565net必赢客户端-www.565net|app手机版下载

南雨宏

565net必赢客户端副教授

https://nanyuhong.github.io/

个人简介：

南雨宏，副教授，硕士生导师。565net必赢客户端百人计划青年学术骨干，校青年拔尖人才。曾任美国普渡大学(Purdue University)计算机系博士后研究员，普渡CERIAS访问学者。博士毕业于复旦大学。博士期间曾获国家留学基金委资助，于美国印第安纳大学布卢明顿分校(Indiana University Bloomington)进行联合培养。

主要研究方向为系统软件安全及隐私保护。包括面向大模型、移动互联网生态、智能合约等平台的研究。研究成果发表于USENIX Security、ACM CCS，NDSS, ICSE, FSE，ASE, ISSTA等系统安全及软件工程领域顶级会议。主持国家自然科学基金、广东省新一代电子信息（半导体）重点领域专项、广东省自然科学基金（面上项目）等省部级项目，曾作为科研骨干参与国家 973 计划、美国政府及企业资助的多项研究。目前担任广东省区块链工程技术研究中心智能合约安全研发负责人，CCF珠海委员。担任ACM CCS 2024, ACM/IEEE ASE 2024, ASIACCS 2021, 2022, ICICS 2021, 2022等国际会议程序委员会委员。担任IEEE TIFS, TDSC, TOPS，TMC, TSE，EMSE等期刊审稿人。研究发现的安全及隐私问题多次获得来自Google、Meta (Facebook)、X (Twitter)、Slack、国内三大电信运营商（移动、联通、电信）等厂商的官方确认及致谢。

邮箱：

nanyh AT sysu.edu.cn

研究内容：

系统软件安全攻防

大模型辅助安全攻防
移动互联网生态安全（欺诈模式挖掘、误导交互模式检测）
区块链平台安全（跨合约、跨链漏洞检测）
协议安全（登录认证协议、通讯应用安全）

终端用户隐私保护

大模型应用隐私保护
数据脱敏
隐私合规检测
隐私泄露模式分析

招生：

每年招收2-3名硕士研究生；长期招收校内外本科生参与课题/项目实习。

课题组为科研表现优异的同学提供多种形式的国内/海外学术交流访问机会，为优秀硕士生提供硕转博衔接培养机会。欢迎具有推免资格及考研的同学通过邮件与我取得联系。

科研项目：

2022 - 2023：广东省新一代电子信息（半导体）重点领域专项，主持
2023 - 2025：国家自然科学基金青年科学基金项目，主持
2023 - 2025：广东省自然科学基金（面上项目），主持
2022 - 2023：565net必赢客户端青年拔尖科研人才培育项目，主持
2022 - 2023：阿里巴巴AIR创新基金，主持
2021 - 2022：565net必赢客户端青年教师团队培育项目，参与

指导学生获奖情况：

2023 第十六届全国大学生信息安全竞赛作品赛一等奖，三等奖，最具创新创业价值奖
2023 中国网络安全产业联盟网络安全优秀创新成果大赛总决赛提名奖
2023 粤港澳大湾区IT应用系统开发大赛二等奖
2023 广东省网络空间安全优秀论文三等奖
2023 美国大学生数学建模竞赛特等奖 (前0.17%)
2022 全国大学生数学建模竞赛广东省赛区二等奖
2022 国家信息安全漏洞共享平台 CNVD高危漏洞确认（共15项）
2022 DataCon 大数据安全分析竞赛，软件安全赛道优胜奖（8/135）

讲授课程：

2021 - 2024：SSE206/208 计算机网络（本科）
2021 - 2024：SSE5104 软件安全（研究生，本研贯通课程）

学术兼职：

程序委员会委员：

The ACM Conference on Computer and Communications Security (CCS) 2024，2025
The IEEE/ACM International Conference on Automated Software Engineering (ASE) 2024
ACM Asia Conference on Computer and Communications Security (ASIACCS) 2021, 2022
International Conference on Information and Communications Security (ICICS) 2021, 2022

期刊审稿人：

IEEE Transactions on Dependable and Secure Computing (TDSC).（CCF-A）
IEEE Transactions on Information Forensics and Security (TIFS). （CCF-A）
IEEE Transactions on Software Engineering (TSE).（CCF-A）
IEEE Transactions on Mobile Computing (TMC).（CCF-A）

荣誉奖项：

2023 浦江创新论坛 “青年先锋”称号（全国10人）
2020 CSAW Applied Security Research Competition Top-10 Finalist，CSAW, 北美
2020 USENIX WOOT 最佳论文奖
2018 ACM SIGSAC China 优秀博士论文奖
2018 复旦大学优秀博士毕业生
2015 百度奖学金（20万元，全球10人）, 百度在线网络技术有限公司

近五年代表性论文（四大安全会议*12）

[CCS 24] Understanding Cross-Platform Referral Traffic for Illicit Drug Promotion. Mingming Zha, Zilong Lin, Siyuan Tang, Xiaojing Liao, Yuhong Nan, XiaoFeng Wang. In Proceedings of the 31st ACM Conference on Computer and Communications Security, CCS’24. [Top] [CCF-A].
[CCS 24] Are We Getting Well-informed? An In-depth Study of Runtime Privacy Notice Practice in Mobile Apps. Shuai Li, Zhemin Yang, Yuhong Nan, Shutian Yu, Qirui Zhu, Min Yang. In Proceedings of the 31st ACM Conference on Computer and Communications Security, CCS’24. [Top] [CCF-A].
[IOTJ 24] Understanding Privacy Risks of Intelligent Connected Vehicles Through Their Companion Mobile Apps. Peifu Yang, Yuhong Nan, Lei Xue, Yuliang Zhang, Juan Zhai, Zibin Zheng. IEEE Internet Things Journal. 11(20): 33683-33695 (2024). [JCR-Q1]
[FSE 24] SmartAxe: Detecting Cross-Chain Vulnerabilities in Bridge Smart Contracts via Fine-Grained Static Analysis. Zeqin Liao, Yuhong Nan, Henglong Liang, Sicheng Hao, Juan Zhai, Jiajing Wu, Zibin Zheng. Proc. ACM Softw. Eng. 1(FSE): 249-270 (2024). [Top] [CCF-A].
[ISSTA 24] Midas: Mining Profitable Exploits in On-Chain Smart Contracts via Feedback-Driven Fuzzing and Differential Analysis. Mingxi Ye, Xingwei Lin, Yuhong Nan, Jiajing Wu, Zibin Zheng. ISSTA 2024: 794-805. [Top] [CCF-A].
[Security 24] MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning. Zian Jia, Yun Xiong, Yuhong Nan, Yao Zhang, Jinjing Zhao, Mi Wen. In Proceedings of the 33th USENIX Security Symposium (USENIX Security’24) [Top] [CCF-A].
[Security 24] Navigating the Privacy Compliance Maze: Understanding Risks with Privacy-Configurable Mobile SDKs. Yifan Zhang, Zhaojie Hu, Xueqiang Wang, Yuhui Hong, Yuhong Nan, XiaoFeng Wang, Jiatao Cheng, Luyi Xing. In Proceedings of the 33th USENIX Security Symposium (USENIX Security’24) [Top] [CCF-A].
[NDSS 24] Leaking the Privacy of Groups and More: Understanding Privacy Risks of Cross-App Content Sharing in Mobile Ecosystem. Jiangrong Wu, Yuhong Nan, Luyi Xing, Jiatao Cheng, Zimin Lin, Zibin Zheng, Min Yang. In proceedings of the 31th Network and Distributed System Security Symposium [Top] [CCF-A].
[ICSE 24] PrettySmart: Detecting Permission Re-delegation Vulnerability for Token Behaviors in Smart Contracts. Zhijie Zhong, Hong-Ning Dai, Zibin Zheng, Qing Xue, Junjia Chen, Yuhong Nan. In Proceedings of the 46th ACM/IEEE International Conference on Software Engineering [Top] [CCF-A].
[ASE 23] SmartCoco: Checking Comment-code Inconsistency in Smart Contracts via Constraint Propagation and Binding. Sicheng Hao, Yuhong Nan, Zibin Zheng, Xiaohui Liu. In Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering [Top] [CCF-A].
[Security 23] AIRTAG: Towards Automated Attack Investigation by Unsupervised Learning with Log Texts. Hailun Ding, Juan Zhai, Yuhong Nan and Shiqing Ma. In Proceedings of the 32th USENIX Security Symposium (USENIX Security’23) [Top] [CCF-A].
[Security 23] Are You Spying on Me? Large-Scale Analysis on IoT Data Exposure through Companion Apps. Yuhong Nan, Xueqiang Wang, Luyi Xing, Xiaojing Liao, Ruoyu Wu, Jianliang Wu, Yifan Zhang, and XiaoFeng Wang. In Proceedings of the 32th USENIX Security Symposium [Top] [CCF-A].
[ISSTA 22] SmartDagger: A Bytecode-based Static Analysis Approach for Detecting Cross-contract Vulnerability. Zeqin Liao, Zibin Zheng, Xiao Chen and Yuhong Nan. In Proceedings of the 31th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’22) [Top] [CCF A].
[Security 22] ProFactory: Improving IoT Security via Formalized Protocol Customization. Fei Wang, Jianliang Wu, Yuhong Nan, Yousra Aafer, Xiangyu Zhang, Dongyan Xu, and Mathias Payer. In Proceedings of the 31th USENIX Security Symposium (USENIX Security’22) [Top] [CCF A].
[NDSS 22] Hazard Integrated: Understanding Security Risks in App Extensions to Team Chat Systems. Mingming Zha, Jice Wang, Yuhong Nan, XiaoFeng Wang, Yuqing Zhang, and Weidong Jing. In Proceedings of the 29th Network and Distributed System Security Symposium (NDSS’22) [Top] [CCF A].
[DSN 22] SIMulation: Demystifying (Insecure) Cellular Network-based One-Tap Authentication Services. Ziyi Zhou, Xing Han, Zeyuan Chen, Yuhong Nan, Juanru Li, Dawu Gu. IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2022 [CCF B].
[NDSS 21] On the Insecurity of SMS One-Time Password Messages against Local Attackers in Modern Mobile Devices. Zeyu Lei, Yuhong Nan, Yanick Fratantonio and Antonio Bianchi. In Proceedings of the 28th Network and Distributed System Security Symposium (Acceptance ratio 15.2%), [Top] [CCF A].
[Security 21] Understanding Malicious Cross-library Data Harvesting on Android. Jice Wang, Yue Xiao, Xueqiang Wang, Yuhong Nan, Luyi Xing, Xiaojing Liao, Jinwei Dong, Nicolas Serrano, Haoran Lu, Xiaofeng Wang, and Yuqing Zhang. In Proceedings of the 30th USENIX Security Symposium [Top] [CCF-A].
[Security 21] ATLAS: A Sequence-based Learning Approach for Attack Investigation. Abdulellah Alsaheel, Yuhong Nan, Shiqing Ma, Le Yu, Gregory Walkup, Berkay Celik, Xiangyu Zhang and Dongyan Xu. In proceedings of the 30th USENIX Security Symposium [Top] [CCF-A]
[RAID 20] BlueShield: Detecting Spoofing Attacks in Bluetooth Low Energy (BLE) Networks. Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Mathias Payer, and Dongyan Xu. In Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses. (Acceptance ratio 25.6%=21/121) [CCF-B]
[WOOT 20] BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy. Jianliang Wu, Yuhong Nan, Vireshwar Kumar, Dave (Jing) Tian, Antonio Bianchi, Mathias Payer, and Dongyan Xu. In Proceedings of the 14th USENIX Workshop on Offensive Technologies.

南雨宏

快速链接