Zhiju (Zack) Yang

Assistant Professor at Seattle University

I am an assistant professor in the computer science department at Seattle University. Before joining Seattle University, I completed my Ph.D. study at Colorado School of Mines with a research focus on web security and privacy. I am also very interested in Web3 and blockchain security, including smart contract and blockchain auditing, malicious transaction detection, etc. Out of work and study, I am a baller. If you'd like, let's hoop together at SU or in Seattle.

Experiences

Department of Computer Science

Assistant Professor
Sept. 2021 - Now
Seattle University

Teaching: Computer Networks (CPSC 4510/5510), Security in Computing (CPSC 5710), Big Data Analytics (CPSC 5330), Programming & Problem Solving (CPSC 1430)

Research: Web security and privacy, Blockchain/Web3 security, ML/DL, NLP

WtaGraph: Web Tracking and Advertising Detection using Graph Neural Networks (Accepted at IEEE S&P 2022)

Data Scientist Intern
Feb. 2020 - May 2020
Appen, Bay Area, CA

We propose WtaGraph, a web tracking and advertising detection framework based on Graph Neural Networks (GNNs). We construct an attributed homogenous multi-graph (AHMG) that represents HTTP network traffic, and formulate web tracking and advertising detection as a task of GNN-based edge representation learning and classification in AHMG. Our proposed WtaGraph can detect tracking and advertising requests effectively and accurately. The paper of this project will appear in the IEEE Symposium on Security & Privacy, May 2022. Our paper and source code are available.
Technologies we used in this project: Graph Neural Networks, Python, JavaScript

JavaScript DeBloating and Automated CSP Deployment

CyberSecurity Intern
Dec. 2018 - May 2019
Accenture CyberSecurity R&D Lab
Washington, D.C.

We proposed a two-step approach to secure the web application via JavaScript debloating and automated CSP deployment. Given a web application, we first trim it at function level using our debloating framework, and then deploy CSP automatically on-the-fly via a web server reverse proxy.
Technologies we used in this project:JavaScript, Babel JavaScript Compiler, Apache Web Server, C++

A Measurement Study of Web Tracking on Mobile and Desktop Environments (Accepted at PETS2020)

Research Assistant
Aug. 2016 - Aug. 2021
Colorado School of Mines, U.S.

In this project, we investigated the web tracking practices on both mobile and desktop environments. we found that mobile web tracking has its unique characteristics, and it has become increasingly as prevalent as desktop web tracking. We released our tool here and our paper can be found here.
Technologies we used in this project: Java, JavaScript, Browser Extension

News Site Security Project

Ongoing project, details will be shown once papers are accepted. Would like to discuss it during an interview.

Effective Mobile Web User Fingerprinting via Motion Sensors (paper accepted by IEEE TrustCom 2018)

Motion sensors can be exploited by attackers as side-channels to compromise users’ security and privacy due to the unrestricted sensor data access on modern smartphone platforms. In this project, we investigate motion sensor based user fingerprinting attacks. We formulate our user fingerprinting attacks as a typical multi-class classification problem and design a framework for performing the attacks.
Technologies we used in this project: Machine Learning, Java, JavaScript, PHP

Information Security Level Evaluation Management System

Project Leader
2014 – 2015
Ocean University of China

To efficiently complete security assessment work of information system, we designed and developed this B/S platform to collaboratively work with our Information System Configuration Verification Tool. Assessment job is managed by this platform instead of by manual work before. Also, an assessment result can be generated electronically with this platform.
Technologies we used in this project: ASP.NET MVC, SQL Server, JavaScript

High Performance Packet Generator

Research Assistant
2014 – 2015
Ocean University of China

This HPPG project was designed and developed to get NIC working at full capacity for future use of DoS attack. To lessen interrupts as possible as we can, we let it run as a module in the kernel and for each different thread of HPPG a single processor was exclusively assigned to process it. Experimental results show that using HPPG, a 1 Gigabit Ethernet card can send packets 900 Mb/s.
Technologies we used in this project: C, Linux Kernel, Netfilter

Campus Restaurant Management Services Platform

Project Leader
2014 – 2015
Ocean University of China

To grab the opportunity of O2O(online to offline), our team designed and developed this B/S platform to establish connections between food restaurants around campus and students. That is restaurants provide their food services online and students can order foods both with this platform. It not only increased restaurants' sales but saved students' time successfully. We also applied for and gained computer software copyright from the Copyright Protection Center of China.
Technologies we used in this project: ASP.NET MVC, SQL Server, JavaScript

Information System Configuration Verification Tool

Research Assistant
2013 – 2014
Ocean University of China

After Regulations on Protection of Computer Information System Security of China Promulgated, our team designed and developed this C/S tool to automatically check whether the configuration of target whole information system satisfied the requirement of that regulation. My duty was to design and develop submodules including Cisco firewall, Cisco router and Windows 7.
Technologies we used in this project: ASP.NET WPF, GNS3, SQLite

Information System Security Level Assessment of Bank of Weifang

Research Assistant
2013 – 2014
Bank of Weifang

Invited by Bank of Weifang, we launched a comprehensive security assessment on system configuration for Bank of Weifang. Such an assessment including Operating System, Database, Firewall, Router, Application and Physical security assessment. My duty was to check the security configurations on Firewall and Router.

Education

2016-2021

Doctoral Degree

Colorado School of Mines

Major: Computer Science

Under the supervision of Dr. Chuan Yue, my research mainly focus on: 1) web, mobile, and cloud systems security, 2) usable security and privacy, 3) vulnerability measurement and analysis.

2013-2016

Master Degree

Ocean University of China

Major: Computer Science

Under the supervision of Dr. Haipeng Qu, my research mainly focuses on cyber security. I received my Master degree with a graduate thesis titled "Research on Networking Troubleshooting Method Based on Software Defined Network", in which I proposed a new method for troubleshooting in SDN.

Professional Skills

Top Skills

After my first internship at Accenture R&D Lab, I realized that I am a newbie to all these techniques listed below and more.
Gladly, I found myself have great enthusiasm and learning-ability on the new stuff.

100%

Enthusiasm

Expert, +∞
90%

Java

Newbie, 6 years
90%

Javascript

Newbie, 6 years
92%

C#

Newbie, 5 years
91%

C/C++

Newbie, 5 years
80%

Python

Newbie, 5 years

Other Skills

Nodejs Android Express HTML CSS
Git PHP Burp Suite Kali Linux MongoDB Apache

Publications

Honors

  • First Place, Tyler Technologies Virtual Coding Competition,  Nov. 2020 [Code]
  • First Place, Tyler Technologies 2017 Coding Competition at Mines,  Jan. 2017
  • First Place, JavaScript Games Hackathon at Colorado School of Mines,  Nov. 2016