Xin'an Emmanuel Zhou

This is Xin'an Emmanuel Zhou's permanent homepage. The homepage address is https://xinanzhou.com/

Google Scholar Mastodon Twitter

He is currently a fourth-year Computer Security PhD candidate at the University of California, Riverside.

His advisor is Prof. Zhiyun Qian.

Email: xinan.zhou at email.ucr.edu

Before that, he obtained his bachelor's degree in Software Engineering from Fudan University.

His undergraduate advisors were Prof. Zhemin Yang, Prof. Min Yang, and Prof. Yuan Zhang.

News

(7/14/2023) Nominated for The Pwnie Awards 2023 "Pwnie for Most Under-Hyped Research", for the research "Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT".

(7/11/2023) I am thankful for the USENIX Security '23 Diversity Grant.

(6/13/2023) I am thankful for the GREPSEC VI Workshop invitation and sponsorship.

(3/1/2023) Our work on Mobile-as-a-Gateway IoT has been accepted by Blackhat Asia 2023!

(11/7/2022) I attended ACM CCS '22 in person. Thank you my friends for the unforgettable memories together!

(10/9/2022) I'm joining the Artifact Evaluation Committee of Usenix Security '23. Welcome to submit your artifact!

(9/14/2022) Our SADDNS team got one in-person poster accepted by ACM CCS 2022!

(8/31/2022) I advanced to candidacy for PhD!

(8/26/2022) I got one paper on IoT Security accepted by ACM CCS 2022!

(6/10/2022) I obtained my Master's degree in Computer Science with 4.0 GPA.

(5/26/2022) I attended IEEE S&P '22 in person and delivered a short talk How to Own Website Accounts Using Weibo Single Sign-On Vulnerabilities.

Publications

[4] Dilemma in IoT Access Control: Revealing Novel Attacks and Design Challenges in Mobile-as-a-Gateway IoT [Link] [PDF]
Luyi Xing, Xin'an Zhou, Jiale Guan, Zhiyun Qian
Black Hat Asia 2023

[3] (An anonymous workshop paper)

[2] Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT [PDF] [Site]
Xin'an Zhou, Jiale Guan, Luyi Xing, Zhiyun Qian
Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security.
Pwnie Award Nomination for Most Under-hyped Research

[1] DNS Cache Poisoning Attack: Resurrections with Side Channels [PDF] [Site]
Keyu Man, Xin'an Zhou, and Zhiyun Qian
Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security.
Key Insight: Using ICMP as a side-channel to perform DNS Cache Poisoning Attacks.

Professional Services

Reviewer: USENIX Security '23 AEC

Sub-reviewer: USENIX Security '21, IEEE S&P '21, IEEE S&P '24

Organizer: LGBTQIA+ and Allies Happy Hour at IEEE S&P '22, Queer in Security and Privacy Social Hour at ACM CCS '22

Volunteer: IEEE S&P '22

Credits

Selected Awards