個人簡介

何藝，88858cc永利官网武漢數學與智能研究院研究員。2024年博士畢業于清華大學，導師為李琦老師。曾擔任網易遊戲資深工程師，有豐富的大型項目開發管理經驗。研究方向為系統安全，包括Android和IoT安全、雲安全，發表Usenix Security, CCS, NDSS, TDSC等CCF-A論文十多篇，擔任多個頂會的審稿人。研究成果應用于美團、華為和長虹等公司。詳見：https://heyi.sh

研究方向

教育背景

工作經驗

教授課程

發表論文

[1] Yi He, Yunchao Guan, Ruoyu Lun, Shangru Song, Zhihao Guo, Jianwei Zhuge, Jianjun Chen, Qiang Wei , Zehui Wu , Miao Yu , Shi Hetian, Qi Li. Demystifying the Security Implications in IoT Device Rental Services. Useinx Security 2024.

[2] Yue Xiao, Yi He, Xiaoli Zhang, Qian Wang, Renjie Xie, Kun Sun, Ke Xu, Qi Li. From Hardware Fingerprint to Access Token: Enhancing the Authentication on IoT Devices. NDSS 2024.

[3] Hetian Shi, Yi He, Qing Wang, Jianwei Zhuge, Qi Li, Xin Liu. Laser-Based Command Injection Attacks on Voice-Controlled Microphone Arrays. CHES 2024.

Yuhao Wu, Jinwen Wang, Yujie Wang, Shixuan Zhai, Zihan Li, Yi He, Kun Sun, Qi Li, Ning Zhang. Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities. Usenix Security 2024.

[4] Xijia Che, Yi He, Xuewei Feng, Kun Sun, Ke Xu, Qi Li. BlueSWAT: A Lightweight State-Aware Security Framework for Bluetooth Low Energy. CCS 2024.

[5] Yi He, Roland Guo, Yunlong Xing, Xijia Che, Kun Sun, Zhuotao Liu, Ke Xu, Qi Li. Cross Container Attacks: The Bewildered eBPF on Clouds. Useinx Security 2023.

[6] Yi He, Yacong Gu, Purui Su, Kun Sun, Yajin Zhou, Zhi Wang, Qi Li. A Systematic Study of Android Non-SDK (Hidden) Service API Security. IEEE Transactions on Dependable and Secure Computing (Volume 20, Issue 2, March-April 2023)

[7] Yi He, Zhenhua Zou, Kun Sun, Zhuotao Liu, Ke Xu, Qian Wang, Chao Shen, Zhi Wang, Qi Li. RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices. Useinx Security 2022.

[8] Yi He, Yuan Zhou, Yajin Zhou, Qi Li, Kun Sun, Yacong Gu, Yong Jiang. JNI global references are still vulnerable: Attacks and defenses. IEEE Transactions on Dependable and Secure Computing ( Volume: 19, Issue: 1, 01 Jan.-Feb. 2022)

[9] Jingwen Fan, Yi He, Bo Tang, Qi Li, Ravi Sandhu. Ruledger: Ensuring Execution Integrity in Trigger-Action IoT Platforms. Infocom 2021.

專利：

[1] 應用程序的認證方法、裝置及系統。中國發明專利，CN109086596，授權日期：2022.03.22，申請人：何藝。

[2] 應用程序版本兼容的處理方法及裝置。中國發明專利，CN109032820，授權日期：2021.02.12，申請人：何藝。

[3] 應用數據處理方法及裝置。中國發明專利，CN108933838，授權日期：2022.07.29，申請人：何藝。

[4] 一種針對嵌入式物聯網設備漏洞的熱修複方法及裝置, 中國發明專利，CN115268983，授權日期：2023.04.07，申請人：李琦，何藝，徐恪，張晗，劉卓濤，鄒振華。

課題科研

研究團隊

獲獎信息