Ziqi Zhang (张子祺)

Ziqi Zhang (张子祺)

Postdoc @ UIUC

Ziqi Zhang 张子祺

Hi! I’m Ziqi Zhang (pronounced as /tzi’chi chang/). I’m currently a Postdoc Researcher at UIUC, supervised by Lingming Zhang. I received my Ph.D degree in the School of Computer Science from Peking University in 2023, advised by Prof. Ding Li, Prof. Yao Guo and Prof. Xiangqun Chen. Before that, I earned my bachelor’s degree from the School of EECS, Peking University.

My research interests lie in AI security, software engineering, and software security. My topics include trusted AI, AI with trusted hardware (e.g., SGX, TDX, TrustZone), AI4SE, and SE4AI. I have published several papers at top-tier conferences in various domains, including computer security (S&P, USENIX Security, CCS), software engineering (ESEC/FSE, ICSE, ISSTA, ISSRE), AI (ICML, WWW), and ubiquitous computing (Ubicomp). I’m always open to collaborations. Feel free to reach out if you would like my collaboration or suggestions for your research projects! In addition to the aforementioned research interests, I am also open to other related research problems!

Download my CV here.

Research Interests

  1. TEE-based Model Protection: TEE-Shielded DNN Partition [S&P’24, ICML’24]
  2. Software Engineering and AI: model slicing [ESEC/FSE’20, ICSE’22], model testing [ISSTA’21]
  3. Privacy: federated learning [ICSE’23, Ubicomp’22, WWW’23, Security’24]
  4. Software Security: memory isolation [CCS’23b], security of SGX applications [CCS’23a]

Education

  • Ph.D. in Computer Science, School of Computer Science, Peking University, September 2018 - June 2023
  • B.E. in Computer Science, School of EECS, Peking University, September 2014 - June 2018

Selected Publications

  • [S&P’24] Ziqi Zhang, Chen Gong, Yuanyuan Yuan, Yifeng Cai, Bingyan Liu, Ding Li, Yao Guo, Xiangqun Chen. “No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition Defenses”. (CCF-A) [paper] [artifact] [tool TAOISM] [PPT]

  • [ICSE’23] Ziqi Zhang, Yuanchun Li, Bingyan Liu, Yifeng Cai, Ding Li, Yao Guo, Xiangqun Chen. “FedSlice: Protecting Federated Learning Models from Malicious Participants with Model Slicing”. In Proceedings of International Conference on Software Engineering. (CCF-A, 209/796=26.2%) [paper] [code] [PPT]

  • [ICSE’22] Ziqi Zhang, Yuanchun Li, Jindong Wang, Bingyan Liu, Ding Li, Xiangqun Chen, Yao Guo, Yunxin Liu. “ReMoS: Reducing Defect Inheritance in Transfer Learning via Relevant Model Slicing”. In Proceedings of International Conference on Software Engineering. (CCF-A, 197/751≈26.2%) [paper] [code] [PPT]
  • [ESEC/FSE’20] Ziqi Zhang, Yuanchun Li, Yao Guo, Xiangqun Chen, Yunxin Liu. “Dynamic Slicing for Deep Neural Networks.” In Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. (CCF-A, 101/360≈28.0%) [paper] [code] [PPT]

Other Publications

  • [USENIX Security’24] Yifeng Cai, Ziqi Zhang, Jiaping Gui, Bingyan Liu, Xiaoke Zhao, Ruoyu Li, Zhe Li, Ding Li. “FAMOS: Robust Privacy-Preserving Authentication on Payment Apps via Federated Multi-Modal Contrastive Learning” (CCF-A, Accepted).

  • [ICML’24] Zheng Zhang, Na Wang, Ziqi Zhang, Tianyi Zhang, Jianwei Liu, Yao Zhang, Ye Wu. “GroupCover: A Secure, Efficient and Scalable Inference Framework for On-device Model Protection based on TEEs” (CCF-A, 2609/9653=27.03%).

  • [CCS’23a] Yuanpeng Wang, Ziqi Zhang, Ningyu He, Zhineng Zhong, Shengjian Guo, Qinkun Bao, Ding Li, Yao Guo, and Xiangqun Chen. “SymGX: Detecting Cross-boundary Pointer Vulnerabilities of SGX Applications via Static Symbolic Execution” (CCF-A, 158/795=19.87%).

  • [CCS’23b] Hanwen Lei, Ziqi Zhang, Shaokun Zhang, Peng Jiang, Zhineng Zhong, Ningyu He, Ding Li, Yao Guo, and Xiangqun Chen. “Put Your Memory in Order: Efficient Domain-based Memory Isolation for WASM Applications” (CCF-A, 158/795=19.87%).

  • [WWW’23] Bingyan Liu, Yifeng Cai, Hongzhe Bi, Ziqi Zhang, Ding Li, Yao Guo, Xiangqun Chen. “Beyond Fine-Tuning: Efficient and Effective Fed-Tuning for Mobile/Web Users” (CCF-A, 365/1900=19.2%)

  • [ISSRE’23] Shaokun Zhang, Wu Linna, Yuanchun Li, Ziqi Zhang, Hanwei Lei, Ding Li, Yao Guo, and Xiangqun Chen. “ReSPlay: Improving Cross-Platform Record-and-Replay with GUI Sequence Matching” In IEEE International Symposium on Software Reliability Engineering. (CCF-B, Accepted)

  • [ISSTA’22W] Ziqi Zhang, Lucien K. L. Ng, Yifeng Cai, Yao Guo, Bingyan Liu, Ding Li, and Xiangqun Chen. “TEESlice: Slicing DNN Models for Secure and Efficient Deployment inside TEEs”.

  • [Ubicomp’22] Bingyan Liu, Yifeng Cai, Ziqi Zhang, Yuanchun Li, Leye Wang, Ding Li, Yao Guo, Xiangqun Chen. “DistFL: Distribution-aware Federated Learning for Mobile Scenarios” In ACM on Interactive, Mobile, Wearable, and Ubiquitous Technologies. (CCF-A)

  • [ISSTA’21] Yuanchun Li, Ziqi Zhang, Bingyan Liu, Ziyue Yang, Yunxin Liu. “ModelDiff: Testing-based DNN Similarity Comparison for Model Reuse Detection” The ACM SIGSOFT International Symposium on Software Testing and Analysis. (CCF-A, 51/233=21.9%)

Invited Talks

  1. Ant Group, Beijing, Dec 2023. No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML
  2. Security Group @ TouTiao, Beijing, Dec 2023. No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML
  3. NetSys weekly seminar, Imperial College London, Nov 2023. No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML
  4. Ant Group, Beijing, Aug 2023. No Privacy Left Outside: On the (In-)Security of TEE-Shielded DNN Partition for On-Device ML

Academic Services

  1. PC Member: LLM4Code @ ICSE’24
  2. Reviewer: TDSC’23, WWW’24

Honors and Awards

  1. Outstanding Doctoral Dissertation Award of Peking University, Jun 2023
  2. Outstanding Graduate Award of Peking University, Jun 2023
  3. Merit Student of Peking University, Sep 2022
  4. Jiukun Scholarship, Peking University, Sep 2022
  5. Stars of Tomorrow Internship Program, Microsoft Research Asia, Sep 2020
  6. Intel Scholarship, Intel, Dec 2019