Mingming Zha

Mingming Zha

I am a Ph.D. student in the computer science at Indiana University Bloomington advised by Prof. Xiaofeng Wang.

My work has been published in top-tier security conferences (such as IEEE S&P, CCS), and has generated real-world impact as countermeasures

My main research interest is Mobile Security, Program Analysis, AI Security. Here is my CV.

Education

09/2019 - now Indiana University, Ph.D. in Computer Science

09/2016 - 07/2019 Chinese Academy of Sciences, Master in Cyber Security

09/2012 - 07/2016 Beijing Jiaotong University, Bachelor in Information Security

Publications

[1] Zhi Li, Weijie Liu, Hongbo Chen, Xiaofeng Wang, Xiaojing Liao, Luyi Xing, Mingming Zha, Hai Jin, Deqing Zou, "Robbery on DevOps: Understanding and Mitigating Illicit Cryptomining on Continuous Integration Service Platforms", IEEE S&P'22, 2022 (Accepted)

[2] Yi Chen, Mingming Zha, Nan Zhang, Dandan Xu, Qianqian Zhao, Xuan Feng, Kan Yuan, Ya Su, Yuan Tian, Kai Chen, Xiaofeng Wang, Wei Zou, "Demystifying Hidden Privacy Settings in Mobile Apps", IEEE S&P’19, 2019. [PDF] (Accepted)

[3] Mingming Zha, Guozhu Meng, Chaoyang Lin, Zhe Zhou and Kai Chen. "RoLMA: A Practical Adversarial Attack against Deep Learning-based LPR Systems", Inscrypt’19, 2019. (Accepted)

[4] Tongxin Li, Xueqiang Wang, Mingming Zha, Kai Chen, XiaoFeng Wang, Luyi Xing, Xiaolong Bai, Nan Zhang, Xinhui Han, "Unleashing the Walking Dead: Understanding Cross-App Remote Infections on Mobile WebViews", CCS’17, 2017. [PDF] [Demo]

[5] Yeonjoon Lee, Tongxin Li, Nan Zhang, Soteris Demetriou, Mingming Zha, XiaoFeng Wang, Kai Chen, Xiaoyong Zhou, Xinhui Han and Michael Grace, "Ghost Installer in the Shadow: Security Analysis of App Installation on Android", DSN’17, 2017. [PDF]

[6] Mingming Zha, Wei Wang, "A system of monitoring and protecting Android privacy leakage", CTCIS’15 , 2015. (In Chinese) [PDF]

Keynote Talks

[1] 2015 4th National Summit Forum on Network Security: A system of monitoring Android privacy leakage. (XDef 2015)

[2] 2015 9th Chinese Conference on Trusted Computing and Information Security (CTCIS 2015)