Wireless Networks Security and Privacy

• Course Information

• Semester: 2025 Autumn
• Time: 13:25-17:00 (6.7.8.9) Wednesday
• Location: Yuquan Campus, #4 Teaching Building, Rm210
• TA: Yu Wang, wy_chaser@zju.edu.cn

• Schedule (Update: 2025.9.28)

Week	Course/Presentation Topic	Presenter
Week 1 17, Sep(Absent, to make up later)	1. Course introduction & logistics 2. Wireless security basics & threat models	Lecturer
Week 2 24, Sep	3. Information security and crypto basics 4. Physical layer: physical layer threats; jamming	Lecturer
Week 3 11, Oct	5. Link layer, Wi-Fi security, and mac misbehavior 6. Network layer: threats, routing and forwarding security	Lecturer
Week 5 15, Oct	7. Wireless transport layer: TCP/UDP security 8. Location service security	Lecturer
Week 6 22, Oct	New wireless topics 1: Telecom Security & Privacy New wireless topics 2: IoT Security & Privacy New wireless topics 3: Satellite security New wireless topics 4: Bluetooth security	Lecturer & Student
Week 7 29, Oct	New wireless topics 5: 5G/60G and its security New wireless topics 6: Low power wireless network and security New wireless topics 7: VANET Security & Privacy	Lecturer & Student
Week 8 5, Nov	Project Presentation	Student
Make-up class 7, Nov	Project Presentation	Student

• Group and Presentation Guidelines

• Group: Form a team individually and fill in the shared document in the group to complete the selection of the paper.
• Student presentation:
  1. 1 students as a group
  2. chooses paper from the list I provide
  3. Presentations last for 12 mins(paper) + Q&A (3 mins)
  4. Make slides yourself
• Paper source:
  1. Big 4: USENIXS Security/ NDSS/ ACM CCS/ IEEE Oakland (S&P)
  2. CNS: Cell/ Nature/ Science

• Candidate papers from me (Update: 2025.9.28)
Session 1: side channel

1. CipherSteal: Stealing Input Data from TEE-Shielded Neural Networks with Ciphertext Side Channels, S&P 2025（distinguished paper）
2. One Video to Steal Them All: 3D-Printing IP Theft through Optical Side-Channels, CCS 2025
3. No Time To Leak: Automated Discovery of Timer-Free Cache Side Channels on ARM CPUs, CCS 2025
4. MoEcho: Exploiting Side-Channel Attacks to Compromise User Privacy in Mixture-of-Experts LLMs, CCS 2025
5. I Know What You Said: Unveiling Hardware Cache Side-Channels in Local Large Language Model Inference, USENIX 2025
6. On Borrowed Time - Preventing Static Side-Channel Analysis, NDSS 2025
7. HubBub: Contention-Based Side-Channel Attacks on USB Hubs, USENIX 2025
8. Breaking the Blindfold: Deep Learning-based Blind Side-channel Analysis, USENIX 2025
9. Deanonymizing Device Identities via Side-channel Attacks in Exclusive-use IoTs & Mitigation, NDSS 2025
10. CountMamba: A Generalized Website Fingerprinting Attack via Coarse-Grained Representation and Fine-Grained Prediction, S&P 2025
11. All-in-one, bio-inspired, and low-power crypto engines for near-sensor security based on two-dimensional memtransistors, nature communications

Session 2: AI Security

12. JailbreakEval: An Integrated Toolkit for Evaluating Jailbreak Attempts Against Large Language Models, NDSS 2025（Best Technical Poster Award）
13. DataSentinel: A Game-Theoretic Detection of Prompt Injection Attacks, S&P 2025（distinguished paper）
14. PropertyGPT: LLM-driven Formal Verification of Smart Contracts through Retrieval-Augmented Property Generation, NDSS 2025（distinguished paper）
15. SHAFT: Secure, Handy, Accurate and Fast Transformer Inference, NDSS 2025（Artifact Evaluation Award）
16. EmbedX: Embedding-Based Cross-Trigger Backdoor Attack Against Large Language Models, USENIX 2025
17. Don't Listen To Me: Understanding and Exploring Jailbreak Prompts of Large Language Models, USENIX 2024（Best Paper Award）
18. RAG-WM: An Efficient Black-Box Watermarking Approach for Retrieval-Augmented Generation of Large Language Models, CCS 2025
19. Prompt Inference Attack on Distributed Large Language Model Inference Frameworks, CCS 2025
20. SafeGuider: Robust and Practical Content Safety Control for Text-to-Image Models, CCS 2025
21. Fuzz-Testing Meets LLM-Based Agents: An Automated and Efficient Framework for Jailbreaking Text-To-Image Generation Models, S&P 2025
22. Neuromorphic overparameterisation and few-shot learning in multilayer physical neural networks, nature communications

Session 3: Cyber Security

23. My Model is Malware to You: Transforming AI Models into Malware by Abusing TensorFlow APIs, S&P 2025
24. Unveiling Security Vulnerabilities in Git Large File Storage Protocol, S&P 2025（distinguished paper）
25. Follow My Flow: Unveiling Client-Side Prototype Pollution Gadgets from One Million Real-World Websites, S&P 2025（distinguished paper）
26. Transport Layer Obscurity: Circumventing SNI Censorship on the TLS Layer, S&P 2025（distinguished paper）
27. ReDAN: An Empirical Study on Remote DoS Attacks against NAT Networks, NDSS 2025（distinguished paper）
28. WhisperFuzz: White-Box Fuzzing for Detecting and Locating Timing Vulnerabilities in Processors, USENIX 2024（Best Paper Award）
29. Generating API Parameter Security Rules with LLM for API Misuse Detection, USENIX 2025
30. LeakLess: Selective Data Protection against Memory Leakage Attacks for Serverless Platforms, USENIX 2025
31. TEMPEST-LoRa: Cross-Technology Covert Communication, CCS 2025
32. Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps, CCS 2025
33. Lead federated neuromorphic learning for wireless edge artificial intelligence, nature communications

Session 4: Sensor Security

34. ReThink: Reveal the Threat of Electromagnetic Interference on Power Inverters, NDSS 2025（distinguished paper）
35. PowerRadio: Manipulate Sensor Measurement via Power GND Radiation, NDSS 2025
36. GhostShot: Manipulating the Image of CCD Cameras with Electromagnetic Interference, NDSS 2025
37. RollingEvidence: Autoregressive Video Evidence via Rolling Shutter Effect, USENIX 2025
38. UnMarker: A Universal Attack on Defensive Image Watermarking, S&P 2025
39. Investigating Physical Latency Attacks against Camera-based Perception, S&P 2025
40. CamLoPA: A Hidden Wireless Camera Localization Framework via Signal Propagation Path Analysis, S&P 2025
41. ControlLoc: Physical-World Hijacking Attack on Camera-based Perception in Autonomous Driving, CCS 2025
42. Neural Invisibility Cloak: Concealing Adversary in Images via Compromised AI-driven Image Signal Processing, USENIX 2025
43. DiffLoc: WiFi Hidden Camera Localization Based on Electromagnetic Diffraction, USENIX 2025
44. Neuromorphic overparameterisation and few-shot learning in multilayer physical neural networks, nature electronics

• Schedules and Materials (Update: 2025.9.28)

• Presentation and Project Schedule: Please find your presentation order in the attchment: Scoring Sheet
• Course slides: Lecture 1
• Course slides: Lecture 2
• Course slides: Lecture 3
• Course slides: Lecture 4
• Course slides: Lecture 5
• Course slides: Lecture 6
• Course slides: Lecture 7
• Course slides: Lecture 8
• Course slides: Lecture 9