yuqing DOT yang AT cispa DOT de
ORCID DBLP Google Scholar Twitter
|
Willkommen! I am a postdoctoral researcher (2025 ~ ) in CISPA Helmholtz Center for Information Security. I am also an Invited Expert of the W3C Miniapp Working Group.
I obtained my PhD in April, 2025 from OSU. During my PhD (2021 ~ 2025), I was advised by Prof. Zhiqiang Lin, working closely with Dr. Yue Zhang and Dr. Chaoshun Zuo. I have also been privileged to collaborate with Prof. Shinan Liu at Hong Kong University, Prof. Yan Long at Boston University, and Prof. Yan Shoshitaishvili at ASU. Now in CISPA, I collaborate with Dr. Giancarlo Pellegrino, Dr. Maximilian Golla and Dr. Sven Burgiel.
My research lies in Web and Mobile Security. Particularly, I perform security analysis and measurement for Complex Mobile and Web Systems, including Super Apps, Mobile Apps, and Web Agentic Services.
I am on the job market! I am looking for faculty positions of the 2026 - 2027 academic year. |
|
Publications
-
[WWW'26] Real or Rogue? Detecting Malicious Miniapps with Deceptive Reporting Interface.
[pdf]
Yuqing Yang, Zhiqiang Lin.
To appear in The ACM Web Conference (WWW), 2026. -
[IEEE S&P Magazine] The Rise of Miniapps: A New Frontier with Security Challenges in Mobile Apps.
[bib] [pdf]
Yuqing Yang, Chao Wang, Zhiqiang Lin.
IEEE Security & Privacy, 2026 -
[SaTS'25 @ CCS] Stealthy Trackers: Uncovering Permission-less Fingerprinting in WeChat Miniapps.
[bib] [pdf]
Yuqing Yang, Zhiqiang Lin.
The 3rd ACM Workshop on Security and Privacy of AI-Empowered Mobile Super Apps (SaTS @ CCS), 2025
Distinguished Paper Award -
[WiSec'25] ARMOUR US: Android Runtime Zero-permission Sensor Usage Monitoring from User Space.
[bib] [pdf]
Yan Long, Jiancong Cui, Yuqing Yang, Tobias Alam, Zhiqiang Lin, Kevin Fu.
The 18th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2025 -
[NDSS'25] Understanding the Miniapp Malware: Identification, Dissection, and Characterization.
[bib] [pdf]
Yuqing Yang, Yue Zhang, Zhiqiang Lin.
The Network and Distributed System Security Symposium (NDSS), 2025 -
[arxiv] SoK: Decoding the Super App Enigma: The Security Mechanisms, Threats, and Trade-offs in OS-alike Apps.
[pdf]
Yuqing Yang, Chao Wang, Yue Zhang, Zhiqiang Lin.
Arxiv preprint, 2024. -
[CCS'23] Don't Leak Your Keys: Understanding, Measuring, and Exploiting the AppSecret Leaks in Mini-Programs.
[bib] [pdf]
Yue Zhang, Yuqing Yang, Zhiqiang Lin.
The ACM Conference on Computer and Communications Security (CCS), 2023 -
[ICSE'23] TAINTMINI: Detecting Flow of Sensitive Data in Mini-Programs with Static Taint Analysis.
[pdf] [bib] [code]
Chao Wang, Ronny Ko, Yue Zhang, Yuqing Yang, Zhiqiang Lin.
The International Conference on Software Engineering (ICSE), 2023 -
[CCS'22b] Cross Miniapp Request Forgery: Root Causes, Attacks, and Vulnerability Detection.
[bib] [pdf] [slides] [code]
Yuqing Yang, Yue Zhang, Zhiqiang Lin.
The ACM Conference on Computer and Communications Security (CCS), 2022 -
[CCS'22a] Detecting and Measuring Misconfigured Manifest in Android Apps.
[bib] [pdf] [slides]
Yuqing Yang, Mohamed Elsabagh, Chaoshun Zuo, Ryan Johnson, Angelos Stavrou, Zhiqiang Lin.
The ACM Conference on Computer and Communications Security (CCS), 2022 -
[SIGMETRICS'21] A measurement study of Wechat Mini-apps.
[bib] [pdf] [code]
Yue Zhang, Bayan Turkistani, Allen Yuqing Yang, Chaoshun Zuo, Zhiqiang Lin.
The ACM SIGMETRICS/International Conference on Measurement and Modeling of Computer Systems(SIGMETRICS), 2021.
Talks and Slides
Academic Services
Organization Committee Member:
Technical Program Committee (TPC) Member:
Other Reviewer Services:
Teaching Services
Teaching Assistant.
Lecture series invited by Feng Liu on cybersecurity and CTF contest.
Lectures invited by Jian Chen on CTF, Committee and organizer of 3rd NJU TrinityCTF contest in 2020.
Joined the TA team while taking the course, revised the lab guide
Lectures invited by Jian Chen on CTF, Committee and organizer of 2nd NJU TrinityCTF contest in 2019.