I am a first-year Ph.D. student at the School of Cyber Science and Engineering, Wuhan University, advised by Prof. Juan Wang. My research mainly focuses on Trustworthy AI, especially privacy attacks/defenses in distributed learning paradigms
๐ฅ News
- 2025.03.01: ย One paper has been accepted by CVPR 2025 ๐๐.
- 2024.09.10: ย One paper has been accepted by COMPSAC 2024 ๐๐.
- 2024.04.28: ย Published vulnerability: CVE-2024-4291 ๐๐.
- 2024.04.26: ย The MV for โWanganjiDiโ has been released Audio ๐๐.
- 2024.03.03: ย One paper has been accepted by FGCS ๐๐.
- 2024.03.01: ย One paper has been accepted by CVPR 2024 ๐๐.
๐ Publications

From Head to Tail: Efficient Black-box Model Inversion Attack via Long-tailed Learning
Ziang Li, Hongguang Zhang, Juan Wang*, Meihui Chen, Hongxin Hu, Wenzhe Yi, Xiaoyang Xu, Mengda Yang, Chenjun Ma
- We introduce SMILE, an efficient black-box MIA. By combining long-tailed surrogate training and gradient-free black-box optimization, SMILE outperforms existing black-box MIAs with about 5% of the query overhead.

CCall: Recovering Indirect Call Targets from Binaries With Cross-Domain Fine-Tuning
Bin Weng, Yunru Wang, juan Wang*, Mengda Yang, Ziang Li, Fei Li
- We propose a novel cross-domain fine-tuning strategy based on domain adaptation, which can further study the semantics from the unlabeled test samples. This cross-domain finetuning strategy can also be applied in other AI-based downstream binary analysis tasks.

Penetralium: Privacy-preserving and memory-efficient neural network inference at the edge
Mengda Yang, Wenzhe Yi, Juan Wang*, Hongxin Hu, Xiaoyang Xu, Ziang Li
- Penetralium is a novel model inference system that we design to provide robust security for deep learning computation at the edge. Penetralium is created with system and algorithm co-design, and has little overhead and no impact on prediction accuracy.

A Stealthy Wrongdoer: Feature-Oriented Reconstruction Attack against Split Learning
Xiaoyang Xu, Mengda Yang, Wenzhe Yi, Ziang Li, Juan Wang, Hongxin Hu, Yong Zhuang, Yaxin Liu
- We propose a novel attack, named Feature-Oriented Reconstruction Attack (FORA). As far as we know, FORA is the first work enabling a semi-honest server to perform powerful DRA in more realistic and challenging SL systems.

GAN You See Me? Enhanced Data Reconstruction Attacks against Split Inference
Ziang Li, Mengda Yang, Yaxin Liu, Juan Wang*, Hongxin Hu, Wenzhe Yi, Xiaoyang Xu
- We propose GLASS and GLASS++, which are enhanced DRAs combined with pre-trained StyleGAN models. We conduct a systematic evaluation and comparison of various DRAs against seven defense mechanisms.

Measuring Data Reconstruction Defenses in Collaborative Inference Systems
Mengda Yang, Ziang Li, Juan Wang*, Hongxin Hu, Ao Ren, Xiaoyang Xu, Wenzhe Yi
- We are the first to experimentally verify the robustness of reconstruction defenses for inference data privacy in collaborative systems. We devise a technique called SFD against the existing defense mechanisms.

Juan Wang*, Chenjun Ma, Ziang Li, Huanyu Yuan, Jie Wang
- We present a framework for detecting process injection attacks called ProcGuard, which adopts API call chain analysis and deep learning.
๐ Honors and Awards
- 2024.11 Lei Jun Computer Science Graduate Scholarship
- 2023.11 DataCon2023 Big Data Security Analysis Competition - AI Security, Outstanding Team.
- 2023.11 DataCon2023 Big Data Security Analysis Competition - Email Security, Outstanding Team.
- 2022.10 The 1st Privacy Computing and Data Security Challenge, Second Prize.
- 2021.12 Wuhan Universityโs Outstanding Student Third-Class Scholarship.
- 2021.08 The 14th National College Student Information Security Competition - Works Competition, First Prize.
๐ Educations
- 2024.09 - (now), Wuhan University, Successive Master-Doctor Program (Ph.D. in progress) - SCHOOL OF CYBER SCIENCE AND ENGINEERING
- 2022.09 - 2024.06, Wuhan University, Successive Master-Doctor Program - SCHOOL OF CYBER SCIENCE AND ENGINEERING
- 2018.09 - 2022.06, Wuhan University, Bachelor of Engineering - SCHOOL OF CYBER SCIENCE AND ENGINEERING