Yang Ronghai bio photo

杨荣海

深信服天问AI部负责人

邮箱 Twitter Facebook Github

科研成果

研究方向

  • 网络安全
  • AI安全与AI赋能安全
  • 防御技术

学术论文

  • Ronghai Yang, Xianbo Wang, Kaixuan Luo, Xin Lei, Ke Li, Jiayuan Xin and Wing Cheong Lau, "SWIDE: A Semantic-aware Detection Engine for Successful Web Injection Attacks". ACM CCS, 2024.

  • Ronghai Yang, Xin Lei, and Jiayuan Xin, "Beyond Generation: Detecting Zero-Day Web Attacks via Security-GPT". GeekCon 2023 (Frontier Breakthrough Award).

  • Shangcheng Shi, Xianbo Wang, Kyle Zeng, Ronghai Yang, Wing Cheong Lau, "An Empirical Study on Mobile Payment Credential Leaks and Their Exploits". SecureComm, 2021.

  • Ronghai Yang, Xianbo Wang, Cheng Chi, Dawei Wang, Jiawei He, Shiming Pang, and Wing Cheong Lau, "Scalable Detection of Promotional Website Defacements in Black Hat SEO Campaigns," USENIX Security Symposium, Aug 2021.

  • Xianbo Wang, Wing Cheong Lau, Yikang Chen, Shangcheng Shi, Ronghai Yang, "Fingerprint-jacking: Practical Fingerprint Authorization Hijacking in Android Apps," BlackHat Europe Briefings, Dec 2020.

  • Xianbo Wang, Wing Cheong Lau, Shangcheng Shi, Ronghai Yang, "Make Redirection Evil Again – URL Parser Issues in OAuth," Black Hat Asia, Mar 2019.

  • Ronghai Yang, Wing Cheong Lau, Jiongyi Chen, Kehuan Zhang, "Vetting Single-Sign-On SDK Implementations via Symbolic Reasoning," in the 27th USENIX Security Symposium, Aug 2018. (Internet Defense Prize 2018 from USENIX and Facebook).

  • Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, XiaoFeng Wang, Wing Cheong Lau, Menghan Sun, Ronghai Yang and Kehuan Zhang, "IoTFuzzer: Discovering Memory Corruptions in IoT through App-based Fuzzing," NDSS, Feb 2018.

  • Ronghai Yang, Wing Cheong Lau and Shangcheng Shi, "Breaking and Fixing Mobile App Authentication with OAuth2.0-based Protocols," ACNS, 2017.

  • Ronghai Yang, Wing Cheong Lau and Tianyu Liu, "Signing into One Billion Mobile App Accounts Effortlessly with OAuth2.0," Black Hat Europe, London, 2016.

  • Ronghai Yang, Guancheng Lee, Wing Cheong Lau, Kehuan Zhang and Pili Hu, "Model-based Security Testing: an Empirical Study on OAuth 2.0 Implementations," AsiaCCS, Xi'an, 2016.

  • Huanle Xu*, Ronghai Yang*, Zhibo Yang and Wing Cheong Lau, "Solving Large Graph Problems in MapReduce-Like Frameworks via Optimized Parameter Configuration," ICA3PP, 2015.

  • Pili Hu*, Ronghai Yang*, Yue Li and Wing Cheong Lau, "Application Impersonation: Problems of OAuth and API Design in Online Social Networks," ACM COSN, Dublin, Oct. 2014.

  • Ronghai Yang, Pili Hu and Wing Cheong Lau, "Model-based Testing for Security Flaw Detection in OAuth2.0 (Poster)," ACM COSN, Dublin, Oct. 2014.

科研项目

  • 项目负责人,深圳市重点科技创新项目:面向大数据平台的数据要素化安全防护技术研发及应用(项目编号:重202403011,经费:2000万元),2024年

  • 课题负责人,广东省重点领域研发计划项目:新一代人工智能专项·核心算法与数据安全 - 多模态大模型安全体系研究及应用(经费:1000万元),2025年

* These authors contributed equally to this work.