Welcome to Yan Jia’s Homepage

I am now an Associate Professor (100 Young Academic Leaders of Nankai University), College of Cyber Science at Nankai University. I received my Ph.D. from the School of Cyber Engineering at Xidian University in December 2020. My interests inclulde discovering and understanding new design/logic security vulnerabilities in real-world systems, including IoT (currently main direction), Web/Browser, mobile, network, and other systems. Our works were published at top-lier academic and industrial conferences (e.g., Oakland, USENIX Security, CCS, NDSS, Blackhat) and helped many high-profile parties (e.g., AWS, Microsoft, Google Chromium, IBM, Alibaba, Baidu, Apple, Samsung, Eclipse, iRobot, Philips, etc.) improve their systems’ security. I am among active top authors in terms of publishing at leading security venues [1] [2].

Education

• 2024.1 - now, Associate Professor, 100 Young Academic Leaders of Nankai University, Nankai University
• 2020.12 - 2023.12, Lecturer Postdoctoral Fellowship, Nankai University
• 2016.7 - 2020.12, Ph.D. in Information Security, Xidian University, advised by Prof.Yuqing Zhang
  (RA in the National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences)
• 2018.11 - 2020.7, Joint Ph.D. Student, Indiana University Bloomington, mentored by Prof.XiaoFeng Wang and Prof.Luyi Xing
• 2015 - 2016, Master Student in Crypto, Xidian University
• 2011 - 2015, B.E. in Information Countermeasure Technology, Xidian University

Selected Publications

(Google Scholar)

(#Corresponding Authors)

2024

• Bin Yuan, Zhanxiang Song, Yan Jia#, Zhenyu Lu, Deqing Zou#, Hai Jin, Luyi Xing#. MQTTactic: Security Analysis and Verification for Logic Flaws in MQTT Implementations. IEEE Symposium on Security and Privacy (S&P) (Oakland), 2024.
• Fannv He, Yan Jia, Jiayu Zhao, Yue Fang, Jice Wang, Peng Liu, Yuqing Zhang#. Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor Authentication in Chinese Mobile Apps. Network and Distributed System Symposium (NDSS), 2024.

2023

• Xueqiang Wang. Yifan Zhang, XiaoFeng Wang, Yan Jia, Luyi Xing. Union under Duress: Understanding Hazards of Duplicate Resource Mismediation in Android Software Supply Chain. Usenix Security 2023
• Rongkuan Ma, Qiang Wei, Jingyi Wang, Shunkai Zhu, Shouling Ji, Peng Cheng, Yan Jia, Qingxian Wang. Towards Comprehensively Understanding the Run-time Security of Programmable Logic Controllers: A 3-year Empirical Study. arXiv:2212.14296.
• Yingnan Zhou, Xue Hu, Sihan Xu#, Yan Jia#, Yuhao Liu, Junyong Wang, Guangquan Xu, Wei Wang, Shaoying Liu, and Thar Baker. Multi-misconfiguration Diagnosis via Identifying Correlated Configuration Parameters. IEEE Transactions on Software Engineering. 2023.
• Guangquan Xu, Xinru Ding, Sihan Xu#, Yan Jia#, Shaoying Liu, Shicheng Feng#, and Xi Zheng. Real-Time Diagnosis of Configuration Errors for Software of AI Server Infrastructure. IEEE Transactions on Dependable and Secure Computing. 2023.

2022

• Ze Jin, Luyi Xing, Yiwei Fang, Yan Jia, Bin Yuan, Qixu Liu. P-Verifier: Understanding and Mitigating Security Risks in Cloud-based IoT Access Policies. ACM Conference on Computer and Communications Security (CCS), 2022.
• Yijing Liu, Yan Jia#, Qingyin Tan, Zheli Liu#, Luyi Xing. How Are Your Zombie Accounts? Understanding Users’ Practices and Expectations on Mobile App Account Deletion. USENIX Security 2022.
• Xiaojie Guo, Ye Han, Zheli Liu#, Ding Wang, Yan Jia#, Jin Li Birds of a Feather Flock Together: How Set Bias Helps to Deanonymize You via Revealed Intersection Sizes. USENIX Security 2022.

2021

• Yan Jia*, Bin Yuan*, Luyi Xing, Dongfang Zhao, XiaoFeng Wang, Yifan Zhang, Yijing Liu, Kaimin Zheng, Peyton Crnjak, Yuqing Zhang, Deqing Zou, Hai Jin. Who’s In Control? On Security Risks of Disjointed IoT Device Management Channels. ACM Conference on Computer and Communications Security (CCS), 2021. (*Work closely)
• Wei Zhou, Chen Cao*, Dongdong Huo*, Kai Cheng*, Lan Zhang*, Le Guan*, Tao Liu*, Yan Jia*,Yaowen Zheng*, Yuqing Zhang†, Limin Sun, Yazhe Wang and Peng Liu. Reviewing IoT Security via Logic Bugs in IoT Platforms and Systems. IEEE Internet of Things Journal, 2021. (*These authors contributed equally to this work.)

2020

• Yan Jia, Luyi Xing, Yuhang Mao, Dongfang Zhao, XiaoFeng Wang, Shangru Zhao and Yuqing Zhang. Burglars IoT Paradise: Understanding and Mitigating Security Risks of General Messaging Protocols on IoT Clouds. IEEE Symposium on Security and Privacy (S&P) (Oakland), 2020.
• Bin Yuan*, Yan Jia*, Luyi Xing, Dongfang Zhao, XiaoFeng Wang, Deqing Zou, Hai Jin and Yuqing Zhang. Shattered Chain of Trust: Understanding Security Risks in Cross-Cloud IoT Access Delegation. 29th USENIX Security Symposium (USENIX Security). 2020. (*Work closely)

2019

• Wei Zhou, Yan Jia, Yao Yao, Lipeng Zhu, Le Guan, Yuhang Mao, Peng Liu and Yuqing Zhang. Discovering and understanding the security hazards in the interactions between IoT devices, mobile apps, and clouds on smart home platforms. 28th USENIX Security Symposium (USENIX Security). 2019.
• Yao Yao, Wei Zhou, Yan Jia, Lipeng Zhu, Peng Liu and Yuqing Zhang. Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution. European Symposium on Research in Computer Security (ESORICS). 2019.

2018

• 王基策, 李意莲, 贾岩, 周威, 王宇成, 王鹤, 张玉清. 智能家居安全综述. 计算机研究与发展, 2018, 55(10): 2111.
• Wei Zhou, Yan Jia, Anni Peng, Yuqing Zhang, Peng Liu. The effect of iot new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet of Things Journal, 2018, 6(2): 1606-1616
• 彭安妮, 周威, 贾岩, 张玉清. 物联网操作系统安全研究综述. 通信学报, 2018, 39(3): 22-34

2017 and Before

• Yan Jia, Yuqing Zhang. Poster: Security Analysis of HSTS Implementation in Browsers. 2017 IEEE Symposium on Security and Privacy (S&P) (Oakland). 2017.

• 张玉清, 贾岩, 雷柯楠, 吕少卿, 乐洪舟. HTML5 新特性安全研究综述. 计算机研究与发展, 2016, 53(10): 2163-2172.

• 贾岩, 王鹤, 吕少卿, 张玉清. HTML5 应用程序缓存中毒攻击研究. 通信学报, 2016, 37(10): 149-157.

Impacts of My Research

2020

• A design vulnerability about Apple Homekit: CVE-2020-9978 (macOS and iOS).
• Vulnerabilities we discovered are assigned CNVD-2020-68248, CNVD-2020-73400.

2019

• The vulnerabilities in IoT cloud delegation process we discovered are acknowledged by Samsung SmartThings ($2000 bounty), Philips Hue.

• The design issues in authorization model of MQTT raise the concern of OASIS MQTT Technical Committee and are treated as major priority. OASIS Open Issue MQTT-536

2018

• The vulnerabilities and design flaws I found in IoT platforms and MQTT influence many popular vendors including Amazon Web Service, Microsoft(awarded $2500 plus $4000), IBM, iRobot, Alibaba, Baidu, Tuya Smart, Suning (Critical), Eclipse Mosquitto, etc, which may cause illegal control, large-scale DoS, privacy leaks and device impersonation . (Reference: MSRC Online Acknowledgement(October 2019), MSRC Online Acknowledgement(July 2018), CVE-2018-12546, CVE-2018-12550, CNVD-2019-34661, CNVD-2019-34660, CNVD-2019-34656, CNVD-2019-34655, CNVD-2019-34654, CNVD-2019-34652 )

• The vulnerabilities about device identity management influenced many popular IoT platforms including Alibaba Alink, JD Joylink and TP-Link Kasa Smart, which cause remote hijacking and impersonating the victim’s IoT device.

2017

• HSTS Bypass via fooding of the HSTS policy file in Chromium (Severity-Medium). Issue 699461

Research Funds

• Inovation Fund of Xidian University. 12,000 CNY, 2018-2019
• China Scholarship Council Funding.
• China Postdoctoral Science Foundation (2021M691673). 80,000 CNY, 2021.6 -
• National Natural Science Foundation of China (62102198). 300,000 CNY, 2022.1 - 2024.12
• China Postdoctoral Science Foundation (2023T160335). 160,000 CNY, 2023.7.28 -

Talks

• 应用逻辑缺陷研究经验分享——从生活现象到网安学术论文. CCF Talk 计算机网络与通信顶会——精读细讲. Jun 10, 2024.
• 智能家居逻辑漏洞研究——新应用与场景带来的挑战. 2023年InForSec网络空间安全夏令营“导师面对面”专题学术活动. Aug 7-8, 2023.
• 智能家居逻辑漏洞研究——新应用与场景带来的挑战. 首届国际网络空间安全顶级会议交流研讨会（CyberSec 2023）. Lhasa. Aug 4, 2023.
• 智能家居安全研究新进展：新场景与应用的挑战. 华为“未来网络前沿–青年科学家论坛：网络协议与安全专场”. Beijing. Feb 13, 2023.
• IoT Manufacturers’ New Nightmare: Design Flaws and Deployment Chaos in Cloud-based IoT Access Control Policies. Blackhat Europe 2022. (40-Minute Briefings)
• Codema Attack: Controlling Your Smart Home Through Dangling Management Channels. Black Hat Asia 2022. (40-min Briefings)
• 物联网设备多管理通道安全风险分析. 天津市网络与数据安全技术重点实验室2021学术年会. Nankai University. November 2021.
• 网络安全研究国际学术论坛(InForSec). Jun 5-6, 2021.
• How I Can Unlock Your Smart Door: Security Pitfalls in Cross-Vendor IoT Access Control. (40-min Briefings) Black Hat Asia. 2021. Reported by DARKReading DARKReading
• Sneak into Your Room: Security Holes in the Integration and Management of Messaging Protocols on Commercial IoT Clouds. (50-min Briefings) Black Hat Europe. 2019.
• Cyber Security Top Conference Paper Summer Camp 2020. Nankai University (Online). Jul. 27, 2020.
• InForSec Annual Symposium 2020. Tsinghua University. Jan 3-4, 2020.

Books/Reports

• 《网络安全国际学术研究进展》，人民邮电出版社，ISBN: 9787115588944. 2022-08
• 《软件安全：漏洞利用及渗透测试》，清华大学出版社，ISBN: 9787302602156，2022-03

Academic Services

• Reviewer of IEEE Internet of Things Journal, IEEE Security & Privacy, Journal of Computer Science and Technology, IEEE Transactions on Big Data, IEEE Transactions on Information Forensics and Security, Empirical Software Engineering, etc.
• EAI SPNCE 2021, Program Committee Member
• 26th International Conference on Computer Supported Cooperative Work in Design (CSCW’23), Program Committee Member
• The 25th International Conference on Information and Communications Security (ICICS’23), Web Chair
• The 19th International Conference on Mobility, Sensing and Networking (IEEE MSN), Program Committee Member
• IEEE/ACM Workshop on the Internet of Safe Things (SafeThings 2024), Program Committee Member
• NDSS 2024 Workshop on Security and Privacy in Standardized IoT (SDIoTSec 2024), Program Committee Member

  Awards

• 2022 ACM China Council Tianjin Chapter Rising Star Award
• Our CCS’21 paper was selected a finalist (10/83) for CSAW’22 Applied Research Competition