Hello! I’m Qiyi Zhang, a second-year Ph.D. student in the System and Software Security Laboratory at Fudan University, advised by Prof. Yuan Zhang.

My research interests primarily lie in web security, Java security, and LLM for security.

🔥 News

  • [2025.08]  🎉 One paper accepted by CCS 2025!

📝 Publications

  • CCS'25 Be Aware of What You Let Pass: Demystifying URL-based Authentication Bypass Vulnerability in Java Web Applications [Full Version] [Paper] [Code]
    Qiyi Zhang*, Fengyu Liu*, Zihan Lin, Yuan Zhang (* co-first authors).
    In Proceedings of the 32nd ACM Conference on Computer and Communications Security (CCS), October 2025. (CCF-A)

📖 Educations

  • 2024.09 - now, Ph.D, Fudan University, Shanghai, China.
  • 2020.09 - 2024.06, B.Eng., Xidian University, Xi’an, China.

💬 Service

  • Teaching Assistant of System Security: Attacks & Defenses (in School of Software), Fall 2025
  • Teaching Assistant of System Security: Attacks & Defenses (in School of Software), Fall 2024
  • Sub Reviewer
    • 2026: Usenix Security, AsiaCCS
    • 2025: Usenix Security, CCS, Esoorics
    • 2024: CCS