Jianjia Yu

Ph.D Student

Computer Science Department

Johns Hopkins University

Email:

Google Scholar / Github / CV

Research Insterests: Web Security, System Security, Program Analysis

I am a Ph.D Student (2020-) of Computer Science at Johns Hopkins University, where I am advised by Prof. Yinzhi Cao.

My research focuses on Web Security, System Security, and Program Analysis.

Before coming to JHU, I received my bachelor's degree at Computer Science Department of Zhejiang University in 2020. I was a member of ACEE, Chu Kochen College.

Publications

Follow My Flow: Unveiling Client-Side Prototype Pollution Gadgets from One Million Real-World Websites

Zifeng Kang, Muxi Lyu, Zhengyu Liu, Jianjia Yu, Runqi Fan, Song Li, and Yinzhi Cao

S&P 2025 / Paper

RogueOne: Detecting Rogue Updates via Differential Data-flow Analysis Using Trust Domains

Raphael J. Sofaer, Yaniv David, Mingqing Kang, Jianjia Yu, Yinzhi Cao, Junfeng Yang, and Jason Nieh

ICSE 2024 / Paper

CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation
Distinguished Paper Award

Jianjia Yu, Song Li, Junmin Zhu, and Yinzhi Cao

CCS 2023 / Paper / Code

MiniTaintDev: Unveiling Mini-App Vulnerabilities through Dynamic Taint Analysis

Jianjia Yu, Zifeng Kang, and Yinzhi Cao

ACM Workshop on Secure and Trustworthy Superapps (SaTS) 2023 / Paper

Rendering Contention Channel Made Practical in Web Browsers

Shujiang Wu, Jianjia Yu, Min Yang, and Yinzhi Cao

USENIX Security 2022 / Paper

Experience

Research Assistant, Johns Hopkins University	2020 Sep. - Present
Advisor: Prof. Yinzhi Cao
Research Assistant, Zhejiang University	2020 Mar. - 2020 Jun.
Advisor: Prof. Shouling Ji
Research Assistant, Johns Hopkins University	2019 Jul. - 2019 Nov.
Advisor: Prof. Yinzhi Cao
Research Assistant, Zhejiang University	2018 Nov. - 2019 Jul.
Advisor: Prof. Kejun Zhang

Professional Services

Reviewer, The IEEE Transactions on Information Forensics and Security (IEEE T-IFS)	2024
External reviewer, The 46th IEEE Symposium on Security and Privacy (S&P 2025)	2024
External reviewer, The 19th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2024)	2023
Artifact Evaluation Committee, The Annual Computer Security Applications Conference (ACSAC 2023)	2022
Organizer and Volunteer, The 52nd IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2022)	2022
External reviewer, The USENIX Security Symposium 21'Fall	2021

Teaching Experience

Course Assistant, EN 601.640 - Web Security, JHU	2023 Fall
Course Assistant, EN 601.640 - Web Security, JHU	2022 Fall
Teaching Assistant, EN 601.280 - Full Stack JavaScript, JHU	2022 Spring

Misc

My name "蒹葭"" originates from one of the oldest poems in China, Classic of Poetry《诗经》. "蒹葭" means "reed". And yes, my name bothered me a lot when I was young and not good at handwriting. My English name is Suzy, which in Chinese is written as "苏茜". Try to find something in common between the two names.
I play Pipa, a traditional Chinese instrument. I'm a member of Hopkins East Asian Traditional (HEAT) Ensemble. Check out our Youtube and Instagram.
I recently got a camera and am learning to take pictures and editing with Lightroom. Click here if you think I'm a photographer.