I am a postdoctoral researcher in the Advanced Software Technologies (AST) lab at ETH Zurich, mentored by Prof. Zhendong Su. I obtained my Ph.D. in Computer Science and Engineering from The Hong Kong University of Science and Technology (HKUST) in 2024 under the supervision of Prof. Shuai Wang. Prior to that, I received my B.S. in Computer Science from Fudan University in 2020.

E-mail: yuanyuan.yuan [at] inf.ethz.ch

Research Interests

My research focuses on the safety (i.e., addressing unintentional defects and ensuring reliable behaviors) and security (i.e., uncovering and mitigating intentional attacks and privacy breaches) of AI systems. My long-term goal is to strengthen AI systems’ safety and security across a range of conventional and emerging scenarios. Over the past several years, I have been pursuing this goal primarily from software and hardware perspectives.

From the software perspective, I employ software testing and verification, two fundamental and complementary techniques, to enhance the safety of AI systems. My research has redefined the entire testing framework for AI systems, including the testing input generation [TSE 24], testing objectives [ICSE 23a, ICSE 23b], testing oracles [ASE 22, CVPR 21], and the follow-up repairing [ISSTA 24]. It has also bridged different verification techniques to real-world applications of AI systems [USENIX Security 23b].

From the hardware perspective, I analyze hardware activities in AI systems to uncover new attack vectors. Specifically, my research has revealed different hardware side channels that compromise data privacy, such as input leakages to malicious users [USENIX Security 22, ICLR 21], input and AI model leakages to untrusted hosts in TEE-protected AI systems [IEEE S&P 25, CCS 24]. It has also identified pervasive and stealthy hardware fault injections that manipulate AI system’s outputs [NDSS 25a]. To defend against these attacks, I have proposed universal detection techniques for the leakages [USENIX Security 23a] and injections [NDSS 25b, NDSS 23].

Education & Experience

  • Postdoctoral Researcher. AST lab, ETH Zurich. Oct. 2024 - present.

  • Ph.D. in Computer Science and Engineering. HKUST. Sep. 2020 - Sep. 2024.
    🎓 Thesis: Side Channel Analysis for AI Infrastructures
    🏆 Best PhD Dissertation Award 2024 (one awardee per year), CSE, HKUST

  • Visiting Researcher. AST lab, ETH Zurich. Sep. 2022 - Sep. 2023.

  • B.S. in Computer Science. Fudan University. Sep. 2016 - July 2020.

Selected Publications (full list)

$^\dagger$ indicates corresponding authors, i.e., first-author works of junior students I mentored.

Academic Services

  • Program Committee: DeepTest 2025, USENIX Security 2023 (Artifact Evaluation), OSDI 2022 and USENIX ATC 2022 (Artifact Evaluation), ISSTA 2022 (Artifact Evaluation).

  • External Reviewer: IEEE S&P 2024, USENIX Security 2024, ISSTA 2024, FSE 2024, USENIX Security 2023, ISSTA 2023, FSE 2023, ASE 2022, CCS 2022.

Teaching Experience

  • Guest Lecturer: Automated Software Testing. ETH Zurich, Spring 2023.
  • Teaching Assistant: COMP3632: Principles of Cybersecurity. HKUST, Fall 2021.
  • Teaching Assistant: COMP3632: Principles of Cybersecurity. HKUST, Spring 2021.
  • Teaching Assistant: Introduction to Computer System. Fudan University, Fall 2018.

Last updated: 28 Nov. 2024