Home | Yuhao Wu | Washington University in St. Louis

Biography: I am Yuhao Wu, a final-year Ph.D. candidate in Computer Science at Washington University in St. Louis (WashU), fortunate to be advised by Umar Iqbal and Ning Zhang. Before joining WashU, I earned a Bachelor’s degree in Cybersecurity from Sichuan University (SCU) in 2021. During my undergraduate studies, I also spent a semester as an exchange student at the National University of Singapore (NUS). Last summer, I worked as an AI research intern at Palo Alto Networks, where I focused on AI-driven security research.

Research Interests: I am interested in the broad intersection of security, privacy, and ML systems. My recent research focuses on identifying and addressing the security and privacy challenges of emerging ML-enabled systems, such as LLM-based agentic systems, through novel system design and ML-driven solutions.

Updates:

I am on the market and look for a full time job!
I am selected as ML and Systems Rising Star ’25!
I am reviewing for the RAID ’25. Consider submitting your work!
I presented our research on execution isolation in agentic systems at MSR.
Our work on execution isolation in agentic systems has been accepted by NDSS ’25.
Our research on measuring data exposure in LLM apps has been reported by The Register.

Selected Publications

Please see Google Scholar for more recent works and arXiv papers.

ML and System Security

IsolateGPT: An Execution Isolation Architecture for LLM-Based Agentic Systems [PDF] [Poster (S&P)]
Y. Wu, F. Roesner, T. Kohno, N. Zhang, U. Iqbal
Network and Distributed System Security Symposium (NDSS), 2025

Your Firmware Has Arrived: A Study of Firmware Update Vulnerabilities [PDF]
Y. Wu, J. Wang, Y. Wang, S. Zhai, Z. Li, Y. He, K. Sun, Q. Li, and N. Zhang
USENIX Security Symposium, 2024

An In-Depth Investigation of Data Collection in LLM App Ecosystems [The Register]
Y. Wu, E. Jaff, K. Yang, N. Zhang, U. Iqbal
In Submission, 2025

IP Protection in TinyML [PDF]
Y. Wu*, J. Wang*, H. Liu, B. Yuan, R. Chamberlain, and N. Zhang (*Co-first Author)
IEEE/ACM Design Automation Conference (DAC), 2023

Work-in-Progress: Measuring Security Protection in Real-time Embedded Firmware [PDF]
Y. Wu, Y. Wang, S. Zhai, Z. Li, A. Li, J. Wang, and N. Zhang
IEEE Real-Time Systems Symposium (RTSS), 2022

Adversarial ML

Please Tell Me More: Privacy Impact of Explainability through the Lens of Membership Inference Attack [PDF]
H. Liu, Y. Wu, Z. Yu, and N. Zhang
IEEE Symposium on Security and Privacy (Oakland), 2024

CodeIPPrompt: Intellectual Property Infringement Assessment of Code Language Models [PDF] [Poster (S&P )]
Z. Yu, Y. Wu, N. Zhang, C. Wang, Y. Vorobeychik, and C. Xiao
International Conference on Machine Learning (ICML), 2023

SlowLiDAR: Increasing the Latency of LiDAR-Based Detection Using Adversarial Examples [PDF]
H. Liu, Y. Wu, Z. Yu, Y. Vorobeychik, and N. Zhang
IEEE/CVF Computer Vision and Pattern Recognition Conference (CVPR), 2023

RIATIG: Reliable and Imperceptible Adversarial Text-to-Image Generation with Natural Prompts [PDF]
H. Liu, Y. Wu, S. Zhai, B. Yuan, and N. Zhang
IEEE/CVF Computer Vision and Pattern Recognition Conference (CVPR), 2023

Anti-Honeypot Enabled Optimal Attack Strategy for Industrial Cyber-Physical Systems [PDF]
B. Li, Y. Xiao, Y. Shi, Q. Kong, Y. Wu, and H. Bao
IEEE Open Journal of the Computer Society (OJ-CS), 2020

Data-Driven Security

Federated Learning for Distributed Intrusion Detection in IoT Networks [Book]
Q. Du, B. Li, Z. Shao, Y. Wu, and C. Yang
Advanced Machine Learning for Cyber-Attack Detection in IoT Networks, Chapter 4. Elsevier, 2025

A Novel Framework for Detecting Social Bots with Deep Neural Networks and Active Learning [PDF]
Y. Wu, Y. Fang, S. Shang, J. Jin, L. Wei, and H. Wang
Knowledge-Based Systems (KBS), 2021

DeepFed: Federated Deep Learning For Intrusion Detection in Industrial Cyber-Physical Systems [PDF]
B. Li, Y. Wu, J. Song, R. Lu, T. Li, and L. Zhao
IEEE Transactions on Industrial Informatics (TII), 2020 (ESI Hot Paper, ESI Highly Cited Paper)

Detecting Social Spammers in Sina Weibo Using Extreme Deep Factorization Machine [PDF]
Y. Wu, Y. Fang, S. Shang, L. Wei, J. Jin, and H. Wang
International Conference on Web Information Systems Engineering (WISE), 2020

ReAL: A New ResNet-ALSTM Based Intrusion Detection System for the Internet of Energy [PDF]
J. Song, B. Li, Y. Wu, Y. Shi, and A. Li
IEEE Conference on Local Computer Networks (LCN), 2020

Awards & Honors

ML and Systems Rising Star, 2025
USENIX Security Student Travel Grant, 2024
IEEE S&P Student Travel Grant, 2024
ESI Hot Paper, 2022
ESI Highly Cited Paper, 2021 – 2025
National Scholarship (Awarded by MoE, China; 0.2% of Chinese undergraduate students), 2020
First Prize Scholarship (Awarded by SCU; Top 1%), 2020
Outstanding Graduate Honor (Awarded by SCU; Top 10%), 2020
Outstanding Student Honor (Awarded by SCU; Top 10%), 2019

Selected Services

Technical Program Committee

International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2025
International Conference on Machine Learning (ICML), 2025
International Conference on Learning Representations (ICLR), 2025
IEEE International Conference on Communications (ICC), 2025
International Conference on Artificial Intelligence and Statistics (AISTATS), 2025
ICLR Workshop on Foundation Models in the Wild, 2025
Annual Conference on Neural Information Processing Systems (NeurIPS), 2024
USENIX Security Symposium (Artifact Evaluation), 2024
ICML Workshop on Foundation Models in the Wild, 2024
ICLR Workshop on Reliable and Responsible Foundation Models, 2024
CVPR Workshop on Synthetic Data for Computer Vision, 2024
IEEE International Conference on Computer Communications and Networks (ICCCN), 2023
IEEE Global Communications Conference (GLOBECOM), 2020

Journal Reviewer

IEEE Transactions on Information Forensics and Security (TIFS), 2023 – 2025
IEEE/ACM Transactions on Networking (TON), 2022 – 2025
Complex & Intelligent Systems (CAIS), 2021 – 2025
ACM Transactions on Cyber-Physical Systems, 2024, 2025
IEEE Transactions on Network Science and Engineering (TNSE), 2021, 2024
IEEE Transactions on Computational Social Systems (TCSS), 2024
IEEE Transactions on Mobile Computing (TMC), 2024
ACM Transactions on Intelligent Systems and Technology (TIST), 2024
Knowledge-Based Systems, 2024
IEEE Transactions on Big Data (TBD), 2023
IEEE Internet of Things Journal (IoT-J), 2023
Peer-to-Peer Networking and Applications (PPNA), 2021

External Reviewer

USENIX Security, NDSS, IEEE S&P, ACM CCS, DAC, RTAS, ASIACCS, EuroS&P, ACSAC, etc.

Vulnerabilities Found

CVE-2022-38956, CVE-2022-46422, CVE-2022-46423, CVE-2022-46424, CVE-2023-23110, CVE-2023-40879, CVE-2022-38873, CVE-2023-40878, CVE-2022-46139, CVE-2022-46428, CVE-2022-46430, CVE-2022-46432, CVE-2022-46434, CVE-2022-46435, CVE-2022-46910, CVE-2022-46912, CVE-2022-46914, CVE-2023-23119, CVE-2023-40881, CVE-2023-23120, CVE-2023-40881, CVE-2023-40882, CVE-2023-40884, CVE-2023-40885, PSV-2022-0183