Zheli Liu
YOU?
Author Swipe
View article: Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study
Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study Open
The Proof-of-Concept (PoC) for a vulnerability is crucial in validating its existence, mitigating false positives, and illustrating the severity of the security threat it poses. However, research on PoCs significantly lags behind studies f…
View article: 2-Month Outcomes of Conbercept in Macular Edema Secondary to Central Retinal Vein Occlusion from a randomized, multicenter, double-blind, sham-controlled phase III study: CRAVE Study
2-Month Outcomes of Conbercept in Macular Edema Secondary to Central Retinal Vein Occlusion from a randomized, multicenter, double-blind, sham-controlled phase III study: CRAVE Study Open
Purpose To evaluate the efficacy and safety of intravitreal injection of conbercept for the treatment of macular edema secondary to central retinal vein occlusion (CRVO-ME). Methods Patients with CRVO were randomly divided into the treatme…
View article: Characterizing Trust Boundary Vulnerabilities in TEE Containers
Characterizing Trust Boundary Vulnerabilities in TEE Containers Open
Trusted Execution Environments (TEEs) have emerged as a cornerstone of confidential computing, garnering significant attention from both academia and industry. To enable the secure development, execution, and deployment, of applications on…
View article: BadReasoner: Planting Tunable Overthinking Backdoors into Large Reasoning Models for Fun or Profit
BadReasoner: Planting Tunable Overthinking Backdoors into Large Reasoning Models for Fun or Profit Open
Large reasoning models (LRMs) have emerged as a significant advancement in artificial intelligence, representing a specialized class of large language models (LLMs) designed to tackle complex reasoning tasks. The defining characteristic of…
View article: Open Source, Hidden Costs: A Systematic Literature Review on OSS License Management
Open Source, Hidden Costs: A Systematic Literature Review on OSS License Management Open
Integrating third-party software components is a common practice in modern software development, offering significant advantages in terms of efficiency and innovation. However, this practice is fraught with risks related to software licens…
View article: Uncovering API-Scope Misalignment in the App-in-App Ecosystem
Uncovering API-Scope Misalignment in the App-in-App Ecosystem Open
The "app-in-app" paradigm is an emerging trend in mobile systems, where super applications (short for superApps) such as WeChat, Baidu, TikTok, enable external vendors to develop mini-programs (short for miniApps) on their platforms by pro…
View article: CTRAP: Embedding Collapse Trap to Safeguard Large Language Models from Harmful Fine-Tuning
CTRAP: Embedding Collapse Trap to Safeguard Large Language Models from Harmful Fine-Tuning Open
Fine-tuning-as-a-service, while commercially successful for Large Language Model (LLM) providers, exposes models to harmful fine-tuning attacks. As a widely explored defense paradigm against such attacks, unlearning attempts to remove mali…
View article: Security and Privacy Measurement on Chinese Consumer IoT Traffic based on Device Lifecycle
Security and Privacy Measurement on Chinese Consumer IoT Traffic based on Device Lifecycle Open
In recent years, consumer Internet of Things (IoT) devices have become widely used in daily life. With the popularity of devices, related security and privacy risks arise at the same time as they collect user-related data and transmit it t…
View article: Traceback of Poisoning Attacks to Retrieval-Augmented Generation
Traceback of Poisoning Attacks to Retrieval-Augmented Generation Open
View article: Your Semantic-Independent Watermark is Fragile: A Semantic Perturbation Attack against EaaS Watermark
Your Semantic-Independent Watermark is Fragile: A Semantic Perturbation Attack against EaaS Watermark Open
View article: Rethinking Software Misconfigurations in the Real World: An Empirical Study and Literature Analysis
Rethinking Software Misconfigurations in the Real World: An Empirical Study and Literature Analysis Open
Software misconfiguration has consistently been a major reason for software failures. Over the past twenty decades, much work has been done to detect and diagnose software misconfigurations. However, there is still a gap between real-world…
View article: Shortcut: Making MPC-based Collaborative Analytics Efficient on Dynamic Databases
Shortcut: Making MPC-based Collaborative Analytics Efficient on Dynamic Databases Open
View article: Your Semantic-Independent Watermark is Fragile: A Semantic Perturbation Attack against EaaS Watermark
Your Semantic-Independent Watermark is Fragile: A Semantic Perturbation Attack against EaaS Watermark Open
Embedding-as-a-Service (EaaS) has emerged as a successful business pattern but faces significant challenges related to various forms of copyright infringement, particularly, the API misuse and model extraction attacks. Various studies have…
View article: Prompt-Guided Internal States for Hallucination Detection of Large Language Models
Prompt-Guided Internal States for Hallucination Detection of Large Language Models Open
Large Language Models (LLMs) have demonstrated remarkable capabilities across a variety of tasks in different domains. However, they sometimes generate responses that are logically coherent but factually incorrect or misleading, which is k…
View article: Can Coverage Criteria Guide Failure Discovery for Image Classifiers? An Empirical Study
Can Coverage Criteria Guide Failure Discovery for Image Classifiers? An Empirical Study Open
Quality assurance of deep neural networks (DNNs) is crucial for the deployment of DNN-based software, especially in mission- and safety-critical tasks. Inspired by structural white-box testing in traditional software, many test criteria ha…
View article: BadActs: A Universal Backdoor Defense in the Activation Space
BadActs: A Universal Backdoor Defense in the Activation Space Open
Backdoor attacks pose an increasingly severe security threat to Deep Neural Networks (DNNs) during their development stage. In response, backdoor sample purification has emerged as a promising defense mechanism, aiming to eliminate backdoo…
View article: Analyzing Consumer IoT Traffic from Security and Privacy Perspectives: a Comprehensive Survey
Analyzing Consumer IoT Traffic from Security and Privacy Perspectives: a Comprehensive Survey Open
The Consumer Internet of Things (CIoT), a notable segment within the IoT domain, involves the integration of IoT technology into consumer electronics and devices, such as smart homes and smart wearables. Compared to traditional IoT fields,…
View article: Data security and privacy computing in artificial intelligence
Data security and privacy computing in artificial intelligence Open
View article: Efficient Searchable Symmetric Encryption in Industrial Iot Production
Efficient Searchable Symmetric Encryption in Industrial Iot Production Open
View article: LiSum: Open Source Software License Summarization with Multi-Task Learning
LiSum: Open Source Software License Summarization with Multi-Task Learning Open
Open source software (OSS) licenses regulate the conditions under which users can reuse, modify, and distribute the software legally. However, there exist various OSS licenses in the community, written in a formal language, which are typic…
View article: LiResolver: License Incompatibility Resolution for Open Source Software
LiResolver: License Incompatibility Resolution for Open Source Software Open
Open source software (OSS) licenses regulate the conditions under which OSS\ncan be legally reused, distributed, and modified. However, a common issue\narises when incorporating third-party OSS accompanied with licenses, i.e.,\nlicense inc…
View article: CRSExtractor: Automated configuration option read sites extraction towards IoT cloud infrastructure
CRSExtractor: Automated configuration option read sites extraction towards IoT cloud infrastructure Open
View article: New Approach for Efficient Malicious Multiparty Private Set Intersection
New Approach for Efficient Malicious Multiparty Private Set Intersection Open
View article: New Differential Privacy Communication Pipeline and Design Framework
New Differential Privacy Communication Pipeline and Design Framework Open
Organizations started to adopt differential privacy (DP) techniques hoping to persuade more users to share personal data with them. However, many users do not understand DP techniques, thus may not be willing to share. Previous research su…
View article: LiDetector: License Incompatibility Detection for Open Source Software
LiDetector: License Incompatibility Detection for Open Source Software Open
Open-source software (OSS) licenses dictate the conditions which should be followed to reuse, distribute, and modify the software. Apart from widely-used licenses such as the MIT License, developers are also allowed to customize their own …
View article: Total Variation Distance Privacy: Accurately Measuring Inference Attacks and Improving Utility
Total Variation Distance Privacy: Accurately Measuring Inference Attacks and Improving Utility Open
View article: Outcomes of Eyes Lost to Follow-Up in Patients with Central Retinal Vein Occlusion Who are Receiving Anti-Vascular Endothelial Growth Factor Treatment
Outcomes of Eyes Lost to Follow-Up in Patients with Central Retinal Vein Occlusion Who are Receiving Anti-Vascular Endothelial Growth Factor Treatment Open
In CRVO-ME patients who are receiving anti-VEGF therapy, unintentional treatment interruptions can cause visually disastrous consequences, including irreversible blindness. Patients who were LTFU for a long period should be strongly warned…
View article: IEEE Access Special Section Editorial: Security and Privacy in Emerging Decentralized Communication Environments
IEEE Access Special Section Editorial: Security and Privacy in Emerging Decentralized Communication Environments Open
Due to the COVID-19 epidemic, face-to-face team working has changed into distanced work from home. Modern, decentralized digital communication environments are changing with the availability of new technologies and the development of new r…
View article: Eurus: Towards an Efficient Searchable Symmetric Encryption With Size Pattern Protection
Eurus: Towards an Efficient Searchable Symmetric Encryption With Size Pattern Protection Open
To achieve efficiently search and update on outsourced encrypted data, dynamic searchable symmetric encryption (DSSE) was proposed by just leaking some well-defined leakages. Though small, many recent works show that an attacker can exploi…
View article: Optical coherence tomography angiography characteristics in Waldenström macroglobulinemia retinopathy: A case report
Optical coherence tomography angiography characteristics in Waldenström macroglobulinemia retinopathy: A case report Open
WM may affect visual function and present as bilateral CRVO. OCTA can show characteristic changes in both retina and choroid vasculatures, which might be of great value for diagnosing or following patients with WM retinopathy. Intravitreal…