Zijing Yin

Master's Student Supervised by Prof. Yu Jiang

Software System Security Assurance Group

Tsinghua University [Wiki], Beijing, China

Research Interests:

Software Security
- Explored security issues in Web and IoT domains in the past
- Love to build practical frameworks to secure software
System Security
- Gradually engaged in some system security projects
- Willing to learn more in this field during my future study
Vulnerability Exploitation
- Familiar with common vulnerability exploitation techniques
- CTF team member focused on Web security
- Conducted several penetration testing projects

I am looking for a PhD position. I'll be thrilled if you're interested in my profile. Feel free to contact me!

Brief Research Introduction

My past projects are mainly in the software security field, and I am always excited to learn and explore system security research. I love building practical frameworks that can secure real-world software systems.

During my graduate studies, I mainly focused on the security issues in Web applications and IoT firmware. I implemented an IoT firmware safeguard framework that successfully defended against 15,423 malwares from online attackers spreading over 167 countries, and can be directly deployed on physical IoT devices with low overhead. My designed Web vulnerability detection framework effectively improves current Web scanners' performance, and discovered 8 previously-unknown high-risk vulnerabilities in large financial enterprise's websites.

During my spare time, I participated in Capture-The-Flag (CTF) competitions, and mainly focused on Web security in my team. I also led several Web penetration testing projects, and taught CTF classes to beginners at universities and some companies.

Selected Projects

Midas: Safeguarding IoT Devices Against Malware via Real-Time Behavior Auditing [PDF]

Yiwen Xu, Zijing Yin(co-first author), Yiwei Hou, Jianzhong Liu and Yu Jiang. International Conference on Embedded Software (EMSOFT'22)

A safeguard framework designed for Linux-based IoT devices to defend against malwares.
Midas’ real-time behavior auditing mechanism can monitor break-in programs’ suspicious behaviors based on our designed malware defense policy with low overhead, and aggregate malicious operations scattered among malwares’ multiple submodules with homology tracing to detect possible attack chains and constrain IoT malwares.
To demonstrate effectiveness, we deployed 60 virtual IoT devices worldwide, half were protected by Midas, and the other half were not. Midas successfully resisted 15,423 malwares from online attackers spreading over 167 countries, and reduced devices' compromised incidents by 343.1x. On benchmark samples, Midas achieves over 90% of the defense rates and low overhead.
Midas is tested on several physical devices and has great compatibility.

Scanner++: Enhanced Vulnerability Detection of Web Applications with Attack Intent Synchronization [PDF]

Zijing Yin, Yiwen Xu, Fuchen Ma, Haohao Gao, Lei Qiao, Yu Jiang. ACM Transactions on Software Engineering and Methodology (TOSEM)

A framework that improves web vulnerability detection by combining multiple scanners’ strategies.
With a proxy-based architecture, Scanner++ extracts and refines attack requests constructed by multiple scanners, then performs a run-time synchronization among base scanners to improve coverage, generate diverse attack vectors and achieve better detection performance.
Scanner++ increases the coverage of current scanners BurpSuite, AWVS, Arachni and ZAP by 15.26%, 37.14%, 59.21% and 68.54%, improves their unique payload amounts by 12.95x, 1.13x, 15.03x and 52.66x, and helps them detect 77, 55, 77, 176 more bugs on datasets.
Scanner++ found 8 previously-unknown high-risk vulnerabilities on major financial company's websites.

Empirical Study of System Resources Abused by IoT Attackers [PDF]

Zijing Yin, Yiwen Xu(co-first author), Chijin Zhou and Yu Jiang. IEEE/ACM International Conference on Automated Software Engineering (ASE'22)

Systematically summarized the system resource abuses of prevalent IoT attacks, analyzed their malicious intentions and further presented insights and defense strategies.
Designed and deployed high-interaction IoT honeypots, HoneyAsclepius, to record malicious behaviors and resource abuses in active attack sessions with low run-time costs.
Analyzed the gathered 11,301,239 malicious behaviors, estimated their temporal relations, explored the attackers’ mindset and provided practical defense approaches for file, network, process and special capability resource abuses.

Making Smart Contract Development More Secure and Easier [PDF]

Meng Ren, Fuchen Ma, Zijing Yin, Ying Fu, Huizhong Li, Wanli Chang, Yu Jiang. ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE)

A smart contract development platform that consists of security-reinforced code recommendations and integrated vulnerability testing.
The framework works as a VS-Code plugin, which can automatically recommend security-reinforced code snippets based on the context, and provides comprehensive security scrutiny with a simple click.
Responsible for developing the AST-based security reinforcement tool, data preprocessing and model training. Helped to implement the front-end plugin.