, and Kehuan Zhang. Understanding android obfuscation techniques: A large­scale investigation in the wild. CoRR, abs/1801.01633, 2018. PDF or arXiv website, arXiv:1801.01633

  7. Di Tang*, Zhe Zhou*, Yinqian Zhang, and Kehuan Zhang. Face flashing: a secure liveness detection protocol based on light reflections. CoRR, abs/1801.01949, 2018. PDF or arXiv website, arXiv:1801.01949

  8. Di Tang*, XiaoFeng Wang, and Kehuan Zhang. Query­free attacks on industry­grade face recognition systems under resource constraints. CoRR, abs/1802.09900, 2018. PDF or arXiv website, arXiv:1802.09900

  9. Zhe Zhou*, Di Tang*, Xiaofeng Wang, Weili Han, Xiangyu Liu*, and Kehuan Zhang. Invisible mask: Practical attacks on face recognition with infrared. CoRR, abs/1803.04683, 2018. PDF or arXiv website, arXiv:1803.04683

  10. Nan Zhang, Soteris Demetriou, Xianghang Mi, Wenrui Diao*, Kan Yuan, Peiyuan Zong, Feng Qian, XiaoFeng Wang, Kai Chen, Yuan Tian, Carl A. Gunter, Kehuan Zhang, Patrick Tague, and Yue­Hsun Lin. Understanding iot security through the data crystal ball: Where we are now and where we are going to be. CoRR, abs/1703.09809, 2017. PDF or arXiv website, arXiv:1703.09809

  11. Zhe Zhou*, Wenrui Diao*, Xiangyu Liu*, Zhou Li, Kehuan Zhang, and Rui Liu*. Vulnerable GPU memory management: Towards recovering raw data from GPU. CoRR, abs/1605.06610, 2016. PDF or arXiv website, arXiv:1605.06610

  12. Zhe Zhou*, Wenrui Diao*, Xiangyu Liu*, and Kehuan Zhang. Acoustic fingerprinting revisited: Generate stable device ID stealthy with inaudible sound. CoRR, abs/1407.0803, 2014. PDF or arXiv website, arXiv:1407.0803

  13. Wenrui Diao*, Xiangyu Liu*, Zhe Zhou*, and Kehuan Zhang. Your voice assistant is mine: How to abuse speakers to steal information and control your phone. CoRR, abs/1407.4923, 2014. PDF or arXiv website, arXiv:1407.4923

  14. Xiangyu Liu*, Wenrui Diao*, Zhe Zhou*, Zhou Li, and Kehuan Zhang. Gateless treasure: How to get sensitive information from unprotected external storage on android phones. CoRR, abs/1407.5410, 2014. PDF or arXiv website, arXiv:1407.5410