Xiaokuan Zhang

Ph.D. Student (Aug. 2015 - Present)
Computer Science and Engineering
Ohio State University

Office: 439 Baker Systems Bldg
E-mail: zhang DOT 5840 AT osu DOT edu

Short Bio

I'm now a 4th year Ph.D. student at The Ohio State University (OSU). My advisor is Prof. Yinqian Zhang. Before coming to OSU, I graduated from Shanghai Jiao Tong University (SJTU) with the Bachelor's degree of Computer Science in 2015. My CV can be found HERE.

Research Interests


  • Statistical Privacy for Streaming Traffic
    Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, Yinqian Zhang
    NDSS'19, San Diego, CA, USA, Feb. 2019.

  • A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites [pdf] [slides] [bib]
    Bo Lu*, Xiaokuan Zhang*, Ziman Ling, Yinqian Zhang, Zhiqiang Lin (*co-first authors)
    ACSAC'18, San Juan, Puerto Rico, USA, Dec. 2018.

  • HoMonit: Monitoring Smart Home Apps from Encrypted Traffic [pdf] [bib]
    Wei Zhang, Yan Meng, Yugeng Liu, Xiaokuan Zhang, Yinqian Zhang, Haojin Zhu
    CCS'18, Toronto, Canada, Oct. 2018.

  • OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS [pdf] [slides] [bib]
    Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, XiaoFeng Wang
    NDSS'18, San Diego, CA, USA, Feb. 2018.
    The issues identified in the paper have been acknowledged by Apple in CVE-2017-13852, CVE-2017-13873, CVE-2017-13877.
    Our proposed solutions have been integrated in recent versions of iOS/MacOS.
    Top 10 Finalists of NYU CSAW'18 Applied Research Competition [link]

  • Detecting Privileged Side-Channel Attacks in Shielded Execution with DEJA VU [pdf] [bib]
    Sanchuan Chen, Xiaokuan Zhang, Michael K. Reiter, Yinqian Zhang
    AsiaCCS'17, Abu Dhabi, UAE, Apr. 2017.

  • Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices [pdf] [slides] [bib]
    Xiaokuan Zhang, Yuan Xiao, Yinqian Zhang
    CCS'16, Vienna, Austria, Oct. 2016.

  • One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation [pdf] [slides] [bib]
    Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, Mircea-Radu Teodorescu
    Security'16, Austin, TX, USA, Aug. 2016.
    Top 10 Finalists of NYU CSAW'16 Applied Research Competition [link]

Research Experience

  • Website account rate-limiting mechanisms
  • Side-channel attacks/defenses on IoT devices
  • Side-channel attacks on iOS devices
  • Defense against side-channel attacks inside Intel SGX enclaves
  • Side-channel attacks on Android devices
  • Double-sided row-hammer attacks in Xen-based VMs

Work Experience


I'm a passionate soccer fan. I like to watch different kinds of soccer matches, such as the World Cup, the UEFA Champions League, the Premier League, the Bundesliga, etc. My favorite soccer club is FC Bayern M√ľnchen. I also like to watch NBA games.