Xiaokuan Zhang

Ph.D. Student (Aug. 2015 - Present)
Computer Science and Engineering
Ohio State University

Office: 439 Baker Systems
Email: zhang DOT 5840 AT osu DOT edu [Google Scholar] [C.V.] [Github]

About Me

I'm now a 4th year Ph.D. student at The Ohio State University (OSU). My advisor is Prof. Yinqian Zhang. Before coming to OSU, I graduated from Shanghai Jiao Tong University (SJTU) with the Bachelor's degree in Computer Science in 2015.

I am interested in different areas of security & privacy, including system security, side-channel security, mobile security, IoT security, etc.


  • Statistical Privacy for Streaming Traffic [pdf] [slides] [bib]
    Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, Yinqian Zhang
    NDSS'19, San Diego, CA, USA, Feb. 2019. (Acceptance rate: 89/521=17.1%)

  • A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites [pdf] [slides] [bib]
    Bo Lu*, Xiaokuan Zhang*, Ziman Ling, Yinqian Zhang, Zhiqiang Lin (*co-first authors)
    ACSAC'18, San Juan, Puerto Rico, USA, Dec. 2018. (Acceptance rate: 60/299=20.1%)

  • HoMonit: Monitoring Smart Home Apps from Encrypted Traffic [pdf] [bib]
    Wei Zhang, Yan Meng, Yugeng Liu, Xiaokuan Zhang, Yinqian Zhang, Haojin Zhu
    CCS'18, Toronto, Canada, Oct. 2018. (Acceptance rate: 134/809=16.6%)

  • OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS [pdf] [slides] [bib]
    Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, XiaoFeng Wang
    NDSS'18, San Diego, CA, USA, Feb. 2018. (Acceptance rate: 71/331=21.5%)
    The issues identified in the paper have been acknowledged by Apple in CVE-2017-13852, CVE-2017-13873, CVE-2017-13877.
    Our proposed solutions have been integrated in recent versions of iOS/MacOS/watchOS/tvOS.
    Top 10 Finalists of NYU CSAW'18 Applied Research Competition [link]

  • Detecting Privileged Side-Channel Attacks in Shielded Execution with DEJA VU [pdf] [bib]
    Sanchuan Chen, Xiaokuan Zhang, Michael K. Reiter, Yinqian Zhang
    AsiaCCS'17, Abu Dhabi, UAE, Apr. 2017. (Acceptance rate: 73/359=20.3%)

  • Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices [pdf] [slides] [bib]
    Xiaokuan Zhang, Yuan Xiao, Yinqian Zhang
    CCS'16, Vienna, Austria, Oct. 2016. (Acceptance rate: 137/831=16.5%)

  • One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation [pdf] [slides] [bib]
    Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, Mircea-Radu Teodorescu
    Security'16, Austin, TX, USA, Aug. 2016. (Acceptance rate: 72/463=15.6%)
    Top 10 Finalists of NYU CSAW'16 Applied Research Competition [link]

Professional Services

External Reviewer
  • IEEE Symposium on Security and Privacy (Oakland) 2016 - 2018, 2020
  • ACM Conference on Computer and Communications Security (CCS) 2016 - 2019
  • USENIX Security Symposium (Security) 2017
  • ISOC Network and Distributed System Security Symposium (NDSS) 2018, 2020

Work Experience

Awards & Honors

  • OSU Nomination for Google Ph.D. Fellowship 2019
  • Excellent Graduate of Shanghai Jiao Tong University2015
  • Academic Excellence Scholarship of Shanghai Jiao Tong University2014
  • Excellent Student Cadre of Shanghai Jiao Tong University2013
  • Academic Excellence Scholarship of Shanghai Jiao Tong University2012
  • National Olympiad in Informatics in Provinces (NOIP), First Prize in Fujian Province2010


I'm a passionate soccer fan. I like to watch soccer games, such as the World Cup, the UEFA Champions League, etc. My favorite club is FC Bayern M√ľnchen, and I visited the Allianz Arena in 2016. I also enjoy watching the NBA games. I witnessed Game 2 of the 2018 NBA Finals in the Oracle Arena.