|
|
Zhemin Yang
|
Associate Professor
School of Computer Science, Fudan University
Email: yangzhemin [AT] fudan.edu.cn
Office: Room 313, Software Building, NO. 825 Zhangheng Road, Shanghai
I am an Associate Professor of School of Computer Science in Fudan University.
I received my Ph.D and Bachelor degree from Fudan University in 2012 and 2007 respectively.
Currently, I co-direct the System Software and Security Laboratory in Fudan University.
|
I'm interested in all aspects of system security and program analysis. My current specific research interests include:
- Mobile security, especially on Android App/Mini-app security
- Program Analysis for Privacy
- Static/Dynamic code analysis
- 2017.12~now, Fudan University, School of Computer Science, Associate Professor
- 2015.01~2017.11, Fudan University, School of Computer Science, Assistant Professor
- 2012.12~2014.12, Fudan University, School of Computer Science, Postdoc
- 2007.09~2012.11, Fudan University, School of Computer Science, Ph.D
- 2003.09~2007.06, Fudan University, Software School, B.Eng
-
The Skeleton Keys: A Large Scale Analysis of Credential Leakage in Mini-apps
Yizhe Shi, Zhemin Yang, Kangwei Zhong, Guangliang Yang, Yifan Yang, Xiaohan Zhang, Min Yang
In Proceedings of The Network and Distributed System Security Symposium, NDSS'25, San Diego, California, USA, February 23–28, 2025.
[PDF]
-
An Empirical Study on Fingerprint API Misuse with Lifecycle Analysis in Real-world Android Apps
Xin Zhang, Xiaohan Zhang, Zhichen Liu, Bo Zhao, Zhemin Yang, Min Yang
In Proceedings of The Network and Distributed System Security Symposium, NDSS'25, San Diego, California, USA, February 23–28, 2025.
-
Are We Getting Well-informed? An In-depth Study of Runtime Privacy Notice Practice in Mobile Apps
Shuai Li, Zhemin Yang, Yuhong Nan, Shutian Yu, Qirui Zhu, Min Yang
In Proceedings of the 31st ACM Conference on Computer and Communications Security, CCS'24, Salt Lake City, USA, October 14-18, 2024.
[PDF]
-
Withdrawing is believing? Detecting Inconsistencies Between Withdrawal Choices and Third-party Data Collections in Mobile Apps
Xiaolin Du, Zhemin Yang, Jiapeng Lin, Yinzhi Cao, Min Yang
In Proceedings of the 45th IEEE Symposium on Security and Privacy, Oakland'24, San Francisco, CA, USA, May 20-23, 2024.
[PDF]
-
NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic
Peng Deng, Zhemin Yang, Lei Zhang, Guangliang Yang, Wenzheng Hong, Yuan Zhang, Min Yang
In Proceedings of the 30th ACM Conference on Computer and Communications Security, CCS'23, Copenhagen, Denmark, November 26-30, 2023.
[PDF]
-
Notice the Imposter! A Study on User Tag Spoofing Attack in Mobile Apps
Shuai Li, Zhemin Yang, Guangliang Yang, Hange Zhang, Nan Hua, Yurui Huang, Min Yang
In Proceedings of The 32nd USENIX Security Symposium, Security’23, Anaheim, CA, USA, August 9–11, 2023.
[PDF]
-
Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps
Shuai Li, Zhemin Yang, Nan Hua, Peng Liu, Xiaohan Zhang, Guangliang Yang, Min Yang
In Proceedings of the 29th ACM Conference on Computer and Communications Security, CCS'22, Los Angeles, USA, November 7-11, 2022.
[PDF]
-
Analyzing Ground-Truth Data of Mobile Gambling Scams
Geng Hong, Zhemin Yang, Sen Yang, Xiaojing Liao, Xiaolin Du, Min Yang, Haixin Duan
In Proceedings of the 43rd IEEE Symposium on Security and Privacy, Oakland'22, San Francisco, CA, USA, May 23-26, 2022.
[PDF]
-
Ferry: State-Aware Symbolic Execution for Exploring State-Dependent Program Paths
Shunfan Zhou, Zhemin Yang, Dan Qiao, Peng Liu, Min Yang, Zhe Wang, Chenggang Wu
In Proceedings of The 31st USENIX Security Symposium, Security’22, Boston, MA, USA, August 10–12, 2022.
[PDF]
-
An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.
Shunfan Zhou, Zhemin Yang, Jie Xiang, Yinzhi Cao, Min Yang, Yuan Zhang.
In Proceedings of the 29th USENIX Security Symposium, Security’20, Boston, MA, USA, August 12-14, 2020.
[PDF]
-
PDiff: Semantic-based Patch Presence Testing for Downstream Kernels.
Zheyue Jiang, Yuan Zhang, Jun Xu, Qi Wen, Zhenghe Wang, Xiaohan Zhang, Xinyu Xing, Min Yang, Zhemin Yang.
In Proceedings of the 27th ACM Conference on Computer and Communications Security, CCS'20, Orlando, USA, November 9-13, 2020.
[PDF]
-
BScout: Direct Whole Patch Presence Test for Java Executables.
Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, Zhemin Yang.
In Proceedings of the 29th USENIX Security Symposium, Security’20, Boston, MA, USA, August 12-14, 2020.
[PDF]
-
How Android Developers Handle Evolution-induced API Compatibility Issues: A Large-scale Study.
Hao Xia, Yuan Zhang, Yingtian Zhou, Xiaoting Chen, Yang Wang, Xiangyu Zhang, Shuaishuai Cui, Gen Hong, Xiaohan Zhang, Min Yang, Zhemin Yang.
In Proceedings of the 42nd International Conference on Software Engineering, ICSE'20, Seoul, South Korea, May 23-29, 2020.
-
TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang, Yuan Zhang, Haixin Duan.
-
App in the middle: Demystify Application Virtualization in Android and its Security Threats.
Lei Zhang, Zhemin Yang, Yuyu He, Mingqi Li, Sen Yang, Min Yang, Yuan Zhang, Zhiyun Qian.
In Proceedings of the 2019 ACM International Conference on Measurement and Modeling of Computer Systems , SIGMETRICS'19, Phoenix, Arizona, USA, June 24-28, 2019.
[PDF]
-
How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World.
Geng Hong, Zhemin Yang, Sen Yang, Lei Zhang, Yuhong Nan, Zhibo Zhang, Min Yang, Yuan Zhang, Zhiyun Qian, Haixin Duan.
In Proceedings of the 25th ACM Conference on Computer and Communications Security, CCS'18, Toronto, Canada, October 15-19, 2018.
[PDF]
[Source Code and Data]
-
Invetter: Locating Insecure Input Validations in Android Services.
Lei Zhang, Zhemin Yang, Yuyu He, Zhenyu Zhang, Zhiyun Qian, Geng Hong, Yuan Zhang, Min Yang.
In Proceedings of the 25th ACM Conference on Computer and Communications Security, CCS'18, Toronto, Canada, October 15-19, 2018.
[PDF]
[Source Code]
-
An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications.
Xiaohan Zhang, Yuan Zhang, Qianqian Mo, Hao Xia, Zhemin Yang, Min Yang, Xiaofeng Wang, Long Lu, Haixin Duan.
In Proceedings of the 27th USENIX Security Symposium, Security'18, Baltimore, USA, August 15-17, 2018.
[PDF]
[Dataset]
-
Detecting Third-Party Libraries in Android Applications with High Precision and Recall.
Yuan Zhang, Jiarun Dai, Xiaohan Zhang, Sirong Huang, Zhemin Yang, Min Yang, Hao Chen.
In Proceedings of IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER'18, Campobasso, Italy, March 20-23, 2018.
[PDF]
-
Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps.
Yuhong Nan, Zhemin Yang, Xiaofeng Wang, Yuan Zhang, Donglai Zhu, Min Yang.
In Proceedings of Network and Distributed System Security Symposium, NDSS'18, San Diego, Feb 18-21, 2018.
[PDF]
-
Identifying User-Input Privacy in Mobile Applications at a Large Scale.
Yuhong Nan, Zhemin Yang, Min Yang, Shunfan Zhou, Yuan Zhang, Guofei Gu, Xiaofeng Wang, Limin Sun.
In IEEE Transactions on Information Forensics and Security(TIFS), 2017, 12(3), 647-661.
[PDF]
-
UIPicker: User-Input Privacy Identification in Mobile Applications.
Yuhong Nan, Min Yang, Zhemin Yang, Shunfan Zhou, Guofei Gu, Xiaofeng Wang.
In Proceedings of the 24th USENIX Security Symposium, USENIX Security'15, Washington, D.C., August 12–14, 2015.
[PDF]
-
Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps.
Yuan Zhang, Min Yang, Zhemin Yang, Guofei Gu, Peng Ning, Binyu Zang.
In IEEE Transactions on Information Forensics and Security(TIFS), 2014, 9(11), 1828-1842.
[PDF]
-
AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection.
Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning and X. Sean Wang.
In Proceedings of the 20th ACM Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013.
[PDF]
-
Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis.
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang.
In Proceedings of the 20th ACM Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013.
[PDF]
-
Swift: A Registerbased JIT Compiler for Embedded JVMs.
Yuan Zhang, Min Yang, Bo Zhou, Zhemin Yang, Weihua Zhang, Binyu Zang.
In Proceedings of the 8th international conference on Virtual execution environments, VEE'12, London, UK, March 3-4, 2012.
[PDF]
-
ORDER: Object centRic DEterministic Replay for Java.
Zhemin Yang, Min Yang, Lvcai Xu, Haibo Chen, Binyu Zang
In Proceedings of the 2011 USENIX Annual Technical Conference, ATC'11, Portland, June 14-17, 2011.
[PDF]
Undergraduate:
- Computer Systems (in Computer Science)
- Fall 2017, Fall 2018, Fall 2019, Fall 2020, Fall 2022, Fall 2023, Fall 2024
Graduate:
- Compilers (in Computer Science)
- Fall 2015, Fall 2016, Fall 2021
- Mobile Security (in Computer Science)
- Fall 2016, Fall 2020, Fall 2021, Fall 2022, Fall 2023, Spring 2024
- Smart Operating Systems (in Computer Science)
- Spring 2022, Spring 2023, Spring 2024, Fall 2024
- System Security (in Computer Science)
- Fall 2022, Fall 2023, Fall 2024
Last Modified: Sep 11, 2024, Contact: yangzhemin [AT] fudan.edu.cn
visits since Sep 17. 2018.
|
|
|