Zhemin Yang

Associate Professor
School of Computer Science, Fudan University

Email: yangzhemin [AT] fudan.edu.cn
Office: Room 313, Software Building, NO. 825 Zhangheng Road, Shanghai

I am an Associate Professor of School of Computer Science in Fudan University. I received my Ph.D and Bachelor degree from Fudan University in 2012 and 2007 respectively. Currently, I co-direct the System Software and Security Laboratory in Fudan University.


Research Interest

I'm interested in all aspects of system security and program analysis. My current specific research interests include:
  • Mobile security, especially on Android security
  • Internet malware & user privacy protection
  • Static/Dynamic code analysis


Background

  • 2017.12~now, Fudan University, School of Computer Science, Associate Professor
  • 2015.01~2017.11, Fudan University, School of Computer Science, Assistant Professor
  • 2012.12~2014.12, Fudan University, School of Computer Science, Postdoc
  • 2007.09~2012.11, Fudan University, School of Computer Science, Ph.D
  • 2003.09~2007.06, Fudan University, Software School, B.Eng

Publications

  1. Withdrawing is believing? Detecting Inconsistencies Between Withdrawal Choices and Third-party Data Collections in Mobile Apps
    Xiaolin Du, Zhemin Yang, Jiapeng Lin, Yinzhi Cao, Min Yang
    In Proceedings of the 45th IEEE Symposium on Security and Privacy, Oakland'24, San Francisco, CA, USA, May 20-23, 2024. [PDF]
  2. NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic
    Peng Deng, Zhemin Yang, Lei Zhang, Guangliang Yang, Wenzheng Hong, Yuan Zhang, Min Yang
    In Proceedings of the 30th ACM Conference on Computer and Communications Security, CCS'23, Copenhagen, Denmark, November 26-30, 2023.
  3. Notice the Imposter! A Study on User Tag Spoofing Attack in Mobile Apps
    Shuai Li, Zhemin Yang, Guangliang Yang, Hange Zhang, Nan Hua, Yurui Huang, Min Yang
    In Proceedings of The 32nd USENIX Security Symposium, Security’23, Anaheim, CA, USA, August 9–11, 2023. [PDF]
  4. Collect Responsibly But Deliver Arbitrarily? A Study on Cross-User Privacy Leakage in Mobile Apps
    Shuai Li, Zhemin Yang, Nan Hua, Peng Liu, Xiaohan Zhang, Guangliang Yang, Min Yang
    In Proceedings of the 29th ACM Conference on Computer and Communications Security, CCS'22, Los Angeles, USA, November 7-11, 2022. [PDF]
  5. Analyzing Ground-Truth Data of Mobile Gambling Scams
    Geng Hong, Zhemin Yang, Sen Yang, Xiaojing Liao, Xiaolin Du, Min Yang, Haixin Duan
    In Proceedings of the 43rd IEEE Symposium on Security and Privacy, Oakland'22, San Francisco, CA, USA, May 23-26, 2022. [PDF]
  6. Ferry: State-Aware Symbolic Execution for Exploring State-Dependent Program Paths
    Shunfan Zhou, Zhemin Yang, Dan Qiao, Peng Liu, Min Yang, Zhe Wang, Chenggang Wu
    In Proceedings of The 31st USENIX Security Symposium, Security’22, Boston, MA, USA, August 10–12, 2022. [PDF]
  7. An Ever-evolving Game: Evaluation of Real-world Attacks and Defenses in Ethereum Ecosystem.
    Shunfan Zhou, Zhemin Yang, Jie Xiang, Yinzhi Cao, Min Yang, Yuan Zhang.
    In Proceedings of the 29th USENIX Security Symposium, Security’20, Boston, MA, USA, August 12-14, 2020. [PDF]
  8. PDiff: Semantic-based Patch Presence Testing for Downstream Kernels.
    Zheyue Jiang, Yuan Zhang, Jun Xu, Qi Wen, Zhenghe Wang, Xiaohan Zhang, Xinyu Xing, Min Yang, Zhemin Yang.
    In Proceedings of the 27th ACM Conference on Computer and Communications Security, CCS'20, Orlando, USA, November 9-13, 2020. [PDF]
  9. BScout: Direct Whole Patch Presence Test for Java Executables.
    Jiarun Dai, Yuan Zhang, Zheyue Jiang, Yingtian Zhou, Junyan Chen, Xinyu Xing, Xiaohan Zhang, Xin Tan, Min Yang, Zhemin Yang.
    In Proceedings of the 29th USENIX Security Symposium, Security’20, Boston, MA, USA, August 12-14, 2020. [PDF]
  10. How Android Developers Handle Evolution-induced API Compatibility Issues: A Large-scale Study.
    Hao Xia, Yuan Zhang, Yingtian Zhou, Xiaoting Chen, Yang Wang, Xiangyu Zhang, Shuaishuai Cui, Gen Hong, Xiaohan Zhang, Min Yang, Zhemin Yang.
    In Proceedings of the 42nd International Conference on Software Engineering, ICSE'20, Seoul, South Korea, May 23-29, 2020.
  11. TextExerciser: Feedback-driven Text Input Exercising for Android Applications.
    Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang, Yuan Zhang, Haixin Duan.
    In Proceedings of the 41st IEEE Symposium on Security and Privacy, Oakland'20, San Francisco, CA, May 18-20, 2020. [PDF] [Homepage and Source Code]
  12. App in the middle: Demystify Application Virtualization in Android and its Security Threats.
    Lei Zhang, Zhemin Yang, Yuyu He, Mingqi Li, Sen Yang, Min Yang, Yuan Zhang, Zhiyun Qian.
    In Proceedings of the 2019 ACM International Conference on Measurement and Modeling of Computer Systems , SIGMETRICS'19, Phoenix, Arizona, USA, June 24-28, 2019. [PDF]
  13. How You Get Shot in the Back: A Systematical Study about Cryptojacking in the Real World.
    Geng Hong, Zhemin Yang, Sen Yang, Lei Zhang, Yuhong Nan, Zhibo Zhang, Min Yang, Yuan Zhang, Zhiyun Qian, Haixin Duan.
    In Proceedings of the 25th ACM Conference on Computer and Communications Security, CCS'18, Toronto, Canada, October 15-19, 2018. [PDF] [Source Code and Data]
  14. Invetter: Locating Insecure Input Validations in Android Services.
    Lei Zhang, Zhemin Yang, Yuyu He, Zhenyu Zhang, Zhiyun Qian, Geng Hong, Yuan Zhang, Min Yang.
    In Proceedings of the 25th ACM Conference on Computer and Communications Security, CCS'18, Toronto, Canada, October 15-19, 2018. [PDF] [Source Code]
  15. An Empirical Study of Web Resource Manipulation in Real-world Mobile Applications.
    Xiaohan Zhang, Yuan Zhang, Qianqian Mo, Hao Xia, Zhemin Yang, Min Yang, Xiaofeng Wang, Long Lu, Haixin Duan.
    In Proceedings of the 27th USENIX Security Symposium, Security'18, Baltimore, USA, August 15-17, 2018. [PDF] [Dataset]
  16. Detecting Third-Party Libraries in Android Applications with High Precision and Recall.
    Yuan Zhang, Jiarun Dai, Xiaohan Zhang, Sirong Huang, Zhemin Yang, Min Yang, Hao Chen.
    In Proceedings of IEEE International Conference on Software Analysis, Evolution and Reengineering, SANER'18, Campobasso, Italy, March 20-23, 2018. [PDF]
  17. Finding Clues for Your Secrets: Semantics-Driven, Learning-Based Privacy Discovery in Mobile Apps.
    Yuhong Nan, Zhemin Yang, Xiaofeng Wang, Yuan Zhang, Donglai Zhu, Min Yang.
    In Proceedings of Network and Distributed System Security Symposium, NDSS'18, San Diego, Feb 18-21, 2018. [PDF]
  18. Identifying User-Input Privacy in Mobile Applications at a Large Scale.
    Yuhong Nan, Zhemin Yang, Min Yang, Shunfan Zhou, Yuan Zhang, Guofei Gu, Xiaofeng Wang, Limin Sun.
    In IEEE Transactions on Information Forensics and Security(TIFS), 2017, 12(3), 647-661. [PDF]
  19. UIPicker: User-Input Privacy Identification in Mobile Applications.
    Yuhong Nan, Min Yang, Zhemin Yang, Shunfan Zhou, Guofei Gu, Xiaofeng Wang.
    In Proceedings of the 24th USENIX Security Symposium, USENIX Security'15, Washington, D.C., August 12–14, 2015. [PDF]
  20. Permission Use Analysis for Vetting Undesirable Behaviors in Android Apps.
    Yuan Zhang, Min Yang, Zhemin Yang, Guofei Gu, Peng Ning, Binyu Zang.
    In IEEE Transactions on Information Forensics and Security(TIFS), 2014, 9(11), 1828-1842. [PDF]
  21. AppIntent: Analyzing Sensitive Data Transmission in Android for Privacy Leakage Detection.
    Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning and X. Sean Wang.
    In Proceedings of the 20th ACM Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013. [PDF]
  22. Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis.
    Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang.
    In Proceedings of the 20th ACM Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013. [PDF]
  23. Swift: A Registerbased JIT Compiler for Embedded JVMs.
    Yuan Zhang, Min Yang, Bo Zhou, Zhemin Yang, Weihua Zhang, Binyu Zang.
    In Proceedings of the 8th international conference on Virtual execution environments, VEE'12, London, UK, March 3-4, 2012. [PDF]
  24. ORDER: Object centRic DEterministic Replay for Java.
    Zhemin Yang, Min Yang, Lvcai Xu, Haibo Chen, Binyu Zang
    In Proceedings of the 2011 USENIX Annual Technical Conference, ATC'11, Portland, June 14-17, 2011. [PDF]

Teaching

Undergraduate:
  • Computer System (in Software School)
    • Fall 2017, Fall 2018
  • Compiler Principles (in Software School)
    • Fall 2015, Fall 2016
  • Mobile Security (in Software School)
    • Fall 2016
Graduate:
  • Advanced Compilation Techniques (in Software School)
    • Fall 2015, Fall 2016, Fall 2017

Last Modified: Sep 17, 2018, Contact: yangzhemin [AT] fudan.edu.cn

GoStats provides website analytics visits since Sep 17. 2018.