主要研究方向为云计算安全，大模型安全。

在相关领域国际知名会议和期刊ASPLOS、AAAI、ACL、SIGMETRICS、ACSAC、DSN、IPDPS、COMPJ等发表论文30余篇，曾获APNOMS会议 Best Paper。作为项目负责人承担国家自然科学基金、中国科学院网络测评技术重点实验室基金等项目，参与多项国家重点研发计划、中国科学院战略先导专项、省部级重点项目。

曾受邀担任知名学术期刊《COMPUTER JOURNAL》、《信息网络安全》审稿人。

招生方向

招收云计算安全、大模型安全、人工智能赋能安全等方向研究生（推免生、考研生）。

欢迎踏实肯干、基础扎实、自驱力强、有科研理想的同学加入课题组！

招生专业

083900-网络空间安全

招生类型

硕士研究生

含学术型和专业型硕士

2021-10~至今,中国科学院信息工程研究所, 副研究员
2018-06~2021-10,中国科学院信息工程研究所, 助理研究员

[AAAI, CCF-A] Xin Liu, Qiyang Song, Qihang Zhou, Haichao Du, Shaowen Xu, Wenbo Jiang, Weijuan Zhang, Xiaoqi Jia: Focusing on Language: Revealing and Exploiting Language Attention Heads in Multilingual Large Language Models. AAAI 2026: 32195-32203

[ASPLOS, CCF-A] Xiaolong Yan, Qihang Zhou, Zisen Wan, Feifan Qian, Wentao Yao, Weijuan Zhang, Xiaoqi Jia: WorksetEnclave: Towards Optimizing Cold Starts in Confidential Serverless with Workset-Based Enclave Restore. ASPLOS 2026: 2249-2263

[ACL] Qingjia Huang, Jingyu Zhang, Jianguo Wu, Jianguo Wu, Yakai Li, Weijuan Zhang, Yankai Rong, Junyi Yao, Shengzhi Zhang, Xiaoqi Jia: JailMeter: An Evidence-Based Evaluation Framework for Jailbreak Attacks on Large Language Models. ACL findings 2026. (Accepted)

[DSN, CCF-B] Yakai Li，Jiekang Hu，Weiduan Sang，Luping Ma，Weijuan Zhang，Aimin Yu，Qihang Zhou，Yi Su，Dongsheng Nie，Qingjia Huang: Bypassing Safety Alignment via API Design: A Systematic Risk Analysis of Response Prefill in LLM systems. DSN 2026. (Accepted)

[ECAI, CCF-B] Xin Liu, Qiyang Song, Shaowen Xu, Kerou Zhou, Wenbo Jiang, Xiaoqi Jia, Weijuan Zhang, Heqing Huang, Yakai Li: Latent Knowledge Scalpel: Precise and Massive Knowledge Editing for Large Language Models. ECAI 2025: 4378-4385

[SIGMETRICS, CCF-B] Zhicong Zhang, Qihang Zhou, Shaowen Xu, Nan Jiang, Weijuan Zhang, Xiaoqi Jia: UniContainer: Unlocking the Potential of Unikernel for Secure and Efficient Containerization. SIGMETRICS 2025: 79-81

[ACSAC, CCF-B] Jiayun Chen, Qihang Zhou, Xiaolong Yan, Nan Jiang, Xiaoqi Jia, Weijuan Zhang: CubeVisor: A Multi-realm Architecture Design for Running VM with ARM CCA. ACSAC 2024: 1-13

[Computers&Security, CCF-B] Qihang Zhou, Wenzhuo Cao, Xiaoqi Jia, Shengzhi Zhang, Jiayun Chen, Nan Jiang, Weijuan Zhang, Haichao Du, Zhenyu Song, Qingjia Huang: HClave: An isolated execution environment design for hypervisor runtime security. Comput. Secur. 144: 103923 (2024)

[COMPJ, CCF-B] Zeyi Liu, Weijuan Zhang, Ji Xiang, Daren Zha, Lei Wang: NP-LFA: Non-profiled Leakage Fingerprint Attacks against Improved Rotating S-box Masking Scheme. Comput. J. 65(6): 1598-1610 (2022)

[IPDPS, CCF-B] Qihang Zhou, Xiaoqi Jia, Shengzhi Zhang, Nan Jiang, Jiayun Chen, Weijuan Zhang: SecFortress: Securing Hypervisor using Cross-layer Isolation. IPDPS 2022: 212-222

[ACSAC, CCF-B] Jianwei Tai, Xiaoqi Jia, Qingjia Huang, Weijuan Zhang, Haichao Du, Shengzhi Zhang: SEEF-ALDR: A Speaker Embedding Enhancement Framework via Adversarial Learning based Disentangled Representation. ACSAC 2020: 939-950

[ECAI, CCF-B] Xiaoqi Jia, Jianwei Tai, Hang Zhou, Yakai Li, Weijuan Zhang, Haichao Du, Qingjia Huang: ET-GAN: Cross-Language Emotion Transfer Based on Cycle-Consistent Generative Adversarial Networks. ECAI 2020: 2038-2045

已指导学生

陈镜麒  硕士研究生  083900-网络空间安全  

陈颖霓  硕士研究生  083900-网络空间安全  

现指导学生

钟雨初  硕士研究生  085412-网络与信息安全  

刘庆祺  硕士研究生  083900-网络空间安全  

王昱杰  硕士研究生  083900-网络空间安全  

李涛  硕士研究生  085412-网络与信息安全  

刘锟宇  硕士研究生  085412-网络与信息安全