Yinzhi Cao

Orcid: 0000-0002-9618-4830

According to our database1, Yinzhi Cao authored at least 79 papers between 2010 and 2024.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

On csauthors.net:

Bibliography

2024
Identified-and-Targeted: The First Early Evidence of the Privacy-Invasive Use of Browser Fingerprinting for Online Tracking.
CoRR, 2024

AuthNet: Neural Network with Integrated Authentication Logic.
CoRR, 2024

Assessing Cybersecurity Vulnerabilities in Code Large Language Models.
CoRR, 2024

TrustLLM: Trustworthiness in Large Language Models.
CoRR, 2024

SneakyPrompt: Jailbreaking Text-to-image Generative Models.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Undefined-oriented Programming: Detecting and Chaining Prototype Pollution Gadgets in Node.js Template Engines for Malicious Consequences.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Withdrawing is believing? Detecting Inconsistencies between Withdrawal Choices and Third-party Data Collections in Mobile Apps.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Showcasing the Threat of Scalable Generative AI Disinformation through Social Media Simulation.
Proceedings of the IEEE INFOCOM 2024, 2024

RogueOne: Detecting Rogue Updates via Differential Data-flow Analysis Using Trust Domains.
Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, 2024


RippleCOT: Amplifying Ripple Effect of Knowledge Editing in Language Models via Chain-of-Thought In-Context Learning.
Proceedings of the Findings of the Association for Computational Linguistics: EMNLP 2024, 2024

PFEDEDIT: Personalized Federated Learning via Automated Model Editing.
Proceedings of the Computer Vision - ECCV 2024, 2024

Follow the Rules: Reasoning for Video Anomaly Detection with Large Language Models.
Proceedings of the Computer Vision - ECCV 2024, 2024

ReactAppScan: Mining React Application Vulnerabilities via Component Graph.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

PLeak: Prompt Leaking Attacks against Large Language Model Applications.
Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2024

2023
FlowCog: Context-Aware Semantic Extraction and Analysis of Information Flow Leaks in Android Apps.
IEEE Trans. Mob. Comput., November, 2023

Slowing Down the Aging of Learning-Based Malware Detectors With API Knowledge.
IEEE Trans. Dependable Secur. Comput., 2023

ExGen: Cross-platform, Automated Exploit Generation for Smart Contract Vulnerabilities.
IEEE Trans. Dependable Secur. Comput., 2023

SneakyPrompt: Evaluating Robustness of Text-to-image Generative Models' Safety Filters.
CoRR, 2023

McFIL: Model Counting Functionality-Inherent Leakage.
Proceedings of the 32nd USENIX Security Symposium, 2023

PrivateFL: Accurate, Differentially Private Federated Learning via Personalized Data Transformation.
Proceedings of the 32nd USENIX Security Symposium, 2023

Squint Hard Enough: Attacking Perceptual Hashing with Adversarial Machine Learning.
Proceedings of the 32nd USENIX Security Symposium, 2023

Understanding the (In)Security of Cross-side Face Verification Systems in Mobile Apps: A System Perspective.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

Scaling JavaScript Abstract Interpretation to Detect and Exploit Node.js Taint-style Vulnerability.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023

MiniTaintDev: Unveiling Mini-App Vulnerabilities through Dynamic Taint Analysis.
Proceedings of the 2023 ACM Workshop on Secure and Trustworthy Superapps, 2023

Him of Many Faces: Characterizing Billion-scale Adversarial and Benign Browser Fingerprints on Commercial Websites.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

CHKPLUG: Checking GDPR Compliance of WordPress Plugins via Cross-language Code Property Graph.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

EdgeMixup: Embarrassingly Simple Data Alteration to Improve Lyme Disease Lesion Segmentation and Diagnosis Fairness.
Proceedings of the Medical Image Computing and Computer Assisted Intervention - MICCAI 2023, 2023

Fortifying Federated Learning against Membership Inference Attacks via Client-level Input Perturbation.
Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network, 2023

CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation.
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

2022
EdgeMixup: Improving Fairness for Skin Disease Classification and Segmentation.
CoRR, 2022

Rendering Contention Channel Made Practical in Web Browsers.
Proceedings of the 31st USENIX Security Symposium, 2022

Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches.
Proceedings of the 31st USENIX Security Symposium, 2022

Mining Node.js Vulnerabilities via Object Dependence Graph and Query.
Proceedings of the 31st USENIX Security Symposium, 2022

Identity Confusion in WebView-based Mobile App-in-app Ecosystems.
Proceedings of the 31st USENIX Security Symposium, 2022

Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022

Addressing Heterogeneity in Federated Learning via Distributional Transformation.
Proceedings of the Computer Vision - ECCV 2022, 2022

GraphTrack: A Graph-based Cross-Device Tracking Framework.
Proceedings of the ASIA CCS '22: ACM Asia Conference on Computer and Communications Security, Nagasaki, Japan, 30 May 2022, 2022

2021
Squint Hard Enough: Evaluating Perceptual Hashing with Machine Learning.
IACR Cryptol. ePrint Arch., 2021

Defending Medical Image Diagnostics against Privacy Attacks using Generative Methods.
CoRR, 2021

Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Detecting Node.js prototype pollution vulnerabilities via object lookup analysis.
Proceedings of the ESEC/FSE '21: 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2021

Practical Blind Membership Inference Attack via Differential Comparisons.
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Defending Medical Image Diagnostics Against Privacy Attacks Using Generative Methods: Application to Retinal Diagnostics.
Proceedings of the Clinical Image-Based Procedures, Distributed and Collaborative Learning, Artificial Intelligence for Combating COVID-19 and Secure and Privacy-Preserving Machine Learning, 2021

2020
An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.
Proceedings of the 29th USENIX Security Symposium, 2020

TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020

TKPERM: Cross-platform Permission Knowledge Transfer to Detect Overprivileged Third-party Applications.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020

Who Touched My Browser Fingerprint?: A Large-scale Measurement Study and Classification of Fingerprint Dynamics.
Proceedings of the IMC '20: ACM Internet Measurement Conference, 2020

PatchAttack: A Black-Box Texture-Based Attack with Reinforcement Learning.
Proceedings of the Computer Vision - ECCV 2020, 2020

JSKernel: Fortifying JavaScript against Web Concurrency Attacks via a Kernel-Like Structure.
Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2020

Enhancing State-of-the-art Classifiers with API Semantics to Detect Evolved Android Malware.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

2019
Bringing Engineering Rigor to Deep Learning.
ACM SIGOPS Oper. Syst. Rev., 2019

DeepXplore: automated whitebox testing of deep learning systems.
Commun. ACM, 2019

Rendered Private: Making GLSL Execution Uniform to Prevent WebGL-based Browser Fingerprinting.
Proceedings of the 28th USENIX Security Symposium, 2019

2018
FlowCog: Context-aware Semantics Extraction and Analysis of Information Flow Leaks in Android Apps.
Proceedings of the 27th USENIX Security Symposium, 2018

Towards a Secure Zero-rating Framework with Three Parties.
Proceedings of the 27th USENIX Security Symposium, 2018

Efficient Repair of Polluted Machine Learning Systems via Causal Unlearning.
Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

2017
Towards Practical Verification of Machine Learning: The Case of Computer Vision Systems.
CoRR, 2017

(Cross-)Browser Fingerprinting via OS and Hardware Level Features.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

Deterministic Browser.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-world Websites.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
Vetting SSL Usage in Applications with SSLINT.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Towards Making Systems Forget with Machine Unlearning.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android.
Proceedings of the Security and Privacy in Communication Networks, 2015

I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

SafePay: Protecting against credit card forgery with existing magnetic card readers.
Proceedings of the 2015 IEEE Conference on Communications and Network Security, 2015

2014
Abusing Browser Address Bar for Fun and Profit - An Empirical Investigation of Add-On Cross Site Scripting Attacks.
Proceedings of the International Conference on Security and Privacy in Communication Networks, 2014

Protecting Web-Based Single Sign-on Protocols against Relying Party Impersonation Attacks through a Dedicated Bi-directional Authenticated Secure Channel.
Proceedings of the Research in Attacks, Intrusions and Defenses, 2014

JShield: towards real-time and vulnerability-based detection of polluted drive-by download attacks.
Proceedings of the 30th Annual Computer Security Applications Conference, 2014

2013
Rake: Semantics Assisted Network-Based Tracing Framework.
IEEE Trans. Netw. Serv. Manag., 2013

De-obfuscation and Detection of Malicious PDF Files with High Accuracy.
Proceedings of the 46th Hawaii International Conference on System Sciences, 2013

Redefining web browser principals with a Configurable Origin Policy.
Proceedings of the 2013 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013

2012
PathCutter: Severing the Self-Propagation Path of XSS JavaScript Worms in Social Web Networks.
Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012

Virtual browser: a virtualized browser to sandbox third-party JavaScripts with enhanced security.
Proceedings of the 7th ACM Symposium on Information, Compuer and Communications Security, 2012

2011
WebShield: Enabling Various Web Defense Techniques without Client Side Modifications.
Proceedings of the Network and Distributed System Security Symposium, 2011

Poster: a path-cutting approach to blocking XSS worms in social web networks.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

2010
Virtual browser: a web-level sandbox to secure third-party JavaScript without sacrificing functionality.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010


  Loading...