Cao, Yinzhi

Assistant Professor
Computer Science
https://scholar.google.com/citations?user=0jBP_aEAAAAJ&hl=en

Malone Hall 305
yinzhi.cao@jhu.edu

Jump to:

News

WSE In The News
11/15/18: These legislators preach internet privacy, but they still use website tools that snoop, CS/ISI’s Yinzhi Cao, Miami Herald

November 16, 2018

Miami Herald reports that dozens of lawmakers in Congress use tracking tools on their websites to collect personal information about online visitors, despite the fact that those lawmakers are often vocal critics of privacy practices employed by social media companies like Facebook. Yinzhi Cao, assistant professor of computer science, is quoted.

Visit Site

About

Education
  • Ph.D. 2014, Northwestern University
Experience
  • 2015 - 2018:  Assistant Professor, Lehigh University
  • 2014 - 2015:  Postdoc, Columbia University
Research Areas
  • Computer System Security
  • Machine Learning Security
  • Web Security

Publications

Journal Articles
  • Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu (2017).  Deterministic Browser.  CoRR.  abs/1708.06774.
  • Kexin Pei, Yinzhi Cao, Junfeng Yang, Suman Jana (2017).  Towards Practical Verification of Machine Learning: The Case of Computer Vision Systems.  CoRR.  abs/1712.01785.
  • Kexin Pei, Yinzhi Cao, Junfeng Yang, Suman Jana (2017).  DeepXplore: Automated Whitebox Testing of Deep Learning Systems.  CoRR.  abs/1705.06640.
  • Zhao Y, Cao Y, Chen Y, Zhang M, Goyal A (2013).  Rake: Semantics Assisted Network-Based Tracing Framework..  IEEE Transactions on Network and Service Management.  10.  3-14.
  • Yao Zhao, Yinzhi Cao, Yan Chen, Ming Zhang, Anup Goyal (2013).  Rake: Semantics Assisted Network-Based Tracing Framework.  IEEE Trans. Network and Service Management.  10.  3--14.
Conference Proceedings
  • Shujiang Wu, Cao Y, Song Li, Ningfei Wang (2019).  Rendered Private: Uniformizing GLSL Execution to Prevent Browser Fingerprinting that Relies on WebGL Rendering Results.  USENIX Security 2019.
  • Zhiheng Liu, Zhen Zhang, Cao Y, Zhaohan Xi, Shihao Jing, Humberto La Roche (2018).  Towards a Secure Zero-rating Framework with Three Parties.  USENIX Security 2018.
  • Xiang Pan, Cao Y, Xuechao Du, Boyuan He, Gan Fang, Yan Chen (2018).  FlowCog: Context-aware Semantics Extraction and Analysis of Information Flow Leaks in Android Apps.  USENIX Security 2018.
  • Yinzhi Cao, Alexander Fangxiao Yu, Andrew Aday, Eric Stahl, Jon Merwine, Junfeng Yang (2018).  Efficient Repair of Polluted Machine Learning Systems via Causal Unlearning.  Proceedings of the 2018 on Asia Conference on Computer and Communications Security, AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018.  735--747.
  • Yinzhi Cao, Zhanhao Chen, Song Li, Shujiang Wu (2017).  Deterministic Browser.  Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017.  163--178.
  • Kexin Pei, Yinzhi Cao, Junfeng Yang, Suman Jana (2017).  DeepXplore: Automated Whitebox Testing of Deep Learning Systems.  Proceedings of the 26th Symposium on Operating Systems Principles, Shanghai, China, October 28-31, 2017.  1--18.
  • Yinzhi Cao, Song Li, Erik Wijmans (2017).  (Cross-)Browser Fingerprinting via OS and Hardware Level Features.  24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26 - March 1, 2017.
  • Xiang Pan, Yinzhi Cao, Shuangping Liu, Yu Zhou, Yan Chen, Tingzhe Zhou (2016).  CSPAutoGen: Black-box Enforcement of Content Security Policy upon Real-world Websites.  Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016.  653--665.
  • Xiang Pan, Yinzhi Cao, Yan Chen (2015).  I Do Not Know What You Visited Last Summer - Protecting users from third-party web tracking with TrackingFree browser.  NDSS.
  • Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna, Yan Chen (2015).  EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework.  NDSS.
  • Yinzhi Cao, Xiang Pan, Yan Chen (2015).  SafePay: Protecting against credit card forgery with existing magnetic card readers.  2015 IEEE Conference on Communications and Network Security, CNS 2015, Florence, Italy, September 28-30, 2015.  164--172.
  • Xiang Pan, Yinzhi Cao, Yan Chen (2015).  I Do Not Know What You Visited Last Summer: Protecting users from stateful third-party web tracking with TrackingFree browser.  22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8-11, 2015.
  • Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, Yan Chen (2015).  Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android.  Security and Privacy in Communication Networks - 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers.  256--276.
  • He B, Rastogi V, Cao Y, Chen Y, Venkatakrishnan V, Yang R, Zhang Z (2015).  Vetting SSL Usage in Applications with SSLint.  Proceedings of the 36th IEEE Symposium on Security and Privacy (Oakland).
  • Yinzhi Cao, Junfeng Yang (2015).  Towards Making Systems Forget with Machine Unlearning.  Proceedings of the 2015 IEEE Symposium on Security and Privacy.
  • Yinzhi Cao, Chao Yang, Vaibhav Rastogi, Yan Chen, Guofei Gu (2014).  Abusing Browser Address Bar for Fun and Profit - An Empirical Investigation of Add-on Cross Site Scripting Attacks.  Proceedings of the 10th International Conference on Security and Privacy in Communication Networks (SecureComm'14).
  • Yinzhi Cao, Xiang Pan, Yan Chen, Jianwei Zhuge (2014).  JShield: towards real-time and vulnerability-based detection of polluted drive-by download attacks.  Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8-12, 2014.  466--475.
  • Yinzhi Cao, Yan Shoshitaishvili, Kevin Borgolte, Christopher Krügel, Giovanni Vigna, Yan Chen (2014).  Protecting Web-Based Single Sign-on Protocols against Relying Party Impersonation Attacks through a Dedicated Bi-directional Authenticated Secure Channel.  Research in Attacks, Intrusions and Defenses - 17th International Symposium, RAID 2014, Gothenburg, Sweden, September 17-19, 2014. Proceedings.  276--298.
  • Lu X, Zhuge J, Wang R, Cao Y, Chen Y (2013).  De-obfuscation and Detection of Malicious PDF Files with High Accuracy.  Proceedings of the 2013 46th Hawaii International Conference on System Sciences.  IEEE Computer Society.  4890--4899.
  • Yinzhi Cao, Vaibhav Rastogi, Zhichun Li, Yan Chen, Alex Moshchuk (2013).  Redefining Web Browser Principals with a Configurable Origin Policy.  DSN.
  • Yinzhi Cao, Vinod Yegneswaran, Phil Porras, Yan Chen (2012).  PathCutter: Severing the Self-Propagation Path of XSS JavaScript Worms in Social Web Networks.  NDSS.
  • Cao Y, Li Z, Rastogi V, Chen Y, Wen X (2012).  Virtual browser: a virtualized browser to sandbox third-party JavaScripts with enhanced security.  Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security.  ACM.  8--9.
  • Zhichun Li, Yi Tang, Yinzhi Cao, Vaibhav Rastogi, Yan Chen, Bin Liu, Clint Sbisa (2011).  WebShield: Enabling Various Web Defense Techniques without Client Side Modifications.  NDSS.
  • Yinzhi Cao, Vinod Yegneswaran, Phillip A. Porras, Yan Chen (2011).  Poster: a path-cutting approach to blocking XSS worms in social web networks.  Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17-21, 2011.  745--748.
  • Yao Zhao, Yinzhi Cao, Yan Chen, Ming Zhang, Anup Goyal (2011).  Rake: Semantics assisted network-based tracing framework.  19th International Workshop on Quality of Service, IWQoS 2011, San Jose, California, USA, 6-7 June 2011..  1--9.
  • Yinzhi Cao, Zhichun Li, Vaibhav Rastogi, Yan Chen (2010).  Virtual browser: a web-level sandbox to secure third-party JavaScript without sacrificing functionality.  Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, October 4-8, 2010.  654--656.
Back to top