profile picture

CHENG,Yao程瑶

Senior Principal Consultant

Education

PhD in Computer Science

University of Chinese Academy of Sciences
2009 - 2015

Languages

  • Chinese (Native)
  • English (Professional)
  • Japanese (Conversational)

Interests

Hello!

As a Senior Principal Consultant for AI Quality at TÜV SÜD Asia Pacific Pte. Ltd., I am responsible for the development of AI quality frameworks and AI system assessments. My primary objective is to facilitate the trustworthy adoption of AI and drive digital transformation in organizations. My expertise lies in the domains of security and privacy in AI systems, as well as blockchain technology applications. I am passionate about helping businesses navigate the complex landscape of emerging technologies in a secure and efficient manner, to achieve their strategic goals.

Experiences

Senior Principal Consultant

2022 - Present
TÜV SÜD's Asia Pacific, Singapore
  • TÜV SÜD AI quality framework development, considering upcoming regulations, standards, best practice.
  • AI system in-depth quality assessments, in both qualitative and quatitative manners.
  • Trainer for AI Quality Certification Program (AIQCP).

Senior Researcher

2018 - 2022
Huawei International, Singapore
  • Technology for improving trustworthy AI.
  • AI model fairness testing.
  • DNN poisoning/backdoor attacks, model-level backdoor detection, and sample-level trigger detection.
  • Adversarial machine learning attacks and defenses.
  • Malware detection for Huawei high-end mobile products.

Research Scientist

2017 - 2018
Institute for Infocomm Research, A*STAR, Singapore
  • Power demand forecasting and anomaly detection in smart grids using LSTM.
  • Blockchain-based secure intelligent transportation systems.

Research Fellow

2015 - 2017
Singapore Management University, Singapore
  • Mobile system/application security and privacy analysis.
  • User authentication on wearable devices.
  • Usable security solutions.

Publications

  • Understanding Real-world Threats to Deep Learning Models in Android Apps.
    • Zizhuang Deng, Kai Chen, Guozhu Meng, Xiaodong Zhang, Ke Xu, and Yao Cheng.
    In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 785-799. 2022.
  • NeuronFair: Interpretable White-Box Fairness Testing through Biased Neuron Identification.
    • Haibin Zheng, Zhiqing Chen, Tianyu Du, Xuhong Zhang, Yao Cheng, Shouling Ji, Jingyi Wang, Yue Yu, Jinyin Chen.
    In Proceedings of the 44th International Conference on Software Engineering (ICSE 2022).
  • DeepMnemonic: Password Mnemonic Generation via Deep Attentive Encoder-Decoder Model.
    • Yao Cheng, Chang Xu, Zhen Hai, and Yingjiu Li.
    In IEEE Transactions on Dependable and Secure Computing (TDSC), vol. 19, no. 1, pp. 77-90, 1 Jan.-Feb. 2022.
  • Android-based Cryptocurrency Wallets: Attacks and Countermeasures.
    • Cong Li, Daojing He, Shihao Li, Sencun Zhu, Sammy Chan, Yao Cheng.
    In 2020 IEEE International Conference on Blockchain (Blockchain), pp. 9-16. IEEE, 2020.
  • Designing Leakage-Resilient Password Entry on Head-Mounted Smart Wearable Glass Devices.
    • Yan Li, Yao Cheng, Weizhi Meng, Yingjiu Li, Robert H. Deng.
    IEEE Transactions on Information Forensics and Security, 16, pp.307-321.
  • PowerNet: A Smart Energy Forecasting Architecture Based on Neural Networks.
    • Yao Cheng, Chang Xu, Daisuke Mashima, Partha P. Biswas, Geetanjali Chipurupalli, Bin Zhou, Yongdong Wu.
    ET Smart Cities, 2(4), pp.199-207.
  • Where Does the Robustness Come from? A Study of the Transformation-based Ensemble Defence.
    • Chang Liao, Yao Cheng, Chengfang Fang, and Jie Shi.
    In Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security (CCS workshop AISec'20).
  • NativeX: Native Executioner Freezes Android.
    • Qinsheng Hou, Yao Cheng, and Lingyun Ying.
    In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (AsiaCCS), pp. 458-470. 2020.
  • Keyed Non-parametric Hypothesis Tests.
    • Yao Cheng, Cheng-Kang Chu, Hsiao-Ying Lin, Marius Lombard-Platet, and David Naccache.
    In International Conference on Network and System Security (NSS), pp. 632-645. Springer, Cham, 2019.
  • Securing Intelligent Transportation System: A Blockchain-Based Approach with Attack Mitigation.
    • Le Su, Yao Cheng, Huasong Meng, Vrizlynn Thing, Zhe Wang, Linghe Kong, and Long Cheng.
    In International Conference on Smart Blockchain, pp. 109-119. Springer, Cham, 2019.
  • Password Enhancement Based on Semantic Transformation.
    • Daojing He, Xiao Yang, Beibei Zhou, Yu Wu, Yao Cheng, and Nadra Guizani.
    IEEE Network 34, no. 1 (2019): 116-121.
  • Detecting Promotion Attacks in the App Market Using Neural Networks.
    • Daojing He, Kai Hong, Yao Cheng, Zongli Tang, and Mohsen Guizani.
    IEEE Wireless Communications 26, no. 4 (2019): 110-116.
  • A scalable and extensible framework for android malware detection and family attribution.
    • Li Zhang, Vrizlynn LL Thing, Yao Cheng.
    Computers & Security 80 (2019): 120-133.
  • A Survey of Android Exploits in the Wild.
    • Huasong Meng, Vrizlynn L.L. Thing, Yao Cheng, Li Zhang, Zhongmin Dai.
    Computers & Security 76 (2018): 71-91.
  • Towards Quantitative Evaluation of Privacy Protection Schemes for Electricity Usage Data Sharing.
    • Daisuke Mashima, Aidana Serikova, Yao Cheng, Binbin Chen.
    ICT Express 4, no. 1 (2018): 35-41.
  • SCLib: A Practical and Lightweight Defense against Component Hijacking in Android Applications.
    • Daoyuan Wu, Yao Cheng, Debin Gao, Yingjiu Li and Robert H. Deng.
    In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 299-306. ACM, 2018.
  • Attack and Countermeasure on Interlock-based Device Pairing Schemes.
    • Yongdong Wu, Binbin Chen, Zhigang Zhao and Yao Cheng.
    IEEE Transactions on Information Forensics and Security 13, no. 3 (2018): 745-757.
  • Secure Smart Metering Based on LoRa Technology.
    • Yao Cheng, Hendra Saputra, Leng Meng Goh, Yongdong Wu.
    In 2018 IEEE 4th International Conference on Identity, Security, and Behavior Analysis (ISBA), pp. 1-8. IEEE, 2018.
  • User-Friendly Deniable Storage for Mobile Devices.
    • Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, Zhan Wang.
    Computers & Security 72 (2018): 163-174.
  • PowerLSTM: Power Demand Forecasting Using Long Short-Term Memory Neural Network.
    • Yao Cheng, Chang Xu, Daisuke Mashima, Vrizlynn L. L. Thing and Yongdong Wu.
    In International Conference on Advanced Data Mining and Applications, pp. 727-740. Springer, Cham, 2017.
  • What You See is Not What You Get: Leakage-Resilient Password Entry Schemes for Smart Glasses.
    • Yan Li, Yao Cheng, Yingjiu Li, Robert H. Deng.
    In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 327-333. ACM, 2017.
  • A Study on a Feasible No-Root Approach on Android.
    • Yao Cheng, Yingjiu Li, Robert Deng, Lingyun Ying, Wei He.
    Journal of Computer Security 25, no. 3 (2017): 231-253.
  • Dissecting Developer Policy Violating Apps: Characterization and Detection.
    • Su Mon Kywe, Yingjiu Li, Jason Hong, Yao Cheng.
    In MALWARE 2016: Proceedings of the 11th International Conference on Malicious and Unwanted Software: Fajardo, Puerto Rico, October 18, vol. 21, pp. 10-19.
  • Exploiting Android System Services Through Bypassing Service Helpers.
    • Yacong Gu, Yao Cheng, Lingyun Ying, Yemian Lu, Qi Li and Purui Su.
    In International Conference on Security and Privacy in Communication Systems, pp. 44-62. Springer, Cham, 2016.
  • A Feasible No-Root Approach on Android.
    • Yao Cheng, Yingjiu Li, and Robert H. Deng.
    In Australasian Conference on Information Security and Privacy, pp. 481-489. Springer, Cham, 2016.
  • Attacks and Defence on Android Free Floating Windows.
    • Lingyun Ying, Yao Cheng, Yemian Lu, Yacong Gu, Purui Su, and Dengguo Feng.
    In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 759-770. ACM, 2016.
  • Automated User Profiling in Location-based Mobile Messaging Applications.
    • Yao Cheng, Chang Xu, Yi Yang, Linyun Ying, Purui Su and Dengguo Feng.
    In 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 18-26. IEEE, 2014.
  • Bind Your Phone Number with Caution: Automated User Profiling Through Address Book Matching on Smartphone.
    • Yao Cheng, Lingyun Ying, Sibei Jiao, Purui Su, Dengguo Feng.
    In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 335-340. ACM, 2013.
  • An Anti-Obfuscation Method for Detecting Similarity among Android Applications in Large Scale. [Chinese]
    • Sibei Jiao, Lingyun Ying, Yi Yang, Yao Cheng, Purui Su, Dengguo Feng.
    Journal of computer research and development 51, no. 7 (2014): 1446-1457.
  • Research on User Privacy leakage in Mobile Social Messaging Applications. [Chinese]
    • Yao Cheng, Lingyun Ying, Sibei Jiao, Purui Su, Dengguo Feng.
    Chinese Journal of Computers 37, no. 1 (2014): 87-100.
  • [Patent] A hardware-based emulator malicious code online analysis method and system. [Chinese]
    • Yao Cheng, Rui Wang, Purui Su, Dengguo Feng, Yi Yang, Meining Nie.
    Chinese Patent No. CN102999719 B, August 26, 2015.
  • [Patent] A network security emergency response method. [Chinese]
    • Yao Cheng, Dengguo Feng, Lingyun Ying, Purui Su.
    Chinese Patent No. CN102594783 B, October 22, 2014.

    Current Research Interest and Emphasis

    Trustworthy AI technologies

    AI algorithms and applications

    Malware analysis and detection

    System vulnerability analysis

    Blockchain technologies