贺凡女,博士生导师。研究聚焦于漏洞挖掘、应用安全与隐私、大模型安全等前沿方向。课题组现常年招收博士后、博士与硕士研究生、优秀本科生。欢迎对相关方向感兴趣的同学学者邮件联系:hefannv@hainanu.edu.cn。
教育经历:
2019.9-2024.7 中国科学院大学 计算机科学与技术学院 信息安全 博士
2015.9-2018.7 中国科学院大学 计算机科学与技术学院 计算机技术 硕士
2010.9-2014.7 哈尔滨工业大学 计算机科学与技术学院 信息安全(主修)、财务管理(辅修) 双学士
工作经历:
2024.9-至今 yl6809永利官网集团 yl6809永利集团
2018.7-2019.7 中国信息通信研究院 安全所
科研项目:
主持,国家自然科学基金,No. 62562025,2025.
主持,yl6809永利官网集团科研启动金,No. 2500000565,2024.
代表性科研论文(近五年):
[1] Fannv He, Yan Jia, Jiayu Zhao, Yue Fang, Jice Wang, Mengyue Feng, Peng Liu, and Yuqing Zhang. Maginot Line: Assessing a New Cross-app Threat to PII-as-Factor Authentication in Chinese Mobile Apps[C]//Proceedings 2024 Network and Distributed System Security (NDSS) Symposium, 2024. (CCF-A, 安全领域顶级会议)
[2] Fannv He*, Jiayu Zhao*, Yiyu Yang, and Yuqing Zhang. Identifying Implementation Flaws of SMS OTP Authentication[J]//IEEE Transactions on Mobile Computing (TMC), 2025. (CCF-A, 网络领域顶级期刊)
[3] Fannv He, Jice Wang, Yuhang Huang, Xiancui Peng, and Yuqing Zhang. LibGuard: Protecting Sensitive Data In Android Third-Party Libraries From XLDH Attacks. International Conference on Computer Communications and Networks, 2024.
[4] Jice Wang, Fannv He*, Yue Fang, Yuqing Zhang. Beyond Likes: Unraveling the Veil of Personal Data Exposure in Mobile Application Guls. IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2025.
[5] Zhiyuan Fu, Junfan Chen, Lan Zhang, Ting Yang, Jun Niu, Hongyu Sun, Ruidong Li, Peng Liu, Jice Wang, Fannv He, Yuqing Zhang. FDLLM: A Dedicated Detector for Black-Box LLMs Fingerprinting. IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 2025.
学术服务:
国际期刊和会议审稿人(Reviewer) IEEE TDSC、WWW
国际会议技术委员会委员(TPC Member) IEEE TrustCom、IEEE AIoT
国际会议分论坛组委会委员(Chair) IEEE CIoTSC
学术报告:
[1] 评估中国市场移动应用PII-as-Factor认证面临的跨应用安全威胁, 2024中国密码学年会, 杭州, 中国.
[2] Protecting Sensitive Data In Android Third Party Libraries, International Conference on Computer Communications and Networks, Big Island, Hawaii, USA.
[3] Assessing a New Cross-app Threat to PII-as-Factor Authentication in Chinese Mobile Apps, Network and Distributed System Security Symposium, San Diego, California, USA.
