{"id":19931,"date":"2019-02-22T16:19:16","date_gmt":"2019-02-22T21:19:16","guid":{"rendered":"http:\/\/www.bu.edu\/csmet\/?post_type=profile&#038;p=19931"},"modified":"2025-10-23T15:45:38","modified_gmt":"2025-10-23T19:45:38","slug":"shengzhi-zhang","status":"publish","type":"profile","link":"https:\/\/www.bu.edu\/csmet\/profile\/shengzhi-zhang\/","title":{"rendered":"Shengzhi Zhang"},"content":{"rendered":"<p>Dr. Shengzhi Zhang earned his PhD in Computer Science and Engineering from Penn State University in 2012.<span>\u00a0His research focuses on cybersecurity, including but not limited to Internet of Things (IoT) security, automobile security, mobile security, and operating system security, among others. He has most recently worked as an assistant professor in the Department of Computer Science at the Florida Institute of Technology. Prior to academia, Dr. Zhang conducted various research projects in Cisco, IBM, and Honeywell Aerospace labs. His existing partnerships, both nationally and internationally, include researchers from Ford Motor, IBM, GE, Indiana University, Penn State, Kuwait University, and the Chinese Academy of Sciences. Dr. Zhang has published many papers and served as program committee members in top-tier security conferences and journals.<\/span><\/p>\n<p>Office hours: 2:30-4:30PM, Thursday<\/p>\n<div class=\"bu_collapsible_container \" aria-live=\"polite\" data-customize-animation=\"false\"><h3 class=\"bu_collapsible\" aria-expanded=\"false\"tabindex=\"0\" role=\"button\">Research Interests<\/h3><div class=\"bu_collapsible_section\" style=\"display: none;\">\n<ul>\n<li>IoT security<\/li>\n<li>Automobile Security<\/li>\n<li>Mobile Security<\/li>\n<li>System Security<\/li>\n<\/ul>\n<p><\/div>\n<\/div>\n<br \/>\n<div class=\"bu_collapsible_container \" aria-live=\"polite\" data-customize-animation=\"false\"><h3 class=\"bu_collapsible\" aria-expanded=\"false\"tabindex=\"0\" role=\"button\">Courses<\/h3><div class=\"bu_collapsible_section\" style=\"display: none;\"><\/p>\n<p>MET CS 544 \u2013 Foundations of Analytics with R<\/p>\n<p><\/div>\n<\/div>\n<br \/>\n<div class=\"bu_collapsible_container \" aria-live=\"polite\" data-customize-animation=\"false\"><h3 class=\"bu_collapsible\" aria-expanded=\"false\"tabindex=\"0\" role=\"button\">Scholarly Works<\/h3><div class=\"bu_collapsible_section\" style=\"display: none;\"><\/p>\n<p>Editor-in-Chief, <em>Journal of Secure Communications and Systems<\/em> (January 2017\u2013present)<\/p>\n<p><strong>Book Chapters<\/strong><\/p>\n<p>Peng Liu, Xiaoqi Jia, Shengzhi Zhang, Xi Xiong, Yoon-chan Jhi, Kun Bai, and Jason H. Li. \u201cCross-Layer Damage Assessment for Cyber Situational Awareness.\u201d In <em>Cyber Situational Awareness: Issues and\u00a0<\/em><em>Research<\/em>, edited by S. Jajodia, P. Liu, V. Swarup, and C. Wang. Springer International Series on Advances in Information Security (November 2009). ISBN: 98-1-4419-0139-2<\/p>\n<p><strong>Refereed Journal Articles<\/strong><\/p>\n<p>Shengzhi Zhang, Xiaoqi Jia, and Peng Liu. \u201cTowards service continuity for transactional applications via diverse device drivers.\u201d <em>International Journal of Information and Computer Security<\/em> 8, no. 4 (2016): 382\u2013400.<\/p>\n<p>Shengzhi Zhang, Wenjie Wang, Haishan Wu, Athanasios V. Vasilakos, and Peng Liu. \u201cTowards transparent and distributed workload management for large scale web servers.\u201d <em>Future Generation Computer Systems <\/em>29, no. 4 (2013): 913\u2013925.<\/p>\n<p>Xiaoqi Jia, Rui Wang, Jun Jiang, Shengzhi Zhang, and Peng Liu. \u201cDefending return-oriented programming based on virtualization techniques.\u201d <em>Security and Communication Networks<\/em> 6, no. 10 (2013): 1236\u00ad\u20131249.<\/p>\n<p>Shengzhi Zhang and Sang-Jo Yoo. \u201cHidden node collision recovery protocol for low rate wireless personal area networks.\u201d <em>Wireless Communications and Mobile Computing<\/em> 12, no. 15 (2012): 1351\u20131362.<\/p>\n<p>Shengzhi Zhang, Xiaoqi Jia, Peng Liu, and Jiwu Jing. \u201cPEDA: Comprehensive Damage Assessment for Production Environment Server Systems.\u201d <em>IEEE Transactions on Information Forensics and Security\u00a0<\/em>6, no. 4 (2011): 1323\u00ad\u20131334.<\/p>\n<p><strong>Refereed Conference and Workshop Papers<\/strong><\/p>\n<p>Shengzhi Zhang, Omar Makke, Oleg Yu Gusikhin, Ayush Shah, and Athanasios Vasilakos. \u201cA security model for dependable vehicle middleware and mobile applications connection.\u201d In <em>VEHITS 2018: Proceedings of the 4th International Conference on Vehicle Technology and Intelligent Transport Systems<\/em>, edited by Gusikhin, O. and Helfert, M. (2018): 379\u2013386.<\/p>\n<p>Le Guan, Chen Cao, Peng Lui, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, and Trent Jaeger. \u201cBuilding a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM.\u201d\u00a0<em><a _ngcontent-c9=\"\" class=\"stats-document-abstract-publishedIn\" href=\"https:\/\/ieeexplore.ieee.org\/xpl\/RecentIssue.jsp?punumber=8858\">IEEE Transactions on Dependable and Secure Computing<\/a><\/em><span>\u00a0(July 31, 2018). DOI:\u00a0<a append-to-href=\"?src=document\" target=\"_blank\" href=\"https:\/\/doi.org\/10.1109\/TDSC.2018.2861756\" rel=\"noopener noreferrer\">10.1109\/TDSC.2018.2861756<\/a><\/span><\/p>\n<p>Xuejing Yuan, Yuxuan Chen, Yue Zhao, Yunhui Long, Kai Chen, Shengzhi Zhang, Heqing Huang, and Xiaofeng Wang. \u201cCommanderSong: A Systematic Approach for Practical Adversarial Voice Recognition.\u201d In P<em>roceedings of the 27<sup>th<\/sup> Usenix Security Symposium<\/em>, Baltimore, Maryland (2018): 40\u201364.<\/p>\n<p>Shengzhi Zhang, Ayush Shah, Oleg Gusikhin, and Omar Makke. \u201cA Security Model for Dependable Vehicle Middleware and Mobile Application Connection.\u201d The 4<sup>th<\/sup> International Conference on Vehicle Technology and Intelligent Transport Systems (VEHITS 2018).<\/p>\n<p>Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, and Trent Jaeger. \u201cTrust-Shadow: Secure Execution of Unmodified Applications with ARM TrustZone.\u201d The 15<sup>th<\/sup> ACM International Conference on Mobile Systems, Applications, and Services (Mobisys 2017).<\/p>\n<p>Shengzhi Zhang, Xiaoqi Jia, and Weijuan Zhang. \u201cTowards Comprehensive Protection for Open Flow Controllers.\u201d The 19<sup>th<\/sup> Asia-Pacific Network Operations and Management Symposium (APNOMS 2017). (Best paper award.)<\/p>\n<p>Sultan Aldossary, William Allen, and Shengzhi Zhang. \u201cMathematical Model for Using Moving Target Defense to Mitigate Memory Randomization Weaknesses.\u201d The 4<sup>th<\/sup> Annual Conference on Computational Science and Computational Intelligence (2017).<\/p>\n<p>Weijuan Zhang, Xiaoqi Jia, Chang Wang, Shengzhi Zhang, Qingjia Huang, Mingsheng Wang, and Peng Liu. \u201cA Comprehensive Study of Co-residence Threat in Multi-tenant Public PaaS Clouds.\u201d The 18<sup>th<\/sup> IEEE International Conference on Information and Communications Security (ICICS 2016).<\/p>\n<p>Zimin Lin, Rui Wang, Xiaoqi Jia, Shengzhi Zhang, and Chuankun Wu. \u201cClassifying Android Malware with Dynamic Behavior Dependency Graphs.\u201d The 15<sup>th<\/sup> IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TRUSTCOM 2016).<\/p>\n<p>Zimin Lin, RuiWang, Xiaoqi Jia, Shengzhi Zhang, and Chuankun Wu. \u201cAnalyzing Android Repackaged Malware by Decoupling Their Event Behaviors.\u201d International Workshop on Security (IWSEC 2016). (Award paper.)<\/p>\n<p>Mark Fioravanti, Ayush Shah, and Shengzhi Zhang. \u201cA Study of Network Domains Used in Android Applications.\u201d The 9<sup>th<\/sup> International Conference on Network and System Security (NSS 2015).<\/p>\n<p>Craig Sanders, Ayush Shah, and Shengzhi Zhang. \u201cComprehensive Analysis of the Google Play\u2019s Auto-Update Policy.\u201d The 11<sup>th<\/sup> International Conference on Information Security Practice and Experience (ISPEC 2015).<\/p>\n<p>Rui Wang, Xiaoqi Jia, Qinlei Li, and Shengzhi Zhang. \u201cMachine Learning based Cross-site Scripting Detection in Online Social Network.\u201d The 6<sup>th<\/sup> International Symposium on Cyberspace Safety and Security (CSS 2014).<\/p>\n<p>Shengzhi Zhang and Peng Liu. \u201cAssessing the Trustworthiness of Drivers.\u201d The 15<sup>th<\/sup> International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2012).<\/p>\n<p>Shengzhi Zhang and Peng Liu. \u201cLetting Applications Operate through Attacks Launched from Compromised Device Drivers.\u201d ACM Conference on Data and Application Security and Privacy (ASIACCS 2012).<\/p>\n<p>Jun Jiang, Xiaoqi Jia, Dengguo Feng, Shengzhi Zhang, and Peng Liu. \u201cHyperCrop: A Hypervisor-based Countermeasure for Return Oriented Programming.\u201d In <em>Proceedings of the 13<sup>th<\/sup> International\u00a0<\/em><em>Conference on Information and Communications Security (ICICS 2011)<\/em>, November 2011.<\/p>\n<p>Shengzhi Zhang, Haishan Wu, Wenjie Wang, Bo Yang, Peng Liu, and Athanasios V. Vasilakos. \u201cDistributed Workload and Response Time Management for Web Applications.\u201d In <em>Proceedings of the 7<sup>th<\/sup> International Conference on Network and Service Management (CNSM 2011)<\/em>, October 2011.<\/p>\n<p>Junfeng Yu, Shengzhi Zhang, Peng Liu, and Zhitang Li. \u201cLeakProber: A Framework for Profiling Sensitive Data Leakage Path.\u201d In <em>Proceedings of the first ACM Conference on Data and Application Security\u00a0<\/em><em>and Privacy (CODASPY \u201911)<\/em>, February 2011: 75\u201384.<\/p>\n<p>Shengzhi Zhang, Xiaoqi Jia, Peng Liu, and Jiwu Jing. \u201cCross-Layer Comprehensive Intrusion Harm Analysis for Availability-Critical Server Systems.\u201d In <em>Proceedings of the 26<sup>th<\/sup> Annual Computer Security\u00a0<\/em><em>Applications Conference (ACSAC \u201910)<\/em>, December 2010: 297\u2013306.<\/p>\n<p>Shengzhi Zhang, Xi Xiong, and Peng Liu. \u201cChallenges in Improving the Survivability of Data Centers.\u201d In <em>Proceedings of Workshop on Survivability in Cyberspace<\/em>, April 2010. (Invited paper.)<\/p>\n<p>Shengzhi Zhang, Xi Xiong, Xiaoqi Jia, and Peng Liu. \u201cAvailability-Sensitive Intrusion Recovery.\u201d In\u00a0<em>Proceedings\u00a0<\/em><em>of<\/em><em> the\u00a0<\/em><em>2<sup>nd<\/sup> <\/em><em>ACM workshop on Virtual machine security (VMSec \u201909),<\/em>\u00a0November 2009: 43\u201348. (Position paper.)<\/p>\n<p>Xiaoqi Jia, Shengzhi Zhang, Jiwu Jing, and Peng Liu. \u201cUsing Virtual Machines to Do Cross-Layer Damage Assessment.\u201d In <em>Proceedings of the 1<sup>st<\/sup> ACM Workshop on Virtual Machine Security (VMSec\u00a0<\/em><em>\u201908)<\/em>, October 2008: 29\u201338.<\/p>\n<p>Shengzhi Zhang and Sang-Jo Yoo. \u201cFast Recovery from Hidden Node Collision for IEEE 802.15.4 LR-WPANs.\u201d In <em>Proceedings of the 7th IEEE International Conference on Computer and Information\u00a0<\/em><em>Technology<\/em> <em>(CIT 2007)<\/em>, November 2007: 393\u2013398.<\/p>\n<p><strong>Technical Report<\/strong><\/p>\n<p>Shengzhi Zhang, Srivatsan Varadarajan, and Allalaghatta Pavan. \u201cNon-Interference Verification of Zeroization.\u201d Technical Report in Platform Systems Group, Honeywell Aerospace.<\/p>\n<p><strong>Posters<\/strong><\/p>\n<p>Shengzhi Zhang, Xiaoqi Jia, and Peng Liu. \u201cRupi\u2019s Dance: Cross-Layer Comprehensive Infection Diagnosis for Availability-Critical Server Systems.\u201d In poster section of the 5<sup>th<\/sup> ACM SIGOPS EuroSys Conference (Eurosys 2010).<\/p>\n<p><strong>Inventions and Patents<\/strong><\/p>\n<p>Sang-Jo Yoo, Shengzhi Zhang, and Ju-hyun Lee. \u201cAdaptive Hidden Node Collision Recovery Protocol for IEEE 802.15.4 LR-WPANs.\u201d Patent NO. 10-0896986, filed with Korean Intellectual Property Office on May 4, 2009.<\/p>\n<p><\/div>\n<\/div>\n<\/p>\n","protected":false},"author":2828,"template":"","_links":{"self":[{"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/profile\/19931"}],"collection":[{"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/profile"}],"about":[{"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/types\/profile"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/users\/2828"}],"version-history":[{"count":10,"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/profile\/19931\/revisions"}],"predecessor-version":[{"id":29947,"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/profile\/19931\/revisions\/29947"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/csmet\/wp-json\/wp\/v2\/media?parent=19931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}