Education
Ph.D. in Electrical and Computer Engineering
Gerogia Institute of Technology
Thesis: Reducing Web Attack Surface: Mitigating Social Engineering and Code Injection Threats
Advisors: Wenke Lee and Brendan Saltaformaggio
2025
Atlanta, GA
M.S. in Electrical and Computer Engineering
Gerogia Institute of Technology
Concentration: Cybersecurity
2025
Atlanta, GA
M.S. in Computer Science
Gerogia Institute of Technology
Concentration: Machine Learning
2021
Atlanta, GA
B.E. in Information Engineering
Tianjin University
2013
Tianjin, China
Professional Experiences
Microsoft Research
Research Intern
May 2024 ~ August 2024
Redmond, WA
ThoughtWorks
Web Developement Consultant
August 2018 ~ December 2018
Xi'an, China
Micron Technology
Senior Software Engineer
April 2014 ~ July 2018
Xi'an, China & Boise, ID
Samsung Electronics
Product Test Engineer
July 2013 ~ March 2014
Tianjin, China
Acedamic Services
Annual Computer Security Applications Conference
PC Member
2025
USENIX Security Symposium
Artifact Evaluation PC Member
2025
ACM Conference on Computer and Communications Security
PC Member
2024
Publications
IEEE S&P
COINDEF: A Comprehensive Code Injection Defense for the Electron Framework.
Zheng Yang, Simon Chung, Jizhou Chen, Runze Zhang, Brendan Saltaformaggio, Wenke Lee.
In Proceedings of the 46th IEEE Symposium on Security and Privacy,
San Francisco, CA 2025.
IEEE S&P
Identifying Incoherent Search Sessions: Search Click Fraud Remediation Under Real-World Constraints.
Runze Zhang, Ranjita Pai Sridhar, Mingxuan Yao, Zheng Yang, David Oygenblik, Haichuan Xu, Vacha Dave, Cormac Herley, Paul England, Brendan Saltaformaggio.
In Proceedings of the 46th IEEE Symposium on Security and Privacy,
San Francisco, CA 2025.
IEEE DSN
SOUNDBOOST: Effective RCA and Attack Detection for UAV via Acoustic Side-Channel.
Haoran Wang, Zheng Yang, Sangdon Park, Yibin Yang, Seulbae Kim, Willian Lunardi, Martin Andreoni, Taesoo Kim, Wenke Lee.
In Proceedings of the 55th IEEE International Conference on Dependable Systems and Networks,
Naples, Italy 2025.
USENIX Security
WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web.
Joey Allen, Zheng Yang, Feng Xiao, Matthew Landen, Roberto Perdisci, Wenke Lee.
In Proceedings of the 33rd USENIX Security Symposium,
Philadelphia, PA 2024.
USENIX Security
TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks.
Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee.
In Proceedings of the 32nd USENIX Security Symposium,
Anaheim, CA 2023.
ACM CCS
Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-Platform Ecosystem.
Feng Xiao, Zheng Yang, Joey Allen, Guangliang Yang, Grant Williams, Wenke Lee.
In Proceedings of the 29th ACM Conference on Computer and Communications Security,
Los Angeles, CA 2022.
ACM CCS
Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System.
Joey Allen, Zheng Yang, Matthew Landen, Raghav Bhat, Harsh Grover, Andrew Chang, Yang Ji, Roberto Perdisci, Wenke Lee.
In Proceedings of the 27th ACM Conference on Computer and Communications Security,
Virtual 2020.