Yicheng Zhang - UCR ECE

Yicheng(亦成) Zhang

I am a four-year PhD candidate at UC Riverside, where I am fortunately advised by Prof. Nael Abu-Ghazaleh. Prior to that, I received my M.Sc. from UC Irvine, and my B.S. from Sichuan University. In 2023, I spent a wonderful summer at PNNL, working with Kevin J. Barker, Andres Marquez, and Sankha Baran Dutta on microarchitectural security in multi-GPU systems.

Email / CV / Scholar / Github / LinkedIn / Twitter

Research Areas & Interests

I'm interested in computer architecture and system security, with a focus on the following areas:

• AR/VR Security

• Software-based side-channel attacks on AR/VR [Security’23a]

• Inferring VR keystrokes via user head motion [Security’23b]

• Shared-state attacks in multi-user AR [Security’24]

• Acoustic attacks on IMU sensors in XR headsets [arXiv'25]

• Microarchitectural/System Security

• Stealing DNN with GPU context-wwitching side-channel [DSN’20]

• Model extraction attacks with remote FPGA power side-channel [TIFS]

• Microarchitectural attacks on NVLink [SEED'24][arXiv'25]

• Exploiting GPU memories via rowhammer mitigations (RFM) [Security’25]

• Attacking Linux/Android file system via syncfs [S&P'25]

Recent News

– March 2025: My PhD dissertation has been accepted by HOST 2025 PhD Dissertation Competition! See you in San Jose!

– March 2025: Our paper on attacking Linux/Android file system via syncfs has been accepted by IEEE S&P 2025! Shout out to Cheng — he will be joining the University of Rochester as a PhD student. Congrats!

– January 2025: Our paper on attacking GPUs via Rowhammer RFM mitigation has been accepted by USENIX Security 2025! Shout out to Ravan!

– September 2024: We wrote a Blog for Microarchitecture Security Research at USENIX Security 2024.

– August 2024: I passed my oral qualifying examination and became a PhD candidate!

– (Older news)

– June 2024: I am teaching an upper-division undergraduate course this summer (Syllabus).

– May 2024: I presented our work Beyond the Bridge at SEED'24 in Orlando.

– April 2024: I served as a volunteer organizing ASPLOS'24. Amazing experience!

– February 2024: Our multi-user AR security paper accepted by USENIX Security 2024. See you in Philly!

– December 2023: One short paper accepted by IEEE SEED'24. See you in Orlando!

– November 2023: I presented our work at SC'23 Workshop in Denver.

– September 2023: One paper accepted by SC'23 Workshop.

– September 2023: I finished my internship at PNNL.

– August 2023: I presented It's all in your head(set) at USENIX Security 2023 in Anaheim.

– August 2023: Our AR/VR security research got reported in the news [UCR News][ZME Science]!

– April 2023: Received conference travel grants from [UCR GSA]. See you in Anaheim!

– March 2023: I will be joining PNNL as a PhD Intern for the summer'23!

– February 2023: Our work accepted by [Usenix Security 2023] on AR/VR security!

– November 2022: One AR/VR security paper accepted by [USENIX Security 2023]. My 1st Security Big 4!

– May 2022: Received student travel grants from [gem5 Bootcamp 2022].

– July 2021: Received student travel grant from [USENIX Security'21].

– July 2021: One paper accepted by [IEEE TIFS].

– May 2021: Received student travel grant from [S&P’21].

– February 2021: One poster accepted by [FPGA'21].

– June 2020: One paper accepted by [DSN'20].

Education

Ph.D. in Electrical Engineering	2021-2025
University of California, Riverside \| Riverside, California
M.Sc. in Computer Engineering	2018-2020
University of California, Irvine \| Irvine, California
B.S. in Electrical Engineering and Automation	2014-2018
Sichuan University \| Chengdu, Sichuan

Publications


arXiv 2025	NVBleed: Covert and Side-Channel Attacks on NVIDIA Multi-GPU Interconnect Yicheng Zhang, Ravan Nazaraliyev, Sankha Baran Dutta, Andres Marquez, Kevin J. Barker, Nael Abu-Ghazaleh PDF / BibTex

IEEE S&P 2025	I Know What You Sync: Covert and Side Channel Attacks on File Systems via syncfs Cheng Gu#, Yicheng Zhang, Nael Abu-Ghazaleh The 46th IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May, 2025. Acceptance Rate: 14.8% (257/1740) #Undergrad student advised. PDF / BibTex

arXiv 2025	Siren Song: Manipulating Pose Estimation in XR Headsets Using Acoustic Attacks Zijian Huang, Yicheng Zhang, Sophie Chen, Nael Abu-Ghazaleh, Jiasi Chen PDF / BibTex

USENIX Sec 2025	Not so Refreshing: Attacking GPUs using RFM Rowhammer Mitigation Ravan Nazaraliyev, Yicheng Zhang, Sankha Baran Dutta, Andres Marquez, Kevin J. Barker, Nael Abu-Ghazaleh The 34th USENIX Security Symposium, Seattle, WA, USA, August, 2025. PDF / Code Badges: Available, Functional

SafeAR 2024	Securing Shared State in Multi-User Augmented Reality Jiasi Chen, Carter Slocum, Yicheng Zhang, Erfan Shayegani, Pedram Zaree, Nael Abu-Ghazaleh 2024 IEEE International Symposium on Mixed and Augmented Reality Adjunct (ISMAR-Adjunct), Seattle, WA, USA, October, 2024. PDF / BibTex

USENIX Sec 2024	That Doesn't Go There: Attacks on Shared State in Multi-User Augmented Reality Applications Carter Slocum, Yicheng Zhang, Erfan Shayegani, Pedram Zaree, Nael Abu-Ghazaleh, Jiasi Chen *Equal contribution. The 33rd USENIX Security Symposium, Philadelphia, PA, USA, August, 2024. PDF / Slides / Video / Website / Blog (In Chinese) / BibTex

IEEE SEED 2024	Beyond the Bridge: Contention-Based Covert and Side Channel Attacks on Multi-GPU Interconnect Yicheng Zhang, Ravan Nazaraliyev, Sankha Baran Dutta, Nael Abu-Ghazaleh, Andres Marquez, Kevin J. Barker 2024 IEEE International Symposium on Secure and Private Execution Environment Design, Orlando, FL, USA, May, 2024. PDF / Slides / BibTex

SC Workshop 2023	Accuracy-Constrained Efficiency Optimization and GPU Profiling of CNN Inference for Detecting Drainage Crossing Locations Yicheng Zhang, Dhroov Pandey, Di Wu, Turja Kundu, Ruopu Li, Tong Shu SC'23 Workshops of The International Conference on High Performance Computing, Network, Storage, and Analysis, Denver, CO, USA, November, 2023. PDF / Slides / BibTex

USENIX Sec 2023	Going through the motions: AR/VR keylogging from user head motions Carter Slocum, Yicheng Zhang, Nael Abu-Ghazaleh, Jiasi Chen The 32nd USENIX Security Symposium, Anaheim, CA, USA, August, 2023. PDF / Slides / BibTex / Blog (In Chinese) Media Coverage: [UCR News] [Game Is Hard] [Gillett News] [Tech Xplore]

USENIX Sec 2023	It's all in your head(set): Side-channel attacks on AR/VR systems Yicheng Zhang, Carter Slocum, Jiasi Chen, Nael Abu-Ghazaleh The 32nd USENIX Security Symposium, Anaheim, CA, USA, August, 2023. PDF / Slides / BibTex / Blog (In Chinese) Media Coverage: [UCR News] [ZME Science] [Fagen Wasanni] [Analytics Insight]

IEEE TIFS 2021	Stealing Neural Network Structure through Remote FPGA Side-channel Analysis Yicheng Zhang, Rozhin Yasaei, Hao Chen, Zhou Li, Mohammad Abdullah Al Faruque IEEE Transactions on Information Forensics and Security, August, 2021. PDF / Slides / BibTex

FPGA 2021	Poster: Stealing Neural Network Structure through Remote FPGA Side-channel Analysis Yicheng Zhang, Rozhin Yasaei, Hao Chen, Zhou Li, Mohammad Abdullah Al Faruque The 2021 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays, Virtual Event USA, February, 2021. Abstract / BibTex

DSN 2020	Leaky DNN: Stealing Deep-Learning Model Secret with GPU Context-Switching Side-Channel Junyi Wei, Yicheng Zhang, Zhe Zhou, Zhou Li, Mohammad Abdullah Al Faruque Equal contribution. The 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Valencia, Spain, June, 2020. Acceptance Rate:* 16.5% (48/291) PDF / Slides / Video / Code / BibTex

Honors and Awards

International Peer Educator Training Program Certification \| CRLA	2023
Conference Travel Grant \| UCR GSA	2023
Student Travel Grant \| 1st gem5 Boot Camp	2022
Student Travel Grant \| 30th USENIX Security Symposium	2021
Student Travel Grant \| 42nd IEEE Symposium on Security and Privacy	2021
Dean's Distinguished Fellowship Award \| UC Riverside	2021
Sichuan University Scholarship \| Sichuan University	2014-2018
Outstanding Students Leader \| Sichuan University	2016

Teaching

teaching

I was the lead instructor for an upper-division undergraduate course at UC Riverside in Summer 2024.

**Design of Operating Systems** (Syllabus)
Associate Instructor for CS 153 - Summer 2024

teaching

While at UC Irvine, I was a teaching assistant for the following courses:

Continuous-Time Signals and Systems
TA for EECS150 - Winter 2020

Sytem Software
TA for EECS111 - Spring 2020

Object Oriented System Programming
TA for EECS40 - Fall 2020

Next Generation Search Systems
TA for CS125 - Winter 2021

Organization of Digital Computers
TA for EECS112 - Spring 2021

Professional Service

Program Committee: EISA'23, IWSEC'23, EAI ICECI'24

Reviewer for Conference: ICPS'20, CYBER'21, CYBER'22, SecureComm'23

Reviewer for Journal: IEEE TIFS, IEEE TC, IJACT, SCN, JCS, JSA, JINS

Sub-reviewer: DATE'19/'20, CODES+ISSS'20, NDSS'20, DSN'20, RTSS'21, MICRO'22, HPCA'22

Student Volunteer: SEED'24, ASPLOS'24

Artifact Evaluation: MICRO'22

About me

teaching

In my free time, I love to play Dota 2 with my friends. I have played this game for over 5k hours (~2% of my lifetime) ╚(″⚈ᴗ⚈)╗
In 2023, I went to Seattle to watch Ti12 with my wife and 4-month-old son.
My favorite Dota 2 team is Azure Ray (AR), and I am also researching AR security XD

tuan

Also, I like to capture the beautiful moments of our life stories with my lovely wife, Jinrun, our 世界で一番可爱い son, Tuan and our beautiful little lions (Slow Slow and Hanna). They are all Maine Coon!

Subscribe our bilibili channel and watch our Vlog! (๑•̀ㅂ•́)و✧

A road to be a good researcher in computer architecture & security.

Visitors from the world

Awesome webpage from Jon Barron