Zheng (Ian) Yang | 杨铮

Senior Applied Scientist at Microsoft, working on fraud detection.
Ph.D. from Georgia Institute of Technology, specializing in web security and cyber crime detection.

Research Interest: Web Security; Cyber Crime Detection; Fraud Detection; Cloud Security; Digital Forensics; Authentication.

Education

Ph.D. in Electrical and Computer Engineering

Gerogia Institute of Technology

Thesis: Reducing Web Attack Surface: Mitigating Social Engineering and Code Injection Threats

Advisors: Wenke Lee and Brendan Saltaformaggio

2025

Atlanta, GA

M.S. in Electrical and Computer Engineering

Gerogia Institute of Technology

Concentration: Cybersecurity

2025

Atlanta, GA

M.S. in Computer Science

Gerogia Institute of Technology

Concentration: Machine Learning

2021

Atlanta, GA

B.E. in Information Engineering

Tianjin University

2013

Tianjin, China

Professional Experiences

Microsoft Corporation

Senior Applied Scientist

May 2025 ~ present

Mountain View, CA

Microsoft Research

Research Intern

May 2024 ~ August 2024

Redmond, WA

ThoughtWorks

Web Developement Consultant

August 2018 ~ December 2018

Xi'an, China

Micron Technology

Senior Software Engineer

April 2014 ~ July 2018

Xi'an, China & Boise, ID

Samsung Electronics

Product Test Engineer

July 2013 ~ March 2014

Tianjin, China

Acedamic Services

Annual Computer Security Applications Conference

PC Member

2025

USENIX Security Symposium

Artifact Evaluation PC Member

2025

ACM Conference on Computer and Communications Security

PC Member

2024

Publications

IEEE DSN

SOUNDBOOST: Effective RCA and Attack Detection for UAV via Acoustic Side-Channel.

Haoran Wang, Zheng Yang, Sangdon Park, Yibin Yang, Seulbae Kim, Willian Lunardi, Martin Andreoni, Taesoo Kim, Wenke Lee.

In Proceedings of the 55th IEEE International Conference on Dependable Systems and Networks,

Naples, Italy, June 2025.

IEEE S&P

Identifying Incoherent Search Sessions: Search Click Fraud Remediation Under Real-World Constraints.

Runze Zhang, Ranjita Pai Sridhar, Mingxuan Yao, Zheng Yang, David Oygenblik, Haichuan Xu, Vacha Dave, Cormac Herley, Paul England, Brendan Saltaformaggio.

In Proceedings of the 46th IEEE Symposium on Security and Privacy,

San Francisco, CA, May 2025.

IEEE S&P

COINDEF: A Comprehensive Code Injection Defense for the Electron Framework.

Zheng Yang, Simon Chung, Jizhou Chen, Runze Zhang, Brendan Saltaformaggio, Wenke Lee.

In Proceedings of the 46th IEEE Symposium on Security and Privacy,

San Francisco, CA, May 2025.

USENIX Security

WEBRR: A Forensic System for Replaying and Investigating Web-Based Attacks in The Modern Web.

Joey Allen, Zheng Yang, Feng Xiao, Matthew Landen, Roberto Perdisci, Wenke Lee.

In Proceedings of the 33rd USENIX Security Symposium,

Philadelphia, PA, August 2024.

USENIX Security

TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks.

Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee.

In Proceedings of the 32nd USENIX Security Symposium,

Anaheim, CA, August 2023.

ACM CCS

Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-Platform Ecosystem.

Feng Xiao, Zheng Yang, Joey Allen, Guangliang Yang, Grant Williams, Wenke Lee.

In Proceedings of the 29th ACM Conference on Computer and Communications Security,

Los Angeles, CA, November 2022.

ACM CCS

Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System.

Joey Allen, Zheng Yang, Matthew Landen, Raghav Bhat, Harsh Grover, Andrew Chang, Yang Ji, Roberto Perdisci, Wenke Lee.

In Proceedings of the 27th ACM Conference on Computer and Communications Security,

Virtual, November 2020.