Alfred Chen Assistant Professor Department of Computer Science, University of California, Irvine Office: ICS1 420 (inside ICS1 418), Inner Ring Rd Email: alfchen at uci dot edu CV Google Scholar (cite: 5000+, h-index: 34, i10-index: 72) |
|
The Second ISOC Symposium on Vehicle Security & Privacy (VehicleSec'24) happened with NDSS at San Diego on Feb 26, 2024!
Follow @vehiclesec_conf
Tweet to @vehiclesec_conf
[Final Program]
[
Awards] [Accepted Papers, Demos/Posters, Lightning Talks] [CFP]
Check out the above for
2 keynotes (academia+industry), 31 papers + 20 demos/posters on latest research
on vehicle security & privacy, 5 lightning talks,
5 types of awards, community reception, 5 industry exibition tables,
on-site souvenirs, and more!
Research positions available for self-motivated students interested in computer security, especially AI/systems/network security in exciting emerging CPS/IoT systems such as autonomous cars/drones/robots (link1, link2), intelligent transportation (link1, link2), and smart home (link1, link2).
» [New] PhD applicants: Fall-2025 PhD Positions at CS@UC Irvine (AI/System/Network Security Focus) «
BS/MS students: Please fill out this form if looking for research experience in my group.
Come here for latest security research in
Autonomous Vehicle (AV) & intelligent
transportation technologies?
Collection of our latest efforts is at
our AV & IoAT Security
Website and
YouTube channel
»
(2024)
[CVPR'24] First study of the natural adversarial AI attack capabilities of GenAI: You can generate effective black-box
adversarial AI attacks on commercial AV (e.g., a Tesla) with a single prompt!
«
»
(2024)
[NDSS'24] First large-scale meansurement study of LiDAR-spoofing attack capabilities, on 9 commercial LiDARs!
«
»
(2024)
[NDSS'24] Infrared Laser Reflection (ILR) Attack: First human-invisible attack on traffic sign recognition
«
»
(2024)
[Conference] Second ISOC Symposium on Vehicle Security & Privacy (VehicleSec 2024)
Follow @vehiclesec_conf
«
»
(2023)
[ICCV'23] SysAdv: First system-level attack effect measurement of existing physical-world adversarial AI attacks (and how to make them really matter to autonomous driving)
«
»
(2023)
[Conference] Inaugural ISOC Symposium on Vehicle Security & Privacy (VehicleSec 2023)
Follow @vehiclesec_conf
«
» (2022)
[NDSS'22] PlanFuzz:
First automated method to discover security vulnerabilities specific to AD
planning (semantic DoS)
«
» (2022)
[Workshop] AutoSec
(Automotive & Autonomous Vehicle Security) @NDSS'22 (15 papers+15
demos)@autosec_conf
«
» (2022)
[Contest] 2nd AutoDriving CTF @ DEFCON (one of world's largest & most notable hacker conventions)Follow @autodrivingctf
«
» (2021)
[Usenix Sec'21] DRP attack: Seemingly-benign dirty road
pattern can attack self-driving & cause lane departure in 1 sec
«
»
(2021)
[Contest] 1st AutoDriving CTF @ DEFCON (one of world's largest & most notable hacker conventions)
«
» (2021) [IEEE S&P'21] MSF-ADV attack: Fundamentally challenge
sensor fusion based AD perception in practical settings
«
»
(2021)
[Workshop] AutoSec
(Automotive & Autonomous Vehicle Security) @NDSS'21 (17 papers+10
demos)
«
» (2020)
[Usenix Sec'20]
FusionRipper: First security analysis of fusion based AD localization, discover strategic GPS spoofing to break fusion
«
» (2020)
[Usenix Sec'20]
First general adversarial sensor attack & defense for LiDAR-based perception in autonomous driving
«
» (2019)
[ACM CCS'19]
First security analysis & adversarial sensor attack design for LiDAR-based perception in autonomous driving
«
» (2018)
[NDSS'18]
First security analysis & congestion attack design for CV/V2X-based intelligent traffic light control
«
I am teaching the undergraduate security course at Fall'24: CS134: Computer and Network Security!
Note: The news below are NOT the latest for research works. For the lastest research updates, please check out our AV & IoAT Security Website!
[News] (2023) [Award] Thrilled to learn that our CARMEN+ Tier 1 UTC proposal is awarded by USDOT! Excited to leverage this award to keep exploring and addressing cybersecurity challenges in autonomous driving and intelligent transportation systems.
[News] (2023) Excited to be invited by the IEEE Intelligent Transportation Systems Society to serve on the IEEE Emerging Transportation Technology Testing (ET3) Technical Committee! Will leverage this opportunity to contribute to the emerging transportation technology testing methods development and standardization from the security/privacy angles.
[News] (2023) [Award] Huge congratulations to my student Takami Sato for winning the Graduate Dean’s Dissertation Fellowship! This is one of UCI's most distinguished fellowships and only awarded to the top 1-2 students per school. Well deserved and very proud of you!
[News] (2023) [Award] Huge congratulations to my student Takami Sato for winning the Public Impact Fellowship! This is a highly prestigious fellowship at UCI that is only awarded to top 15 students across all schools. Due to the emphasis on public/societal impacts, it is especially rare for CS student to win it. Very proud of you!
[News] (2022) [Award] Thrilled to annouce that I just received the NSF CAREER award! Excited to leverage this award to keep exploring AI security in the emerging Internet of Autonomous Things (IoAT) such as autonomous cars, drones, and robots.
[News] (2022) Excited to be invited by NIST to serve on the AI panel & focused group on standards & performance metrics development for on-road autonomous vehicles! I am the only invitee on AI security from academia and will leverage this opportunity to contribute to the standard and metric design discussions from the security/privacy angles.
[News] (2021) [Award] Congratulations to Kanglan Tang, an undergraduate student in my group, for receiving the prestigous UCI Chancellor’s Award for Excellence in Undergraduate Research! This award is given to only 1 student per school. Kanglan is extremely excellent with a 1st-author paper published, presented herself, and accepted for demos at multiple academic venues, and also awarded multiple travel grants to top-tier security venues. Look forward to her continued success at UC Berkeley!
[News] (2021) [Award]
Our
undergrad cyberseucrity team Cyber@UCI
finished 5st place nation-wide at
National CCDC, out of 168+
university/college teams in US!
Absolutely a huge achievement for the first time at National. Can't wait for
next year :)
>> News coverage:
UCI Finishes in Top 5 at National Collegiate Cyber Defense Competition
>>
News coverage by Irvine Standard (local news paper):
UCI's cybersecurity club makes history
[News] (2021) [Award] Our
undergrad cyberseucrity team Cyber@UCI won
the 1st place (Gold Medal) at
CCDC Western Regional, and advanced to
National CCDC for the first time!
We beat many strong rivals such as Stanford, UCSD, ASU, and UCR. Super proud of
the team!
>> News coverage:
UCI advances to national cyber defense competition following “historic”
regionals win
[News] More...
I am an Assistant Professor in the Department of Computer Science (CS) at the University of California, Irvine. I am also affiliated with the Department of Electrical Engineering and Computer Science (EECS), the Institute of Transportation Studies at UC Irvine (ITS-Irvine), the Center for Embedded and Cyber-physical Systems (CECS), the Institute for Software Research (ISR), and the UC Irvine Cybersecurity Policy & Research Institute (CPRI). Before coming to UCI, I received my Ph.D. degree from Computer Science and Engineering at the University of Michigan, Ann Arbor in 2018. My research interest broadly lies in the security and privacy of computer technologies that are of high criticality to our daily life and society. So far, my focus has been mainly on the security/privacy issues in emerging AI/systems/network technologies, especially the latest ones with high societal impacts such as those powering the emerging AI-enabled autonomous vehicles and intelligent transportation systems. The major theme of my research is to proactively address security challenges through systematic problem analysis and design, leveraging techniques such as optimization, static/dynamic program analysis, formal methods, defense principles, and data-driven methods. My research has developed such approaches to systematically discover, analyze, detect, and fix security vulnerabilities in a wide range of important computer systems and components such as the AI/software stack in emering autonomous cars/drones/robots, intelligent traffic light, smartphone systems, critical network protocols (e.g., TCP), DNS, GUI systems, access control systems, etc. Current Students: Fayzah Alshammari (Ph.D.), Shaoyuan Xie (Ph.D.), Sam Der (B.S.), Chi Zhang (B.S.). Alumni (in part): Junjie Shen (Ph.D., first job at Meta), Takami Sato (Ph.D., Kaggle Grandmaster, first job at Uber), Ningfei Wang (Ph.D., first job at Meta), Ziwen Wan (Ph.D.), Kanglan Tang (B.S., now at UC Berkeley), Christopher Joseph Dipalma (B.S., now at Intel), Newman Cheng (B.S., now at Columbia), Kyle Bartz (B.S., now at Amazon), Zeyuan Chen (B.S., now at CMU), Nanze Chen (B.S., now at U of Cambridge), Han Wang (B.S., now at UPenn), Chen Wang (B.S., now at UC Berkeley). Jalen Chuang (B.S., now at Georgia Tech), Wentao Chen (B.S., now at UCLA). |
[NDSS'25] Revisiting Physical-World Adversarial Attack on Traffic Sign Recognition: A Commercial Systems Perspective
Ningfei Wang, Shaoyuan Xie, Takami Sato, Yunpeng Luo, Kaidi Xu, and Qi Alfred Chen
ISOC Network and Distributed System Security Symposium (NDSS) 2025. (acceptance rate TBA)
[PDF] [Project website]
[NDSS'25] On the Realism of LiDAR Spoofing Attacks against Autonomous Driving Vehicle at High Speed and Long Distance
Takami Sato*, Ryo Suzuki*, Yuki Hayakawa* (co-first authors), Kazuma Ikeda, Ozora Sako, Rokuto Nagata, Ryo Yoshida, Qi Alfred Chen, and Kentaro Yoshioka
ISOC Network and Distributed System Security Symposium (NDSS) 2025. (acceptance rate TBA)
[PDF] [Project website]
[ICLR'25] Can We Trust Embodied Agents? Exploring Backdoor Attacks against Embodied LLM-based Decision-Making Systems
Ruochen Jiao*, Shaoyuan Xie* (co-first authors), Justin Yue, Takami Sato, Lixu Wang, Yixuan Wang, Qi Alfred Chen, and Qi Zhu
The Thirteenth International Conference on Learning Representations (ICLR) 2025. (acceptance rate 32.08% = 3689/11500)
[PDF] [Preprint]
[CVPR'24] Intriguing Properties of Diffusion Models: An Empirical Study of the Natural Attack Capability in Text-to-Image Generative Models
Takami Sato*, Justin Yue*, Nanze Chen* (co-first authors), Ningfei Wang, and Qi Alfred Chen
IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) 2024. (acceptance rate 23.6% = 2719/11532)
[PDF] [Project website]
[NDSS'24] LiDAR Spoofing Meets the New-Gen: Capability Improvements, Broken Assumptions, and New Attack Strategies
Takami Sato*, Yuki Hayakawa*, Ryo Suzuki*, Yohsuke Shiiki* (co-first authors), Kentaro Yoshioka, and Qi Alfred Chen
ISOC Network and Distributed System Security Symposium (NDSS) 2024. (acceptance rate 20.2% = 140/694)
[PDF] [Project website]
[NDSS'24] Invisible Reflections: Leveraging Infrared Laser Reflections to Target Traffic Sign Perception
Takami Sato*, Sri Hrushikesh Varma Bhupathiraju* (co-first authors), Michael Clifford, Takeshi Sugawara, Qi Alfred Chen, and Sara Rampazzi
ISOC Network and Distributed System Security Symposium (NDSS) 2024. (acceptance rate 20.2% = 140/694)
[PDF] [Project website]
[ICCV'23] Does Physical Adversarial Example Really Matter to Autonomous Driving? Towards System-Level Effect of Adversarial Object Evasion Attack
Ningfei Wang, Yunpeng Luo, Takami Sato, Kaidi Xu, and Qi Alfred Chen
International Conference on Computer Vision (ICCV) 2023. (acceptance rate 26.8% = 2160/8068)
[PDF] [Project website]
[ICSE'23] Doppelganger Test Generation for Revealing Bugs in Autonomous Driving Software
Yuqi Huai, Yuantianyi Chen, Sumaya Almanee, Tuan Ngo, Xiang Liao, Ziwen Wan, Qi Alfred Chen, and Joshua Garcia
International Conference on Software Engineering (ICSE'23), 2023. (acceptance rate 26.3% = 209/796)
[PDF]
[NDSS'22] Too Afraid to Drive: Systematic Discovery of Semantic DoS Vulnerability in Autonomous Driving Planning under Physical-World Attacks
Ziwen Wan, Junjie Shen, Jalen Chuang, Xin Xia, Josh Garcia, Jiaqi Ma, and Qi Alfred Chen
Network and Distributed System Security Symposium (NDSS) 2022. (acceptance rate 16.2% = 83/513)
[PDF] [Project website]
[S&P’21] Invisible in both Camera and LiDAR: Security of Multi-Sensor Fusion based Perception in Autonomous Driving Under Physical-World Attacks
Yulong Cao*, Ningfei Wang*, Chaowei Xiao*, Dawei Yang* (co-first authors), Jin Fang, Ruigang Yang, Qi Alfred Chen, Mingyan Liu, and Bo Li
IEEE Symposium on Security and Privacy (S&P) 2021. (acceptance rate 12.0% = 117/972)
[PDF] [Project website]
[USENIX Security’21] Dirty Road Can Attack: Security of Deep Learning based Automated Lane Centering under Physical-World Adversarial Attack
Takami Sato*, Junjie Shen* (co-first authors), Ningfei Wang, Yunhan Jia, Xue Lin, and Qi Alfred Chen
USENIX Security Symposium 2021. (acceptance rate 18.7% = 246/1316) NDSS’20 Best Technical Poster Award
[PDF] [Project website]
[USENIX Security’21] Automated Discovery of Denial-of-Service Vulnerabilities in Connected Vehicle Protocols
Shengtuo Hu, Qi Alfred Chen, Jiachen Sun, Yiheng Feng, Z. Morley Mao, and Henry X. Liu
USENIX Security Symposium 2021. (acceptance rate 18.7% = 246/1316)
[PDF] [Project website]
[Usenix Security'20] Drift with Devil: Security of Multi-Sensor Fusion based Localization in High-Level Autonomous Driving under GPS Spoofing
Junjie Shen, Jun Yeon Won, Zeyuan Chen, and Qi Alfred Chen
USENIX Security Symposium 2020. (acceptance rate 16.3%=158/972) NDSS’19 Distinguished Poster Presentation Award
[PDF] [Extended Version] [Slides] [Talk] [Project website] [Attack Demo 1] [Attack Demo 2]
Selected Media Coverage (more)
Lidar Sensors Vulnerable to Spoofing Attacks, Researchers Say, Automotive News, 03/12/2024
Armed with Traffic Cones, Protesters are Immobilizing Driverless Cars, NPR (National Public Radio), 08/26/2023
Autonomous Vehicles can be Tricked into Erratic Driving Behavior, Help Net Security, 06/02/2022
The Risks Posed by Wireless Automotive Dongles, Data Beach Today, 08/12/2020
Apps Available for Your Smartphone Could Steal Your Personal Information, WXYZ-TV (ABC afflicated), 06/28/2017
An Obsure App Flaw Creates Backdoors in Millions of Smartphones, Wired, 04/28/2017
US-CERT: Leaked WPAD Queries Could Expose Corporate to MitM Attacks, SecurityAffairs, 05/26/2016
When Domain Names Attack: the WPAD Name Collision Vulnerability, NakedSecurity, 05/25/2016
Android Attack Improves Timing, Allows Data Theft, Ars Technica, 08/24/2014
Gmail Smartphone App Hacked by Researchers, BBC News, 08/22/2014
Researchers Find Way to Hack Gmail with 92 Percent Success Rate, CNET News, 08/21/2014
New Hack Could Steal Personal Information from Gmail, Other Popular Apps, CBS News, 08/21/2014
Sneak Attack: Android Apps Can Spy on Each Other, NBC News, 08/21/2014
US-CERT Alert TA16-144A: WPAD Name Collision Vulnerability
CVE-2016-3898: Privilege escalation vulnerability in Android Telephony service
CVE-2016-5227: Device authentication hijacking vulnerability in AirDroid
AndroidID-21669196: Privilege escalation vulnerability in Android Short Message Service (SMS) service
AndroidID-22541289: Privilege escalation vulnerability in Android Network Service Discovery (NSD) service
Email acknowledgements from Apple, Microsoft and Comcast on the reported client-side name collision vulnerabilities.
RIPE 72 discussion, 05/23/2016: Alert (TA16‐144A) WPAD Name Collision Vulnerability
Verisign's remediation suggestions for enterprise: White Paper: Enterprise Remediation for WPAD Name Collision Vulnerability
NSF CAREER Award on securing the AI stack in emerging autonomous and connected CPSs, NSF SaTC (2022)
Chancellor's Award for Excellence in Undergraduate Research Mentorship, UC Irvine (2021, 1 faculty per school)
5th place nation-wide, National CCDC competition (2021, as faculty advisor, top 5/168+ universities/colleges nation-wide)
1st place (Gold Medal), CCDC Western Regional competition (2021, as faculty advisor, top 1/18 in western region and advanced to National CCDC for the first time)
1st place (champion), Baidu Autonomous Driving Security CTF competition (2020, top 1/24)
Best Technical Poster Award for "Security of Deep Learning based Lane Keeping Assistance System under Physical-World Adversarial Attack" at NDSS 2020 (2020, top 1/30)
Distinguished Poster Presentation Award for "Security Analysis of Multi-Sensor Fusion based Localization in Autonomous Vehicles" at NDSS 2019 (2019, top 2/36)
ProQuest Distinguished Dissertation Award, University of Michigan (2019, top 10 in University of Michigan, across all graduate schools ranging from science and engineering to archaeology and history)
Rackham Predoctoral Fellowship, Rackham School, University of Michigan (2017, 1-2 each dept. to support students working on dissertation that are unusually creative, ambitious and risk-taking)
Fall 2024 - CS134: Computer and Network Security
Spring 2024 - CS205: Computer and Systems Security
Fall 2023 - CS134: Computer and Network Security
Spring 2023 - CS205: Computer and Systems Security
Fall 2022 - CS134: Computer and Network Security
Spring 2022 - CS205: Computer and Systems Security
Fall 2021 - CS134: Computer and Network Security
Spring 2021 - CS205: Computer and Systems Security
Fall 2020 - CS134: Computer and Network Security
Spring 2020 - CS295: Advanced Computer and Network Security
Fall 2019 - CS134: Computer and Network Security
Spring 2019 - CS295: Advanced Computer and Network Security
General Chair:
Organizer:
PC member/reviewer (selected):
Journal reviewer: IEEE Transactions on Information Forensics & Security (T-IFS), IEEE Transactions on Dependable and Secure Computing (TDSC), IEEE Communications Magazine, IEEE Transactions on Intelligent Transportation Systems (T-ITS), IEEE Transactions on Mobile Computing (TMC), IEEE Transactions on Cyber-Physical Systems (T-CPS), IEEE Transactions on Network and Service Management (TNSM), MDPI Sensors.
My attack videos on YouTube attracted over 60,000 views (as of 09/07/2014) from all over the world, with a daily peak of over 17,000 views.
I am a Distinguished Active member of Tau Beta Pi Michigan Gamma (MI-G) Chapter.
I initialized the first Flyer Book for the CS dept. of Nanjing University, guiding students to apply for graduate schools outside China.