Selected Papers

The full list can be found from my google scholar

• _{[2025] Try to Poison My Deep Learning Data? Nowhere to Hide Your Trajectory Spectrum!
  Yansong Gao, Huaibing Peng, Hua Ma, Zhi Zhang (corresponding author), Shuo Wang, Rayne Holland, Anmin Fu, Minhui Xue, and Derek Abbott.
  The Network and Distributed System Security Symposium}
  

• _{[2024] Watch Out! Simple Horizontal Class Backdoor Can Trivially Evade Defense
  Hua Ma, Shang Wang, Yansong Gao, Zhi Zhang, Huming Qiu, Minhui Xue, Alsharif Abuadbba, Anmin Fu, Surya Nepal, Derek Abbott
  ACM Conference on Computer and Communications Security (AR: 16.9%)}
  

• _{[2024] SoK: Rowhammer on Commodity Operating Systems
  Zhi Zhang, Decheng Chen, Jiahao Qi, Yueqiang Cheng, Shijie Jiang, Yiyang Lin, Yansong Gao, Surya Nepal, Yi Zou, Jiliang Zhang, Yang Xiang
  ACM ASIA Conference on Computer and Communications Security (AR: 19%)}
  

• _{[2024] ThermalScope: A Practical Interrupt Side Channel Attack Based on Thermal Event Interrupts
  Xin Zhang, Zhi Zhang (co-first author), Qingni Shen, Wenhao Wang, Yansong Gao, Zhuoxi Yang and Zhonghai Wu
  ACM/IEEE Design Automation Conference (AR: 23%)}
  

• _{[2024] SegScope: Probing Fine-grained Interrupts via Architectural Footprints
  Xin Zhang, Zhi Zhang (co-first author), Qingni Shen, Wenhao Wang, Yansong Gao, Zhuoxi Yang, Zhang Jiliang
  IEEE International Symposium on High-Performance Computer Architecture (AR: 18%)}
  

• _{[2024] Yes, One-Bit-Flip Matters! Universal DNN Model Inference Depletion with Runtime Code Fault Injection
  Shaofeng Li, Xinyu Wang, Minhui Xue, Haojin Zhu (corresponding author), Zhi Zhang (co-corresponding author), Yansong Gao, Wen Wu, Xuemin Shen
  USENIX Security (AR: 18.3%)}
  

• _{[2024] DeepTheft: Stealing DNN Model Architectures through Power Side Channel
  Yansong Gao, Huming Qiu, Zhi Zhang (corresponding author), Binghui Wang, Hua Ma, Alsharif Abuadbba, Minhui Xue, Anmin Fu, Surya Nepal
  IEEE Symposium on Security and Privacy (AR: 17.8%)}
  

• _{[2023] Towards a critical evaluation of robustness for deep learning backdoor countermeasures
  Huming Qiu, Hua Ma, Zhi Zhang, Alsharif Abuadbba, Wei Kang, Anmin Fu, Yansong Gao
  IEEE Transactions on Information Forensics and Security}
  

• _{[2023] NTD: Non-Transferability enabled Deep Learning Backdoor Detection
  Yinshan Li, Hua Ma, Zhi Zhang, Yansong Gao, Alsharif Abuadbba, Minhui Xue, Anmin Fu, Yifeng Zheng, Said F Al-Sarawi, Derek Abbott
  IEEE Transactions on Information Forensics and Security}
  

• _{[2023] MACAB: Model-Agnostic Clean-Annotation Backdoor to Object Detection with Natural Trigger in Real-World
  Hua Ma, Yinshan Li, Yansong Gao, Zhi Zhang, Alsharif Abuadbba, Anmin Fu, Said F Al-Sarawi, Nepal Surya, Derek Abbott
  International Symposium on Reliable Distributed Systems}
  

• _{[2023] Quantization backdoors to deep learning commercial frameworks
  Hua Ma, Huming Qiu, Yansong Gao, Zhi Zhang, Alsharif Abuadbba, Minhui Xue, Anmin Fu, Zhang Jiliang, Said Al-Sarawi, Derek Abbott
  IEEE Transactions on Dependable and Secure Computing}
  

• _{[2023] APMSA: Adversarial Perturbation against Model Stealing Attacks
  Jiliang Zhang, Shuang Peng, Yansong Gao, Zhi Zhang, Qinghui Hong
  IEEE Transactions on Information Forensics and Security}
  

• _{[2023] WhistleBlower: A System-level Empirical Study on RowHammer
  Wei He, Zhi Zhang (co-first author), Yueqiang Cheng, Wenhao Wang, Wei Song, Yansong Gao, Qifei Zhang, Kang Li, Dongxi Liu, Surya Nepal
  IEEE Transactions on Computers}
  

• _{[2022] CASSOCK: Viable Backdoor Attacks against DNN in the Wall of Source-Specific Backdoor Defenses (Distinguished Paper Award)
  Shang Wang, Yansong Gao, Anmin Fu, Zhi Zhang, Yuqing Zhang, Willy Susilo, Dongxi Liu
  ACM ASIA Conference on Computer and Communications Security (AR: 17%)}
  

• _{[2022] Implicit Hammer : Cross-Privilege-Boundary Rowhammer through Implicit Accesses
  Zhi Zhang, Wei He, Yueqiang Cheng, Wenhao Wang, Yansong Gao, Dongxi Liu, Kang Li, Surya Nepal, Anmin Fu, Yi Zou
  IEEE Transactions on Dependable and Secure Computing}
  

• _{[2022] PPA: Preference Profiling Attack Against Federated Learning
  Chunyi Zhou, Yansong Gao, Anmin Fu, Kai Chen, Zhiyang Dai, Zhi Zhang, Minhui Xue, Yuqing Zhang
  The Network and Distributed System Security Symposium (AR: 16.2%)}
  

• _{[2022] RBNN: Memory-Efficient Reconfigurable Deep Binary Neural Network with IP Protection for Internet of Things
  Huming Qiu, Hua Ma, Zhi Zhang, Yansong Gao, Yifeng Zheng, Anmin Fu, Pan Zhou, Derek Abbott, Said F. Al-Sarawi
  IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems}
  

• _{[2022] Meltdown-type attacks are still feasible in the wall of kernel page-Table isolation
  Yueqiang Cheng, Zhi Zhang (co-first author), Yansong Gao, Zhaofeng Chen, Shengjian Guo, Qifei Zhang, Rui Mei, Surya Nepal, Yang Xiang
  Computers & Security}
  

• _{[2022] SoftTRR: Protect Page Tables against Rowhammer Attacks using Software-only Target Row Refresh
  Zhi Zhang, Yueqiang Cheng, Minghua Wang, Wei He, Wenhao Wang, Surya Nepal, Yansong Gao, Kang Li, Zhe Wang, Chenggang Wu
  USENIX Annual Technical Conference (AR: 16.2%)}
  

• _{[2021] Evaluation and optimization of distributed machine learning techniques for internet of things
  Yansong Gao, Minki Kim, Chandra Thapa, Sharif Abuadbba, Zhi Zhang (corresponding author), Seyit Camtepe, Hyoungshick Kim, Surya Nepal
  IEEE Transactions on Computers}
  

• _{[2021] BitMine: An End-to-End Tool for Detecting Rowhammer Vulnerability
  Zhi Zhang, Wei He, Yueqiang Cheng, Wenhao Wang, Yansong Gao, Minghua Wang, Kang Li, Surya Nepal, Yang Xiang
  IEEE Transactions on Information Forensics and Security}
  

• _{[2021] Design and evaluation of a multi-domain trojan detection method on deep neural networks
  Yansong Gao, Yeonjae Kim, Bao Gia Doan, Zhi Zhang (corresponding author), Gongxuan Zhang, Surya Nepal, Damith Ranasinghe, Hyoungshick Kim
  IEEE Transactions on Dependable and Secure Computing}
  

• _{[2020] PThammer: Cross-user-kernel-boundary rowhammer through implicit accesses
  Zhi Zhang, Yueqiang Cheng, Dongxi Liu, Surya Nepal, Zhi Wang, Yuval Yarom
  IEEE/ACM International Symposium on Microarchitecture (AR: 19.3%)}
  

• _{[2020] DRAMDig: A knowledge-assisted tool to uncover dram address mapping
  Minghua Wang, Zhi Zhang (co-first author), Yueqiang Cheng, Surya Nepal
  ACM/IEEE Design Automation Conference (AR: 23%)}
  

• _{[2020] Detecting hardware-assisted virtualization with inconspicuous features
  Zhi Zhang, Yueqiang Cheng, Yansong Gao, Surya Nepal, Dongxi Liu, Yi Zou
  IEEE Transactions on Information Forensics and Security}
  

• _{[2019] CATTmew: Defeating software-only physical kernel isolation
  Yueqiang Cheng, Zhi Zhang (co-first author), Surya Nepal, Zhi Wang
  IEEE Transactions on Dependable and Secure Computing}
  

• _{[2018] KASR: a reliable and practical approach to attack surface reduction of commodity OS kernels
  Zhi Zhang, Yueqiang Cheng, Surya Nepal, Dongxi Liu, Qingni Shen, Fethi Rabhi
  International Symposium on Research in Attacks, Intrusions, and Defenses (AR: 22.0%)}