Biography

Hello, I am Chuhan Wang, a 4th year Ph.D. student at the Network and Information Security Lab (NISL) of Tsinghua University, advised by Prof. Haixin Duan and Assistant Prof. Jianjun Chen. My research interests include Web Security, Network Security, and Internet Measurement. Currently, I focus on email-related security research. I have published two papers in USENIX Security, a top-tier academic conference on network security. My research results have helped Google, Apple, Yandex, and other well-known Internet companies to fix vulnerabilities. As a member of Redbud, a CTF team belonging to Tsinghua University, I have won the ByteCTF 2020 championship and other CTF awards.

Recent News

  • [5/2023] Our paper on stealthy mining pools was accepted by CCS 2023. Congratulate Zhenrui!
  • [4/2023] I presented my USENIX Security ‘22 paper about the measurement and security analysis of DKIM on InforSec 2023, in Shenzhen, China.
  • [3/2022] Our paper on the large-scale measurement of DKIM deployment accepted by USENIX Security 2022.
  • [9/2020] Our paper on email spoofing attacks was accepted by USENIX Security 2021.
Interests
  • Email Security
  • Network Security
  • Internet Measurement
  • Web Security
Education
  • Ph.D. Candidate in Cyberspace Security

    2019 -- present, Tsinghua University

  • B.E. in Computer Science

    2015 -- 2019, Beijing Jiaotong University

Publications

(2023). Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild. In CCS ‘23. Copenhagen, Denmark. November 26-30, 2023 (Acceptance rate: ??).

Cite

(2022). A Large-scale and Longitudinal Measurement Study of DKIM Deployment. In USENIX Security ‘22. BOSTON, MA, USA. August 10–12, 2022. (Acceptance rate: 256/1492=17.2%).

PDF Cite Slides

(2021). Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks. In USENIX Security ‘21. Vancouver, BC, Canada. August 11-13, 2021 (Acceptance rate: 246/1316=18.7%).
ⓘ Both are first authors.

PDF Cite Slides

Projects

Projects and Codes

*
NoSpoofing
NoSpoofing is a Chrome Extension. It is a UI notification scheme which can alert users that the emails they receive may be spoofing.

Misc

🏅 Awards

  • The 3rd prize, Hongminggu CTF, 2023
  • The 3rd place, Aliyun CTF, 2023
  • Tsinghua Outstanding 1st Scholarship, 2022
  • The 2nd place, *CTF, 2021
  • The 2nd place, L3HCTF, 2021
  • 🏆 Champion, The 3rd ByteDance ByteCTF Finals (2020)
  • Excellent Undergraduate Award, Beijing Municipal Commission of Education, 2019
  • The 1st Class Scholarship, Beijing Jiaotong University (2016, 2017, 2018)
  • China National Scholarship, 2016

🙋‍♂️ External Reviewers

  • EuroS&P ‘23

Contact