Zhou Li

Orcid: 0000-0002-9401-1012

Affiliations:
  • University of California Irvine, Henry Samueli School of Engineering, CA, USA
  • RSA Laboratories, Bedford, MA, USA (until 2018)
  • Indiana University Bloomington, IN, USA (PhD 2014)
  • Wuhan University, College of Computer Science, China (former)


According to our database1, Zhou Li authored at least 88 papers between 2007 and 2025.

Collaborative distances:

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Dataset
Other 

Links

Online presence:

On csauthors.net:

Bibliography

2025
A Comprehensive Study of Privacy Risks in Curriculum Learning.
Proc. Priv. Enhancing Technol., 2025

2024
AutoAttacker: A Large Language Model Guided System to Implement Automatic Cyber-attacks.
CoRR, 2024

ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing.
Proceedings of the 33rd USENIX Security Symposium, 2024

Understanding and Bridging the Gap Between Unsupervised Network Representation Learning and Security Analytics.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets.
Proceedings of the IEEE Symposium on Security and Privacy, 2024

Yesterday Once More: Global Measurement of Internet Traffic Shadowing Behaviors.
Proceedings of the 2024 ACM on Internet Measurement Conference, 2024

NetDPSyn: Synthesizing Network Traces under Differential Privacy.
Proceedings of the 2024 ACM on Internet Measurement Conference, 2024

2023
Automatic Generation of Adversarial Readable Chinese Texts.
IEEE Trans. Dependable Secur. Comput., 2023

PROGRAPHER: An Anomaly Detection System based on Provenance Graph Embedding.
Proceedings of the 32nd USENIX Security Symposium, 2023

The Maginot Line: Attacking the Boundary of DNS Caching Protection.
Proceedings of the 32nd USENIX Security Symposium, 2023

Design Factors of Maestro: A Serious Game for Robust AI Education.
Proceedings of the 54th ACM Technical Symposium on Computer Science Education, Volume 2, 2023

Userspace Bypass: Accelerating Syscall-intensive Applications.
Proceedings of the 17th USENIX Symposium on Operating Systems Design and Implementation, 2023

Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation.
Proceedings of the 30th Annual Network and Distributed System Security Symposium, 2023

On Adversarial Robustness of Point Cloud Semantic Segmentation.
Proceedings of the 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Network, 2023

Differentially Private Resource Allocation.
Proceedings of the Annual Computer Security Applications Conference, 2023

Maestro: A Gamified Platform for Teaching AI Robustness.
Proceedings of the Thirty-Seventh AAAI Conference on Artificial Intelligence, 2023

2022
Android Custom Permissions Demystified: A Comprehensive Security Evaluation.
IEEE Trans. Software Eng., 2022

A Comprehensive Study of DNS Operational Issues by Mining DNS Forums.
IEEE Access, 2022

MeshUp: Stateless Cache Side-channel Attack on CPU Mesh.
Proceedings of the 43rd IEEE Symposium on Security and Privacy, 2022

Hide and Seek: Revisiting DNS-based User Tracking.
Proceedings of the 7th IEEE European Symposium on Security and Privacy, 2022

Play the Imitation Game: Model Extraction Attack against Autonomous Driving Localization.
Proceedings of the Annual Computer Security Applications Conference, 2022

2021
Stealing Neural Network Structure Through Remote FPGA Side-Channel Analysis.
IEEE Trans. Inf. Forensics Secur., 2021

adPerf: Characterizing the Performance of Third-party Ads.
Proc. ACM Meas. Anal. Comput. Syst., 2021

Attacking Point Cloud Segmentation with Color-only Perturbation.
CoRR, 2021

Volcano: Stateless Cache Side-channel Attack by Exploiting Mesh Interconnect.
CoRR, 2021

DNSWeight: Quantifying Country-Wise Importance of Domain Name System.
IEEE Access, 2021

SEAL: Storage-efficient Causality Analysis on Enterprise Logs with Query-friendly Compression.
Proceedings of the 30th USENIX Security Symposium, 2021

A Comprehensive Measurement-based Investigation of DNS Hijacking.
Proceedings of the 40th International Symposium on Reliable Distributed Systems, 2021

Invisible Probe: Timing Attacks with PCIe Congestion Side-channel.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

Android Custom Permissions Demystified: From Privilege Escalation to Design Shortcomings.
Proceedings of the 42nd IEEE Symposium on Security and Privacy, 2021

From WHOIS to WHOWAS: A Large-Scale Measurement Study of Domain Registration Privacy under the GDPR.
Proceedings of the 28th Annual Network and Distributed System Security Symposium, 2021

Android on PC: On the Security of End-user Android Emulators.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Rusted Anchors: A National Client-Side View of Hidden Root CAs in the Web PKI Ecosystem.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

Continuous Release of Data Streams under both Centralized and Local Differential Privacy.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021

The Many-faced God: Attacking Face Verification System with Embedding and Image Recovery.
Proceedings of the ACSAC '21: Annual Computer Security Applications Conference, Virtual Event, USA, December 6, 2021

Detecting and Characterizing SMS Spearphishing Attacks.
Proceedings of the ACSAC '21: Annual Computer Security Applications Conference, Virtual Event, USA, December 6, 2021

2020
A Comprehensive Study of DNS-over-HTTPS Downgrade Attack.
Proceedings of the 10th USENIX Workshop on Free and Open Communications on the Internet, 2020

Argot: Generating Adversarial Readable Chinese Texts.
Proceedings of the Twenty-Ninth International Joint Conference on Artificial Intelligence, 2020

Leaky DNN: Stealing Deep-Learning Model Secret with GPU Context-Switching Side-Channel.
Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2020

Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic.
Proceedings of the ASIA CCS '20: The 15th ACM Asia Conference on Computer and Communications Security, 2020

Lies in the Air: Characterizing Fake-base-station Spam Ecosystem in China.
Proceedings of the CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020

Understanding Promotion-as-a-Service on GitHub.
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020

2019
Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks.
CoRR, 2019

Resident Evil: Understanding Residential IP Proxy as a Dark Service.
Proceedings of the 2019 IEEE Symposium on Security and Privacy, 2019

TL;DR Hazard: A Comprehensive Study of Levelsquatting Scams.
Proceedings of the Security and Privacy in Communication Networks, 2019

Kindness is a Risky Business: On the Usage of the Accessibility APIs in Android.
Proceedings of the 22nd International Symposium on Research in Attacks, 2019

BadBluetooth: Breaking Android Security Mechanisms via Malicious Bluetooth Peripherals.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019

An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come?
Proceedings of the Internet Measurement Conference, 2019

TraffickStop: Detecting and Measuring Illicit Traffic Monetization Through Large-Scale DNS Analysis.
Proceedings of the IEEE European Symposium on Security and Privacy, 2019

An investigation on information leakage of DNS over TLS.
Proceedings of the 15th International Conference on Emerging Networking Experiments And Technologies, 2019

Casino royale: a deep exploration of illegal online gambling.
Proceedings of the 35th Annual Computer Security Applications Conference, 2019

2018
Accessing mobile user's privacy based on IME personalization: Understanding and practical attacks.
J. Comput. Secur., 2018

Who Is Answering My Queries: Understanding and Characterizing Interception of the DNS Resolution Path.
Proceedings of the 27th USENIX Security Symposium, 2018

FrameHanger: Evaluating and Classifying Iframe Injection at Large Scale.
Proceedings of the Security and Privacy in Communication Networks, 2018

Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild.
Proceedings of the Security and Privacy in Communication Networks, 2018

A Reexamination of Internationalized Domain Names: The Good, the Bad and the Ugly.
Proceedings of the 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2018

Beware of Your Screen: Anonymous Fingerprinting of Device Screens for Off-line Payment Protection.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018

MADE: Security Analytics for Enterprise Threat Detection.
Proceedings of the 34th Annual Computer Security Applications Conference, 2018

2017
Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU.
Proc. Priv. Enhancing Technol., 2017

Picking Up My Tab: Understanding and Mitigating Synchronized Token Lifting and Spending in Mobile Payment.
Proceedings of the 26th USENIX Security Symposium, 2017

How to Learn Klingon without a Dictionary: Detection and Measurement of Black Keywords Used by the Underground Economy.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Lens on the Endpoint: Hunting for Malicious Software Through Endpoint Data Analysis.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2017

All Your VMs are Disconnected: Attacking Hardware Virtualized Network.
Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy, 2017

Don't Let One Rotten Apple Spoil the Whole Barrel: Towards Automated Detection of Shadowed Domains.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Evading Android Runtime Analysis Through Detecting Programmed Interactions.
Proceedings of the 9th ACM Conference on Security & Privacy in Wireless and Mobile Networks, 2016

The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO.
Proceedings of the 25th USENIX Security Symposium, 2016

No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

Operational Security Log Analytics for Enterprise Breach Detection.
Proceedings of the IEEE Cybersecurity Development, 2016

What You See Isn't Always What You Get: A Measurement Study of Usage Fraud on Android Apps.
Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices, 2016

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

Catching predators at watering holes: finding and understanding strategically compromised websites.
Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016

2015
Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting.
Proceedings of the 2015 IEEE Symposium on Security and Privacy, 2015

An Empirical Study on Android for Saving Non-shared Data on Public Storage.
Proceedings of the ICT Systems Security and Privacy Protection, 2015

Mind-Reading: Privacy Attacks Exploiting Cross-App KeyEvent Injections.
Proceedings of the Computer Security - ESORICS 2015, 2015

Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data.
Proceedings of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2015

When Good Becomes Evil: Keystroke Inference with Smartwatch.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014
Thwarting Wi-Fi Side-Channel Analysis through Traffic Demultiplexing.
IEEE Trans. Wirel. Commun., 2014

Gateless Treasure: How to Get Sensitive Information from Unprotected External Storage on Android Phones.
CoRR, 2014

Understanding the Dark Side of Domain Parking.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Hunting the Red Fox Online: Understanding and Detection of Mass Redirect-Script Injections.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

2013
Finding the Linchpins of the Dark Web: a Study on Topologically Dedicated Hosts on Malicious Web Infrastructures.
Proceedings of the 2013 IEEE Symposium on Security and Privacy, 2013

2012
Knowing your enemy: understanding and detecting malicious web advertising.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2010
Mash-IF: Practical information-flow control within client-side mashups.
Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks, 2010

Sidebuster: automated detection and quantification of side-channel leaks in web application development.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

FIRM: capability-based inline mediation of Flash behaviors.
Proceedings of the Twenty-Sixth Annual Computer Security Applications Conference, 2010

2009
Privacy-preserving genomic computation through program specialization.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

2008
PerformTrust: Trust model integrated past and current performance in P2P file sharing systems.
Proceedings of the 6th ACS/IEEE International Conference on Computer Systems and Applications, 2008

2007
Immunity based Virus Detection with Process Call Arguments and User Feedback.
Proceedings of the 2nd International ICST Conference on Bio-Inspired Models of Network, 2007


  Loading...