Department of Information Engineering, The Chinese University of Hong Kong
Email: dw013 [AT] ie.cuhk.edu.hk
Address: Rm 726, Ho Sin-Hang Engineering Building, CUHK
I am a Ph.D candidate in Department of Information Engineering at The Chinese University of Hong Kong, under the supervision of Prof. Kehuan Zhang and Prof. Minghua Chen (co-supervisor). Before joining CUHK, I ever worked / interned in EMC Labs China, Syniverse Technologies and City University of Hong Kong. I also work closely with Dr. Zhou Li of RSA Laboratories. My research areas include system security, mobile security, vulnerability analysis, etc. I am a member of System Security Lab of CUHK.
Aug 2013 - present: Ph.D. in Information Engineering, supervised by Prof. Kehuan Zhang, The Chinese University of Hong Kong, Hong Kong
Sep 2016 - Jan 2017: Visiting Ph.D. Student, supervised by Prof. XiaoFeng Wang, Indiana University, Bloomington, IN, USA
Sep 2010 - Jun 2011: M.Sc. in Information Engineering, The Chinese University of Hong Kong, Hong Kong
Sep 2006 - Jun 2010: B.Sc. in Information Security, Shandong University, Jinan, China
Feb 2013 - Jul 2013: Research Assistant, supervised by Prof. Cong Wang, City University of Hong Kong, Hong Kong.
Nov 2011 - Jan 2013: System Application Engineer, Syniverse Technologies AP, Hong Kong.
Jun 2011 - Sep 2011: Software Engineer Intern, EMC Labs China, Shanghai, China.
Zhe Zhou, Wenrui Diao, Xiangyu Liu, Zhou Li, Kehuan Zhang, and Rui Liu. Vulnerable GPU Memory Management: Towards Recovering Raw Data from GPU. The 17th Privacy Enhancing Technologies Symposium (PETS’17), Minneapolis, MN, USA. July 2017.
Wenrui Diao, Xiangyu Liu, Zhou Li, and Kehuan Zhang. Evading Android Runtime Analysis Through Detecting Programmed Interactions. The 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec’16), Darmstadt, Germany. July 2016. [PDF]
Wenrui Diao, Xiangyu Liu, Zhou Li, and Kehuan Zhang. No Pardon for the Interruption: New Inference Attacks on Android Through Interrupt Timing Analysis. The 37th IEEE Symposium on Security and Privacy (IEEE S&P’16), San Jose, CA, USA. May 2016. [PDF] [Presentation]
Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, and Kehuan Zhang. When Good Becomes Evil: Keystroke Inference with Smartwatch. The 22nd ACM Conference on Computer and Communications Security (CCS’15), Denver, CO, USA. October 2015.
Wenrui Diao, Xiangyu Liu, Zhe Zhou, Kehuan Zhang, and Zhou Li. Mind-Reading: Privacy Attacks Exploiting Cross-App KeyEvent Injections. The 20th European Symposium on Research in Computer Security (ESORICS’15), Vienna, Austria. September 2015. [PDF] [Demo]
Xiangyu Liu, Zhe Zhou, Wenrui Diao, Zhou Li, and Kehuan Zhang. An Empirical Study on Android for Saving Non-shared Data on Public Storage. The 30th IFIP International Information Security and Privacy Conference (IFIP SEC’15), Hamburg, Germany. May 2015. [Nominated for the Best Student Paper Award]
Wenrui Diao, Xiangyu Liu, Zhe Zhou, and Kehuan Zhang. Your Voice Assistant is Mine: How to Abuse Speakers to Steal Information and Control Your Phone. The 4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’14), Scottsdale, AZ, USA. November 2014. [PDF] [Demo] [Media Coverage: Yahoo! News, The Register, IBTimes, Help Net Security, Tom's Guide, cnBeta, Ta Kung Pao, Sing Tao Daily ]
Zhe Zhou, Wenrui Diao, Xiangyu Liu, and Kehuan Zhang. Acoustic Fingerprinting Revisited: Generate Stable Device ID Stealthily with Inaudible Sound. The 21st ACM Conference on Computer and Communications Security (CCS’14), Scottsdale, AZ, USA. November 2014.
IEEE Transactions on Information Forensics and Security
Journal of Network and Computer Applications (Elsevier)
Applied Computing and Informatics (Elsevier)
The Computer Journal (Oxford)
IEEE European Symposium on Security and Privacy (IEEE EuroS&P): 2017
ACM Conference on Computer and Communications Security (CCS): 2014, 2015, 2016
ACM Asia Conference on Computer and Communications Security (ASIACCS): 2016, 2017
EAI International Conference on Security and Privacy in Communication Networks (SecureComm): 2016
USENIX Workshop on Offensive Technologies (WOOT): 2016
Information Security Conference (ISC): 2014
International Conference on Security and Cryptography (SECRYPT): 2013
International Conference on Availability, Reliability and Security (ARES): 2013
IERG 4090 - Networking Protocols and Systems: 2016 Spring, 2017 Spring
IERG 4831 - Networking Laboratory I: 2016 Spring, 2017 Spring
IERG 3921 - Information Engineering Lab: 2015 Fall
IERG 4210 - Web Programming and Security: 2015 Spring
IERG 3310 - Computer Networks: 2014 Fall
IEMS 5710 - Cryptography, Information Security & Privacy: 2015 Spring
2016: IEEE S&P’16 Student Travel Grants
2012: Dean’s List 2010-2011, Faculty of Engineering, CUHK