Jia Zhang (张甲)

副研究员
北京市海淀区清华大学FIT楼4-204,邮编:100084
zhangjia # cernet.edu.cn
zhangjia2017 # tsinghua.edu.cn

关于我

  • 我是清华大学网络科学与网络空间研究院的一名副研究员。我分别于2005年和2010年在山东大学和清华大学获得计算机科学与技术学士学位和博士学位。毕业后,我曾在政府信息安全管理部门、知名互联网公司以及大型网络安全公司工作,主要从事网络安全体系结构设计与网络安全协议设计方面的研究工作。

    2017年起,我回到清华大学网络科学与网络空间研究院,从事网络安全相关的研究工作。我具有超过10年的网络安全研究经验,部分研究成果已经在阿里巴巴和华为等知名IT企业得以运用。目前我主要的研究兴趣包括:网络协议脆弱性分析,互联网基础设施安全测量,网络异常行为检测,互联网地下产业检测等。

工作经历

  • 副研究员, 清华大学网络科学与网络空间研究院,中国,北京,2022-。
  • 助理研究员, 清华大学网络科学与网络空间研究院,中国,北京,2017–2022。
  • 高级研究员,卫士通信息产业有限公司,中国,北京,2015–2016。
  • 高级工程师,阿里巴巴集团,中国,北京,2014–2015。

教育经历

研究领域

  • 网络安全,协议脆弱性分析
  • 互联网基础设施(DNS、CDN、HTTP等)安全测量
  • 网络行为异常分析,加密流量智能化分析
  • 互联网地下产业检测

相关论文

会议论文

  1. Bounce in the Wild: A Deep Dive into Email Delivery Failures from a Large Service Provider
    Ruixuan Li, Shaodong Xiao, Baojun Liu, Yanzhong Lin, Haixin Duan, Qingfeng Pan, Jianjun Chen, Jia Zhang, Ximeng Liu, Xiuqi Lu, Jun Shao
    In the IMC 2024, Nov. 4-6, 2024
  2. TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
    Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li
    In the S&P 2024, May. 20-23, 2024
  3. Cross the Zone: Toward a Covert Domain Hijacking via Shared DNS Infrastructure
    Yunyi Zhang, Mingming Zhang, Baojun Liu, Zhan Liu, Jia Zhang, Haixin Duan, Min Zhang, Fan Shi, Chengxi Xu
    In the USENIX Security 2024, August 14–16, 2024
  4. Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild
    Yuqi Qing, Qilei Yin, Xinhao Deng, Yihao Chen, Zhuotao Liu, Kun Sun, Ke Xu, Jia Zhang, Qi Li
    In the NDSS 2024, Nov. 26-30, 2023
  5. Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild
    Zhenrui Zhang, Geng Hong, Xiang Li, Zhuoqun Fu, Jia Zhang*, Mingxuan Liu, Chuhan Wang, Jianjun Chen, Baojun Liu, Haixin Duan, Chao Zhang, Min Yang
    In the CCS 2023, Nov. 26-30, 2023
  6. Stolen Risks of Models with Security Properties
    Yue Qin, Zhuoqun Fu, Chuyun Deng, Xiaojing Liao, Jia Zhang, Haixin Duan
    In the CCS 2023, Nov. 26-30, 2023
  7. TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
    Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Haixin Duan, Jia Zhang, Jianjun Chen, Tao Wan
    In the CCS 2023, Nov. 26-30, 2023
  8. Encrypted Malware Traffic Detection via Graph-based Network Analysis
    Zhuoqun Fu, Mingxuan Liu, Yue Qin, Jia Zhang*, Yuan Zou, Qilei Yin, Qi Li, Haixin Duan
    In the RAID 2022, Oct. 26-28, 2022
  9. HDiff: A Semi-automatic Framework for Discovering Semantic Gap Attack in HTTP Implementations (最佳论文提名)
    Kaiwen Shen, Jianyu Lu, Yaru Yang, Jianjun Chen, Mingming Zhang, Haixin Duan, Jia Zhang*, Xiaofeng Zheng
    In the DSN 2022, June, 2022
  10. ValCAT: Variable-Length Contextualized Adversarial Transformations Using Encoder-Decoder Language Model
    Chuyun Deng, Mingxuan Liu, Yue Qin, Jia Zhang*, Haixin Duan, Donghong Sun
    In the Proceedings of the 2022 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies. (NAACL 2022), July 2022.
  11. Mingling of Clear and Muddy Water: Understanding and Detecting Semantic Confusion in Blackhat SEO
    Hao Yang, Kun Du, Yubao Zhang, Shuai Hao, Haining Wang, Jia Zhang*, Haixin Duan
    In the ESORICS 2021, Oct. 4-8, 2021
  12. On Evaluating Delegated Digital Signing of Broadcasting Messages in 5G
    Hui Gao, Yiming Zhang, Tao Wan, Jia Zhang*, Haixin Duan
    In the IEEE GLOBECOM 2021, December 2021, p 1-7
  13. CDN Backfired: Amplification Attacks Based on HTTP Range Requests (最佳论文)
    Weizhong Li, Kaiwen Shen, Run Guo, Baojun Liu, Jia Zhang*, Haixin Duan*, Shuang Hao, Xiarun Chen, Yao Wang
    In the 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020), VALÈNCIA, SPAIN, 29th June - 2th July, 2020
  14. CDN Judo: Breaking the CDN DoS Protection with Itself
    Run Guo, Weizhong Li, Baojun Liu, Shuang Hao, Jia Zhang*, Haixin Duan*, Kaiwen Shen, Jianjun Chen, Ying Liu
    In the 2020 Network and Distributed System Security Symposium (NDSS 2020), San Diego, CA, USA, Feb 2020
  15. Abusing CDNs for Fun and Profit: Security Issues in CDNs’ Origin Validation
    Run Guo, Jianjun Chen, Baojun Liu, Jia Zhang*, Chao Zhang*, Haixin Duan, Tao Wan, Jian Jiang, Shuang Hao, Yaoqi Jia
    In the 37th IEEE International Symposium on Reliable Distributed Systems (SRDS 2018), Bahia, Brazil, Oct 2018
  16. Measuring Privacy Threats in China-Wide Mobile Networks
    Mingming Zhang, Baojun Liu, Chaoyi Lu, Jia Zhang*, Shuang Hao, Haixin Duan
    In the 8th USENIX Workshop on Free and Open Communications on the Internet (FOCI 2018), 2018
  17. Analysis and Measurement of Zone Dependency in the Domain Name System
    Jian Jiang, Jia Zhang*, Haixin Duan, Kang Li, Wu Liu
    In 2018 IEEE International Conference on Communications (ICC 2018), Kansas, USA, 2018
  18. How to notify a vulnerability to the right person? Case study: in an ISP scope
    Jia Zhang, Haixin Duan, Wu Liu, Xingkun Yao
    In 2017 IEEE Global Communications Conference (Globecom 2017), Singapore, 2017
  19. Analysis of Anonymity in P2P Anonymous Communication Systems
    Jia Zhang,Haixin Duan,Wu Liu
    In the 24th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA 2010), Perth, Australia, 20-13 April 2010.
  20. A light-weighted extension of anonymous communications in IPv6 Network
    Jia Zhang, Haixin Duan, Wu Liu, Jianping Wu
    In 2010 International Conference on Green Circuits and Systems (ICGCS 2010), Shanghai, China, 2010
  21. A Fast Method of Signature Generation for Polymorphic Worms
    Jia Zhang, Haixin Duan, Lanjia Wang, Yuntao Guan, Jianping Wu
    In 2008 International Conference on Computer and Electrical Engineering (ICCEE 2008), Thailand, 2008
  22. A Novel Method to Prevent Traffic Analysis in Low-Latency Anonymous Communication Systems
    Jia Zhang, Haixin Duan, Jianping Wu
    In 2008 International Conference on Computer and Electrical Engineering (ICCEE 2008), Thailand, 2008
  23. AMCAS: An Automatic Malicious Code Analysis System
    Jia Zhang, Yuantao Guan, Xiaoxin Jiang, Haixin Duan, Jianping Wu
    In 2008 International Conference on Web-Age Information Management (WAIM 2008), Zhangjiajie, China, 2008

期刊论文

  1. Finding the best answer: measuring the optimization of public and authoritative DNS
    Jia Zhang, Haixin Duan, Jian Jiang, Jinjin Liang, Jianping Wu
    Sci China Inf Sci, vol.62, No.3, 2019
  2. EDU.CN子域名异常解析现象测量
    冷春莹, 陆超逸, 张甲*, 段海新
    通信学报, 2018.9, 39(Z1): 99~103
  3. 教育类官网推广感染研究
    王郁, 张一铭, 张甲*, 段海新
    通信学报, 2018.9, 39(Z1): 78~85
  4. Anonymity analysis of P2P anonymous communication systems
    Jia Zhang, Haixin Duan, Wu Liu, Jianping Wu
    Computer Communications, 2011.1, 34(1): 358~366
  5. IPv6环境下匿名通信系统的设计与实现
    张甲, 段海新, 吴建平
    清华学报(自然科学版), 2011.1, (1): 63~67
  6. WindTalker: A P2P-Based Low-Latency Anonymous Communication Network
    Jia Zhang, Haixin Duan, Wu Liu, Jianping Wu
    IEICE Trans. Commun., 2009.10.1, E92-B(10)
  7. 基于事件序列的蠕虫网络行为分析算法
    张甲, 段海新, 葛连升
    山东大学学报(理学版), 2007.9, (9): 36~40