Chaoyu Zhang

Chaoyu Zhang

Ph.D. Candidate in CS at Virginia Tech.

Chaoyu Zhang

I am currently a Ph.D. student in Computer Science at Virginia Tech, under the supervision of Professor Wenjing Lou.

I focus on AI Security and Safety, with particular emphasis on LLMs and agentic AI systems, federated learning, and broader machine learning pipelines. My work addresses security and safety risks in deployed AI systems, including adversarial attacks (e.g., prompt injection and jailbreaks), malicious or anomalous behaviors, privacy leakage, and system-level attack vectors. I design evaluation, detection, and mitigation mechanisms, as well as post-training and task-specific customization strategies, to help align AI systems with essential security and safety requirements prior to production use.

News

  • [Dec. 2025] Our paper ‘AnonyCall: Enabling Native Private Calling in Mobile Networks’, was accepted by the Network and Distributed System Security Symposium (NDSS 2026).
  • [Aug. 2025] Our paper ‘Enabling Trustworthy Federated Learning via Remote Attestation for Mitigating Byzantine Threats’, was accepted by the IEEE Military Communications Conference (MILCOM 2025).
  • [Feb. 2025] Our paper ‘MedLeak: Harvesting Multimodal Medical Data in Secure Federated Learning with Crafted Models’, was accepted by the IEEE/ACM Conference on Connected Health: Applications, Systems, and Engineering Technologies (CHASE 2025).
  • [Feb. 2025] Our paper ‘StarCast: A Secure and Spectrum-Efficient Group Communication Scheme for LEO Satellite Networks’, was accepted by the IEEE International Symposium on Dynamic Spectrum Access Networks (DySPAN 2025).
  • [Dec. 2024] Our paper ‘FLARE: Defending Federated Learning against Model Poisoning Attacks via Latent Space Representations’, was accepted by the IEEE Transactions on Dependable and Secure Computing (TDSC).
  • [Nov. 2024] Our paper ‘Scale-MIA: A Scalable Model Inversion Attack against Secure Federated Learning via Latent Space Reconstruction’, was accepted by the Network and Distributed System Security Symposium (NDSS 2025).
  • [Aug. 2024] Our paper ‘ProFLingo: A Fingerprinting-based Intellectual Property Protection Scheme for Large Language Models’, won best paper award at the IEEE Conference on Communications and Network Security 2024 (CNS 2024).
  • [Aug. 2024] Our paper ‘ProFLingo: A Fingerprinting-based Intellectual Property Protection Scheme for Large Language Models’, was accepted by the IEEE Conference on Communications and Network Security 2024 (CNS 2024).
  • [Aug. 2024] Our paper ‘Hermes: Boosting the Performance of Machine-Learning-Based Intrusion Detection System through Geometric Feature Learning’, was accepted by the 25th International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing (MobiHoc 2024).
  • [Aug. 2023] Our paper ‘MINDFL: Mitigating the Impact of Imbalanced and Noisy-labeled Data in Federated Learning with Quality and Fairness-Aware Client Selection’ was accepted by the IEEE Military Communications Conference (MILCOM 2023).
  • [Aug. 2023] Our paper ‘Bijack: Breaking Bitcoin Network with TCP Vulnerabilities’ was accepted by the 28th European Symposium on Research in Computer Security (ESORICS 2023).