Cong Wu (吴聪)

Cong Wu (吴聪)


  • Post-doctoral Researcher
    The University of Hong Kong (HKU), Hong Kong

    •    


ABOUT ME

I am currently a post-doctoral researcher at Department of Electrical and Electronic Engineering, The University of Hong Kong (HKU). I am working with Prof. Xianhao Chen on security and privacy for edge AI. Before joining HKU, I was a research fellow at Nanyang Technological University (NTU), working with Prof. Yang Liu on Web3 security. I received my Ph.D. degree at School of Cyber Science and Engineering, Wuhan University in 2022, under the joint supervision of Prof. Jing Chen and Prof. Ziming Zhao. I received B.E. degree at Xidian University in 2017. My current research interests focus on security and privacy of distributed intelligent system (SPDIS), including:

  • Blockchain, Web3, and distributed system security. [FSE’25], [CCS’24], [ASE’24], [ICSE’24], [TOSEM’24], [TIFS’24]
  • Security and privacy of edge intelligence. [Security’25], [JSAC’24], [TIFS’24], [TIFS’23]
  • Edge device security. [CCS’22], [Security’20], [TMC’24], [TDSC’24], [TDSC’21]

Email: congwu[AT]hku.hk / cong.wu[AT]ntu.edu.sg

NEWS

  • Mar 2025. One paper is accepted by FCS: “EyeAuth: Smartphone User Authentication via Reflexive Eye movements”
  • Mar 2025. One paper is accepted by TMC: “HeadSonic: Usable Bone Conduction Earphone Authentication via Head-conducted Sounds”
  • Mar 2025. One paper is accepted by TR: “Fine-grained Code Clone Detection by Keywords-based Connection of Program Dependency Graph”
  • Mar 2025. One paper is accepted by TIFS: “Unveiling the Superiority of Unsupervised Learning on GPU Cryptojacking Detection: Practice on Magnetic Side”
  • Mar 2025. One paper is accepted by TIFS: “Forward-Secure Hierarchical Delegable Signature for Smart Homes”
  • Feb 2025. Exponential Science Pioneers Award 2025
  • Feb 2025. One paper is accepted by COMST: “Unmasking the Internet: A Survey of Fine-Grained Network Traffic Analysis”
  • Feb 2025. One paper is accepted by TDSC: “Sanitizable Cross-domain Access Control with Policy-driven Dynamic Authorization”
  • Jan 2025. One paper is accepted by USENIX Security 2025: “Fighting Fire with Fire: Continuous Attack for Adversarial Android Malware Detection”
  • Jan 2025. One paper is accepted by USENIX Security 2025: “When Translators Refuse to Translate: A Novel Attack to Speech Translation Systems”
  • Jan 2025. One paper is accepted by TDSC: “SIGFinger: A Subtle and Interactive GNN Fingerprinting Scheme via Spatial Structure Inference Perturbation”
  • Jan 2025. One paper is accepted by TIFS: “TCG-IDS: Robust Network Intrusion Detection via Temporal Contrastive Graph Learning”
  • Dec 2024. Best Paper Award at International Conference on Machine Learning for Cyber Security (ML4CS) 2024
  • Dec 2024. Best Paper Award at IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2024 on The International Workshop on Security, Privacy, and Trust in Artificial Intelligence (SPTAI)
  • Dec 2024. One paper is accepted by TIFS: “Vulseye: Detect Smart Contract Vulnerabilities via Stateful Directed Graybox Fuzzing”
  • Nov 2024. One paper is accepted by TOSEM: “Towards Effective Detection of Ponzi schemes on Ethereum with Contract Runtime Behavior Graph”
  • Sep 2024. One paper is accepted by IMWUT: “HCR-Auth: Reliable Bone Conduction Earphone Authentication with Head Contact Response”
  • Aug 2024. One paper is accepted by CCS 2024: “TokenScout: Early Detection of Ethereum Scam Tokens via Temporal Graph Learning”
  • Aug 2024. I am awarded HKU-URC Post-doctoral Fellowship at The University of Hong Kong (HKU)
  • Aug 2024. One paper is accepted by ASE 2024: “Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models”
  • Aug 2024. One paper is accepted by JSAC: “An Efficient Privacy-aware Split Learning Framework for Satellite Communications”
  • Jul 2024. I will join The University of Hong Kong (HKU), working with Prof. Xianhao Chen
  • Jul 2024. One paper is accepted by TDSC: “WAFBOOSTER: Automatic Boosting of WAF Security Against Mutated Malicious Payloads”
  • Jun 2024. One paper is accepted by TIFS: “Rethinking Membership Inference Attacks Against Transfer Learning”
  • Feb 2024. One paper is accepted by TMC: “It’s All in the Touch: Authenticating Users with HOST Gestures on Multi-Touch Screen Devices”
  • Nov 2023. One paper is accepted by IMWUT: “LocCams: An Efficient and Robust Approach for Detecting and Localizing Hidden Wireless Cameras via Commodity Devices”
  • Oct 2023. One paper is accepted by TMC: “WiFiLeaks: Exposing Stationary Human Presence Through a Wall with Commodity Mobile Devices”
  • Aug 2023. One paper is accepted by ICSE 2024: “PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph”
  • Jul 2023. One paper is selected as top 10 distinguished conference papers at 2023 China Cybersecurity Conference: “EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices. CCS22”
  • Jul 2023. One paper is accepted by TIFS: “Efficient Privacy-preserving Inference Outsourcing for Convolutional Neural Networks”
  • Jun 2022. I will join Cyber Security Lab, SCSE, Nanyang Technological University as a research fellow, working with Prof. Yang Liu
  • Jun 2022. One paper is accepted by CCS 2022: “EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices”
  • May 2022. I passed my doctoral dissertation defense. Now I’m officially Dr. Wu. My deepest gratitude goes to my co-advisors, Prof. Jing Chen and Prof. Ziming Zhao

SELECTED PUBLICATIONS

  • [FCS] Zhixiang He, Jing Chen, Kun He, Cong Wu, Xiangyu Qu, Yangyang Gu, Xiping Sun, Ruiying Du. EyeAuth: Smartphone User Authentication via Reflexive Eye movements. Frontiers of Computer Science. 2025.

  • [TMC] Zhixiang He, Jing Chen, Kun He, Yangyang Gu, Qiyi Deng, Zijian Zhang, Ruiying Du, Qingchuan Zhao, Cong Wu. HeadSonic: Usable Bone Conduction Earphone Authentication via Head-conducted Sounds. IEEE Transactions on Mobile Computing. 2025.

  • [TR] Yueming Wu, Wenqi Suo, Siyue Feng, Cong Wu, Deqing Zou, and Hai Jin. Fine-grained Code Clone Detection by Keywords-based Connection of Program Dependency Graph. IEEE Transactions on Reliability. 2025.

  • [TIFS] Hangcheng Cao, Guowen Xu, Ziyang He, Shaoqing Shi, Shengmin Xu, Cong Wu, and Jianting Ning. Unveiling the Superiority of Unsupervised Learning on GPU Cryptojacking Detection: Practice on Magnetic Side Channelbased Mechanism. IEEE Transactions on Information Forensics and Security. 2025.

  • [TIFS] Jianfei Sun, Guowen Xu, Yang Yang, Xuehuan Yang, Xiaoguo Li, Cong Wu, Zhen Liu, Guomin Yang, Robert H. Deng. Forward-Secure Hierarchical Delegable Signature for Smart Homes. IEEE Transactions on Information Forensics and Security. 2025.

  • [COMST] Yebo Feng, Jun Li, Jelena Mirkovic, Cong Wu, Chong Wang, Hao Ren, Jiahua Xu, Yang Liu. Unmasking the Internet: A Survey of Fine-Grained Network Traffic Analysis. IEEE Communications Surveys and Tutorials. 2025.

  • [TDSC] Jianfei Sun, Guowen Xu, Hongwei Li, Tianwei Zhang, Cong Wu, Xuehuan Yang, Robert H. Deng. Sanitizable Cross-domain Access Control with Policy-driven Dynamic Authorization. IEEE Transactions on Dependable and Secure Computing. 2025.

  • [Security’25] Haolin Wu, Chang Liu, Jing Chen, Ruiying Du, Kun He, Yu Zhang, Cong Wu, Tianwei Zhang, Qing Guo, Jie Zhang. When Translators Refuse to Translate: A Novel Attack to Speech Translation Systems. USENIX Security Symposium. 2025.

  • [Security’25] Yinyuan Zhang, Cuiying Gao, Yueming Wu, Shihan Dou, Cong Wu, Ying Zhang, Wei Yuan, Yang Liu. Fighting Fire with Fire: Continuous Attack for Adversarial Android Malware Detection. USENIX Security Symposium. 2025.

  • [FSE’25] Ruichao Liang, Jing Chen, Ruochen Cao, Kun He, Ruiying Du, Shuhua Li, Zheng Lin, Cong Wu*. SmartShot: Hunt Hidden Vulnerabilites in Smart Contracts using Mutable Snapshots. ACM International Conference on the Foundations of Software Engineering. 2025.

  • [TDSC] Ju Jia, Renjie Li, Cong Wu, Siqi Ma, Lina Wang, Robert H. Deng. SIGFinger: A Subtle and Interactive GNN Fingerprinting Scheme via Spatial Structure Inference Perturbation. IEEE Transactions on Dependable and Secure Computing. 2025.

  • [TIFS] Cong Wu, Jianfei Sun, Jing Chen, Mamoun Alazab, Yang Liu, Yang Xiang. TCG-IDS: Robust Network Intrusion Detection via Temporal Contrastive Graph Learning. IEEE Transactions on Information Forensics and Security. 2025.

  • [TIFS] Ruichao Liang, Jing Chen, Cong Wu*, Kun He, Yueming Wu, Ruochen Cao, Ruiying Du, Ziming Zhao, Yang Liu. Vulseye: Detect Smart Contract Vulnerabilities via Stateful Directed Graybox Fuzzing. IEEE Transactions on Information Forensics and Security. 2025.

  • [CCS’24] Cong Wu, Jing Chen, Ziming Zhao, Kun He, Guowen Xu, Yueming Wu, Haijun Wang, Hongwei Li, Yang Liu, Yang Xiang. TokenScout: Early Detection of Ethereum Scam Tokens via Temporal Graph Learning. ACM SIGSAC Conference on Computer and Communications Security. 2024.

  • [ASE’24] Cong Wu, Jing Chen, Ziwei Wang, Ruichao Liang, Ruiying Du. Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models. IEEE/ACM International Conference on Automated Software Engineering. 2024.

  • [ICSE’24] Ruichao Liang, Jing Chen, Kun He, Yueming Wu, Gelei Deng, Ruiying Du, Cong Wu. PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph (CRBG). IEEE/ACM International Conference on Software Engineering. 2024.

  • [TIFS] Cong Wu, Jing Chen, Qianru Fang, Kun He, Ziming Zhao, Hao Ren, Guowen Xu, Yang Liu, Yang Xiang. Rethinking Membership Inference Attacks Against Transfer Learning. IEEE Transactions on Information Forensics and Security. 2024.

  • [TDSC] Cong Wu, Jing Chen, Simeng Zhu, Wenqi Feng, Kun He, Ruiying Du, Yang Xiang. WAFBOOSTER: Automatic Boosting of WAF Security Against Mutated Malicious Payloads. IEEE Transactions on Dependable and Secure Computing. 2024.

  • [TMC] Cong Wu, Hangcheng Cao, Guowen Xu, Chenjie Zhou, Jianfei Sun, Ran Yan, Yang Liu, Hongbo Jiang. It’s All in the Touch: Authenticating Users with HOST Gestures on Multi-Touch Screen Devices. IEEE Transactions on Mobile Computing. 2024.

  • [JSAC] Jianfei Sun, Cong Wu*, Shahid Mumtaz, Junyi Tao, Mingsheng Cao, Mei Wang, Valerio Frascolla. An Efficient Privacy-aware Split Learning Framework for Satellite Communications. IEEE Journal on Selected Areas in Communications. 2024.
  • [TOSEM] Ruichao Liang, Jing Chen, Cong Wu, Kun He, Yueming Wu, Weisong Sun, Ruiying Du, Qingchuan Zhao, Yang Liu. Towards Effective Detection of Ponzi schemes on Ethereum with Contract Runtime Behavior Graph. ACM Transactions on Software Engineering and Methodology. 2024.
  • [IMWUT] Zhixiang He, Jing Chen, Cong Wu, Kun He, Ruiying Du, Ju Jia, Yangyang Gu, Xiping Sun. HCR-Auth: Reliable Bone Conduction Earphone Authentication with Head Contact Response. Proceedings of ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies. 2024.
  • [IMWUT] Yangyang Gu, Jing Chen, Cong Wu, Kun He, Ziming Zhao, and Ruiying Du. LocCams: An Efficient and Robust Approach for Detecting and Localizing Hidden Wireless Cameras via Commodity Devices. Proceedings of ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies. 2024.
  • [TIFS] Xuanang Yang, Jing Chen, Kun He, Hao Bai, Cong Wu, Ruiying Du. Efficient Privacy-preserving Inference Outsourcing for Convolutional Neural Networks. IEEE Transactions on Information Forensics and Security. 2023.
  • [TMC] Yangyang Gu, Jing Chen, Kun He, Cong Wu, Ziming Zhao, and Ruiying Du. WiFiLeaks: Exposing Stationary Human Presence Through a Wall with Commodity Mobile Devices. IEEE Transactions on Mobile Computing. 2023.
  • [CCS’22] Cong Wu, Jing Chen, Kun He, Ziming Zhao, Ruiying Du, Chen Zhang. EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices. ACM SIGSAC Conference on Computer and Communications Security. 2022.
  • [TDSC] Cong Wu, Kun He, Jing Chen, Ziming Zhao, Ruiying Du. Toward Robust Detection of Puppet Attacks via Characterizing Fingertip-touch Behaviors. IEEE Transactions on Dependable and Secure Computing. 2021.
  • [Security’20] Cong Wu, Kun He, Jing Chen, Ziming Zhao, Ruiying Du. Liveness is Not Enough: Enhancing Fingerprint Authentication with Behavioral Biometrics to Defeat Puppet Attacks. USENIX Security Symposium. 2020.

AWARDS

  • Exponential Science Pioneers Award 2025, Feb 2025
  • ML4CS’24 Best Paper Award, Dec 2024
  • TrustCom’24-SPATI Best Paper Award, Dec 2024
  • HKU-URC Post-doctoral Fellowship, The University of Hong Kong (HKU), HK SAR. Aug 2024
  • Research Innovation Award, Wuhan University, China. Dec 2023
  • Distinguished Paper Award at China Cybersecurity 2023. Jun 2023
  • Distinguished Doctoral Dissertation Award at Wuhan University. Oct 2022
  • Distinguished Ph.D. Graduate, Wuhan University, China. Jun 2022
  • National Scholarship for Postgraduates, Ministry of Education, China. Dec 2021
  • Distinguished Postgraduates Award, Wuhan University, China. Dec 2021
  • Research Innovation Award, Wuhan University, China. Dec 2021
  • Research Innovation Award, Wuhan University, China. Dec 2020
  • Distinguished Fresh Postgraduates Scholarship, Wuhan University, China. Sep 2017

SERVICES

Editorship

  • Associate Editor, Journal of Security and Privacy Journal (SPY)
  • Associate Editor, International Journal of Communication Systems (IJCS)
  • Youth Editor, Journal of Information and Intelligence (JII)

Technical Program Committee

Artifact Evaluation Committee (AEC) Member

(External) Conference Reviewer

  • USENIX Security Symposium 2025, 2024
  • ACM Conference on Computer and Communications Security (CCS) 2025, 2024, 2023, 2022
  • ISOC Network and Distributed System Security Symposium (NDSS) 2023, 2022
  • ACM Annual Computer Security Applications Conference (ACSAC) 2024
  • IEEE European Symposium on Security and Privacy (EuroSP) 2024
  • ACM Web Conference 2025, 2024, 2023, 2022
  • Financial Cryptography (FC) 2025
  • The Annual Privacy Enhancing Technologies Symposium (PETS) 2024
  • Internet Measurement Conference (IMC) 2024

Journal Reviewer

  • Proceedings of the IEEE
  • IEEE Transactions on Information Forensics and Security (TIFS)
  • ACM Transactions on Software Engineering and Methodology (TOSEM)
  • IEEE Journal on Selected Areas in Communications (JSAC)
  • IEEE Transactions on Knowledge and Data Engineering (TKDE)
  • ACM Transactions on Privacy and Security (TOPS)
  • IEEE Transactions on Dependable and Secure Computing (TDSC)
  • IEEE Transactions on Mobile Computing (TMC)
  • IEEE Transactions on Reliability (TR)
  • IEEE Transactions on Network Science and Engineering (TNSE)
  • IEEE Transactions on Network and Service Management (TNSM)
  • Journal of Security and Communication Networks (JSCN)
  • Journal of Computer Security (JCS)
  • IEEE Transactions on Industrial Informatics (TII)