I am a first-year Ph.D. student at the School of Cyber Science and Engineering, Wuhan University, advised by Prof. Juan Wang. My research mainly focuses on Trustworthy AI, especially privacy attacks/defenses in distributed learning paradigms

๐Ÿ”ฅ News

  • 2025.03.01: ย One paper has been accepted by CVPR 2025 ๐ŸŽ‰๐ŸŽ‰.
  • 2024.09.10: ย One paper has been accepted by COMPSAC 2024 ๐ŸŽ‰๐ŸŽ‰.
  • 2024.04.28: ย Published vulnerability: CVE-2024-4291 ๐ŸŽ‰๐ŸŽ‰.
  • 2024.04.26: ย The MV for โ€œWanganjiDiโ€ has been released Audio ๐ŸŽ‰๐ŸŽ‰. Watch the video
  • 2024.03.03: ย One paper has been accepted by FGCS ๐ŸŽ‰๐ŸŽ‰.
  • 2024.03.01: ย One paper has been accepted by CVPR 2024 ๐ŸŽ‰๐ŸŽ‰.

๐Ÿ“ Publications

CVPR 2025
sym

From Head to Tail: Efficient Black-box Model Inversion Attack via Long-tailed Learning

Ziang Li, Hongguang Zhang, Juan Wang*, Meihui Chen, Hongxin Hu, Wenzhe Yi, Xiaoyang Xu, Mengda Yang, Chenjun Ma

  • We introduce SMILE, an efficient black-box MIA. By combining long-tailed surrogate training and gradient-free black-box optimization, SMILE outperforms existing black-box MIAs with about 5% of the query overhead.
COMPSAC 2024
sym

CCall: Recovering Indirect Call Targets from Binaries With Cross-Domain Fine-Tuning

Bin Weng, Yunru Wang, juan Wang*, Mengda Yang, Ziang Li, Fei Li

  • We propose a novel cross-domain fine-tuning strategy based on domain adaptation, which can further study the semantics from the unlabeled test samples. This cross-domain finetuning strategy can also be applied in other AI-based downstream binary analysis tasks.
FGCS
sym

Penetralium: Privacy-preserving and memory-efficient neural network inference at the edge

Mengda Yang, Wenzhe Yi, Juan Wang*, Hongxin Hu, Xiaoyang Xu, Ziang Li

  • Penetralium is a novel model inference system that we design to provide robust security for deep learning computation at the edge. Penetralium is created with system and algorithm co-design, and has little overhead and no impact on prediction accuracy.
CVPR 2024
sym

A Stealthy Wrongdoer: Feature-Oriented Reconstruction Attack against Split Learning

Xiaoyang Xu, Mengda Yang, Wenzhe Yi, Ziang Li, Juan Wang, Hongxin Hu, Yong Zhuang, Yaxin Liu

  • We propose a novel attack, named Feature-Oriented Reconstruction Attack (FORA). As far as we know, FORA is the first work enabling a semi-honest server to perform powerful DRA in more realistic and challenging SL systems.
NeurIPS 2023
sym

GAN You See Me? Enhanced Data Reconstruction Attacks against Split Inference

Ziang Li, Mengda Yang, Yaxin Liu, Juan Wang*, Hongxin Hu, Wenzhe Yi, Xiaoyang Xu

  • We propose GLASS and GLASS++, which are enhanced DRAs combined with pre-trained StyleGAN models. We conduct a systematic evaluation and comparison of various DRAs against seven defense mechanisms.
NeurIPS 2022
sym

Measuring Data Reconstruction Defenses in Collaborative Inference Systems

Mengda Yang, Ziang Li, Juan Wang*, Hongxin Hu, Ao Ren, Xiaoyang Xu, Wenzhe Yi

  • We are the first to experimentally verify the robustness of reconstruction defenses for inference data privacy in collaborative systems. We devise a technique called SFD against the existing defense mechanisms.
TrustCom 2022
sym

ProcGuard: Process Injection Behaviours Detection Using Fine-grained Analysis of API Call Chain with Deep Learning

Juan Wang*, Chenjun Ma, Ziang Li, Huanyu Yuan, Jie Wang

  • We present a framework for detecting process injection attacks called ProcGuard, which adopts API call chain analysis and deep learning.

๐ŸŽ– Honors and Awards

  • 2024.11 Lei Jun Computer Science Graduate Scholarship
  • 2023.11 DataCon2023 Big Data Security Analysis Competition - AI Security, Outstanding Team.
  • 2023.11 DataCon2023 Big Data Security Analysis Competition - Email Security, Outstanding Team.
  • 2022.10 The 1st Privacy Computing and Data Security Challenge, Second Prize.
  • 2021.12 Wuhan Universityโ€™s Outstanding Student Third-Class Scholarship.
  • 2021.08 The 14th National College Student Information Security Competition - Works Competition, First Prize.

๐Ÿ“– Educations

  • 2024.09 - (now), Wuhan University, Successive Master-Doctor Program (Ph.D. in progress) - SCHOOL OF CYBER SCIENCE AND ENGINEERING
  • 2022.09 - 2024.06, Wuhan University, Successive Master-Doctor Program - SCHOOL OF CYBER SCIENCE AND ENGINEERING
  • 2018.09 - 2022.06, Wuhan University, Bachelor of Engineering - SCHOOL OF CYBER SCIENCE AND ENGINEERING