This is Xin'an Zhou's permanent homepage. The homepage address is

Google Scholar

He is currently a third-year Computer Security PhD candidate at the University of California, Riverside.

His advisor is Prof. Zhiyun Qian.

Email: xinan.zhou at

Before that, he obtained his bachelor's degree in Software Engineering from Fudan University.

His undergraduate advisors were Prof. Zhemin Yang, Prof. Min Yang, and Prof. Yuan Zhang.


(9/14/2022) Our SADDNS team got one in-person poster accepted by ACM CCS 2022!

(8/31/2022) I advanced to candidacy for PhD!

(8/26/2022) I got one paper on IoT Security accepted by ACM CCS 2022!

I'm actively looking for internship opportunities in Summer 2023! Feel free to drop me an email at jobs at

I attended IEEE S&P '22 in person and delivered a short talk How to Own Website Accounts Using Weibo Single Sign-On Vulnerabilities.


[2] Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT
Xin'an Zhou, Jiale Guan, Luyi Xing, Zhiyun Qian
To appear at ACM CCS 2022.

[1] DNS Cache Poisoning Attack: Resurrections with Side Channels [PDF]
Keyu Man, Xinan Zhou, and Zhiyun Qian
In Proceedings of ACM CCS 2021.
Key Insight: Using ICMP as a side-channel to perform DNS Cache Poisoning Attacks.

Professional Services

Sub-reviewer: USENIX Security '21, IEEE S&P '21

Organizer: LGBTQIA+ and Allies Happy Hour at IEEE S&P '22

Volunteer: IEEE S&P '22







My successful Pwn2Own Austin 2021 debut


ETenal  Kyr1os


You can ask me for contact details to join the organization Queer in Security and Privacy. Just send me a direct message on Twitter.


"Was aus Liebe getan wird, geschieht immer jenseits von Gut und Böse. (What is done out of love always takes place beyond good and evil.)"

--Friedrich Nietzsche