I am an Associate Professor in the Department of Computer Science at George Mason University. I received my Ph.D. from Penn State University, and my bachelor's and master's degrees from Beihang University. I am the recipient of an NSF CAREER Award. The easiest way to contact me is through email at zeng (at) gmu.edu.
I am broadly interested in Systems, Software and AI Security. I currently work on the following topics.
- AI for Security
- Adversarial Machine Learning, LLM Security, AI Fairness
- Reverse Engineering, Binary Analysis, Malware
- Software Testing, Vulnerability Discovery, Attack Detection
- IoT Security and Privacy
- VR/AR Security and Privacy
- Authentication and Pairing
Our lab is actively recruiting PhD and Post-Doctoral Researchers. In addition to our research lab, I have founded an HBCU-GMU Collaborative Lab to promote Cybersecurity education.
Services (selected):
- General Chair: Information Security Conference (ISC), 2024
- Associate Editor: Journal of Computer Security (2023 -- )
- PC Member: CCS'24, USENIX Security'23, USENIX Security'22, NDSS'22, USENIX Security'21, NDSS'21
- Chair: the Admissions Committee for Computer Science Master's Degree Program at GMU
News:
04/04/24 Our work that enhances the security of a critical application used by billions of users everyday is accepted to USENIX Security'24.
03/01/24 A highly usable system, which authenticates drones using their noises without collecting any fingerprints, is to appear in IEEE Transactions on Mobile Computing.
06/01/23 We propose a new direction for NLP-inspired binary analysis. It is accepted to USENIX Security'23.
02/27/23 Our IoT fuzzing work that found over twenty zero-day vulnerabilities (six CVEs assigned) will be presented at MobiSys'23.
02/06/23 For the first time in the literature, we build a system that detects IoT interaction threats due to voice commands. It is also the first that detects cross-platform interaction threats and the first that provides threat-tailored handling. It is accepted to USENIX Security'23.
07/11/22 We spent over three years building an AI-based implicit authentication system for everyday objects (such as doors, cabinets, and guns). It is the first of its kind in the literature. Today, it is accepted to UbiComp'22.
06/24/22 I am promoted to be a Tenured Associate Professor at UofSC (effective 8/16/22).
06/09/22 Our paper that presents innovative drone authentication through a Smile is accepted to MobiCom'22.
05/11/22 I received the Junior Researcher (Assistant or Associate Professor) Award of our department.
03/14/22 Being the first in the literature, our work builds a secure and usable authentication system for drone delivery, which will be presented at MobiSys'22.
03/14/22 Our work that presents novel IoT attacks, acknowledged by Google, Ring and SimpliSafe, is accepted to DSN'22 (acceptance rate: 49/262=18.7%).
12/14/21 I received an NSF CAREER Award.
11/06/21 Our work revealing novel attacks with impacts on billions of IoT devices is accepted to S&P'22.
08/28/21 Our paper that presents the first smart app fuzzing system in the literature is accepted to ACSAC'21.
08/12/21 My fourth-year PhD student, Fei Zuo, passed his dissertation defense. Congratulations, Fei!
07/02/21 Our work that protects IoT privacy against sniffing attacks is accepted to RAID'21.
05/18/21 Our Medium proposal about IoT research in multi-platform environments is funded by NSF.
12/22/20 Our work that protects the privacy of smart home users from IoT platforms without impairing home automation is accepted to NDSS'21.
10/24/20 Our work that detects adversarial examples simply by erasing and restoring some randomly selected pixels is accepted to AsiaCCS'21 (acceptance rate 18.5% in Round One).
09/30/20 Our work that detects IoT attacks and malfunctions without modifying IoT firmware is accepted to USENIX Security'21 .
08/17/20 Our work about attacking graph-based classification is accepted to ACSAC'20.
07/28/20 Our work about secure and usable IoT pairing is accepted to CCS'20.
07/09/20 Our Medium proposal about building IoT Testbeds is funded by NSF.
03/04/20 Our work that, being the first in the literature, systematically categorizes and detects cross-app interference threats in appified smart environments is accepted to DSN'20 (acceptance rate 16.5%).
07/11/19 A novel IoT authentication work is accepted to MobiCom'19.
05/29/19 AEPecker, which not only detects adversarial examples but also rectifies the classification results, is accepted to RAID'19.
03/04/19 Our work that detects audio adversarial examples at accuracies over 99% is accepted to DSN'19.
03/04/19 Our work that can automatically patch for (almost) ALL heap vulnerabilities without changing the binary code is accepted to DSN'19.
11/06/18 Our work that pioneers the direction of Natural Language Processing Inspired Binary Code Analysis is accepted to NDSS'19.
10/01/18 Our proposal about Insecurity Analysis of Middleware on Mobile Platforms is funded by NSF.