Researcher profile

Ting Yu

Ting Yu contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate

Cryptography and Security Artificial Intelligence quant-ph Computer Vision cond-mat.mtrl-sci Emerging Technologies hep-th Machine Learning math.PR nlin.CD physics.gen-ph physics.optics

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author

14works

0followers

12topics

4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

preprint2026arXiv

Exposing Hidden Interfaces: LLM-Guided Type Inference for Reverse Engineering macOS Private Frameworks

Private macOS frameworks underpin critical services and daemons but remain undocumented and distributed only as stripped binaries, complicating security analysis. We present MOTIF, an agentic framework that integrates tool-augmented analysis with a finetuned large language model specialized for Objective-C type inference. The agent manages runtime metadata extraction, binary inspection, and constraint checking, while the model generates candidate method signatures that are validated and refined into compilable headers. On MOTIF-Bench, a benchmark built from public frameworks with groundtruth headers, MOTIF improves signature recovery from 15% to 86% compared to baseline static analysis tooling, with consistent gains in tool-use correctness and inference stability. Case studies on private frameworks show that reconstructed headers compile, link, and facilitate downstream security research and vulnerability studies. By transforming opaque binaries into analyzable interfaces, MOTIF establishes a scalable foundation for systematic auditing of macOS internals.

preprint2026arXiv

Overcoming the Retrieval Barrier: Indirect Prompt Injection in the Wild for LLM Systems

Large language models (LLMs) increasingly rely on retrieving information from external corpora. This creates a new attack surface: indirect prompt injection (IPI), where hidden instructions are planted in the corpora and hijack model behavior once retrieved. Previous studies have highlighted this risk but often avoid the hardest step: ensuring that malicious content is actually retrieved. In practice, unoptimized IPI is rarely retrieved under natural queries, which leaves its real-world impact unclear. We address this challenge by decomposing the malicious content into a trigger fragment that guarantees retrieval and an attack fragment that encodes arbitrary attack objectives. Based on this idea, we design an efficient and effective black-box attack algorithm that constructs a compact trigger fragment to guarantee retrieval for any attack fragment. Our attack requires only API access to embedding models, is cost-efficient (as little as $0.21 per target user query on OpenAI's embedding models), and achieves near-100% retrieval across 11 benchmarks and 8 embedding models (including both open-source models and proprietary services). Based on this attack, we present the first end-to-end IPI exploits under natural queries and realistic external corpora, spanning both RAG and agentic systems with diverse attack objectives. These results establish IPI as a practical and severe threat: when a user issued a natural query to summarize emails on frequently asked topics, a single poisoned email was sufficient to coerce GPT-4o into exfiltrating SSH keys with over 80% success in a multi-agent workflow. We further evaluate several defenses and find that they are insufficient to prevent the retrieval of malicious text, highlighting retrieval as a critical open vulnerability.

preprint2022arXiv

A Large Scale Study and Classification of VirusTotal Reports on Phishing and Malware URLs

VirusTotal (VT) provides aggregated threat intelligence on various entities including URLs, IP addresses, and binaries. It is widely used by researchers and practitioners to collect ground truth and evaluate the maliciousness of entities. In this work, we provide a comprehensive analysis of VT URL scanning reports containing the results of 95 scanners for 1.577 Billion URLs over two years. Individual VT scanners are known to be noisy in terms of their detection and attack type classification. To obtain high quality ground truth of URLs and actively take proper actions to mitigate different types of attacks, there are two challenges: (1) how to decide whether a given URL is malicious given noisy reports and (2) how to determine attack types (e.g., phishing or malware hosting) that the URL is involved in, given conflicting attack labels from different scanners. In this work, we provide a systematic comparative study on the behavior of VT scanners for different attack types of URLs. A common practice to decide the maliciousness is to use a cut-off threshold of scanners that report the URL as malicious. However, in this work, we show that using a fixed threshold is suboptimal, due to several reasons: (1) correlations between scanners; (2) lead/lag behavior; (3) the specialty of scanners; (4) the quality and reliability of scanners. A common practice to determine an attack type is to use majority voting. However, we show that majority voting could not accurately classify the attack type of a URL due to the bias from correlated scanners. Instead, we propose a machine learning-based approach to assign an attack type to URLs given the VT reports.

preprint2022arXiv

Asymptotic behaviors for distribution dependent SDEs driven by fractional Brownian motions

In this paper, we study small-time asymptotic behaviors for a class of distribution dependent stochastic differential equations driven by fractional Brownian motions with Hurst parameter $H\in(1/2,1)$ and magnitude $\ep^H$. By building up a variational framework and two weak convergence criteria in the factional Brownian motion setting, we establish the large and moderate deviation principles for this type equations. Besides, we also obtain the central limit theorem, in which the limit process solves a linear equation involving the Lions derivative of the drift coefficient.

preprint2022arXiv

Dative epitaxy of commensurate monocrystalline covalent-van der Waals moiré supercrystal

Realizing van der Waals (vdW) epitaxy in the 80s represents a breakthrough that circumvents the stringent lattice matching and processing compatibility requirements in conventional covalent heteroepitaxy. However, due to the weak vdW interactions, there is little control over film qualities by the substrate. Typically, discrete domains with a spread of misorientation angles are formed, limiting the applicability of vdW epitaxy. Here we report the epitaxial growth of monocrystalline, covalent Cr5Te8 2D crystals on monolayer vdW WSe2 by chemical vapor deposition, driven by interfacial dative bond formation. The lattice of Cr5Te8, with a lateral dimension of a few ten microns, is fully commensurate with that of WSe2 via 3 x 3 (Cr5Te8)-7 x 7 (WSe2) supercell matching, forming a single crystalline moire superlattice. Our work has established a conceptually distinct paradigm of thin film epitaxy termed dative epitaxy, which takes full advantage of covalent epitaxy with chemical bonding for fixing the atomic registry and crystal orientation, while circumventing its stringent lattice matching and processing compatibility requirements; conversely, it ensures the full flexibility of vdW epitaxy, while avoiding its poor orientation control. Cr5Te8 2D crystals grown by dative epitaxy exhibit square magnetic hysteresis, suggesting minimized interfacial defects that can serve as pinning sites.

preprint2022arXiv

Finding MNEMON: Reviving Memories of Node Embeddings

Previous security research efforts orbiting around graphs have been exclusively focusing on either (de-)anonymizing the graphs or understanding the security and privacy issues of graph neural networks. Little attention has been paid to understand the privacy risks of integrating the output from graph embedding models (e.g., node embeddings) with complex downstream machine learning pipelines. In this paper, we fill this gap and propose a novel model-agnostic graph recovery attack that exploits the implicit graph structural information preserved in the embeddings of graph nodes. We show that an adversary can recover edges with decent accuracy by only gaining access to the node embedding matrix of the original graph without interactions with the node embedding models. We demonstrate the effectiveness and applicability of our graph recovery attack through extensive experiments.

preprint2021arXiv

All-Chalcogenide Programmable All-Optical Deep Neural Networks

Deeplearning algorithms are revolutionising many aspects of modern life. Typically, they are implemented in CMOS-based hardware with severely limited memory access times and inefficient data-routing. All-optical neural networks without any electro-optic conversions could alleviate these shortcomings. However, an all-optical nonlinear activation function, which is a vital building block for optical neural networks, needs to be developed efficiently on-chip. Here, we introduce and demonstrate both optical synapse weighting and all-optical nonlinear thresholding using two different effects in a chalcogenide material photonic platform. We show how the structural phase transitions in a wide-bandgap phase-change material enables storing the neural network weights via non-volatile photonic memory, whilst resonant bond destabilisation is used as a nonlinear activation threshold without changing the material. These two different transitions within chalcogenides enable programmable neural networks with near-zero static power consumption once trained, in addition to picosecond delays performing inference tasks not limited by wire charging that limit electrical circuits; for instance, we show that nanosecond-order weight programming and near-instantaneous weight updates enable accurate inference tasks within 20 picoseconds in a 3-layer all-optical neural network. Optical neural networks that bypass electro-optic conversion altogether hold promise for network-edge machine learning applications where decision-making in real-time are critical, such as for autonomous vehicles or navigation systems such as signal pre-processing of LIDAR systems.

preprint2021arXiv

Method and Dataset Entity Mining in Scientific Literature: A CNN + Bi-LSTM Model with Self-attention

Literature analysis facilitates researchers to acquire a good understanding of the development of science and technology. The traditional literature analysis focuses largely on the literature metadata such as topics, authors, abstracts, keywords, references, etc., and little attention was paid to the main content of papers. In many scientific domains such as science, computing, engineering, etc., the methods and datasets involved in the scientific papers published in those domains carry important information and are quite useful for domain analysis as well as algorithm and dataset recommendation. In this paper, we propose a novel entity recognition model, called MDER, which is able to effectively extract the method and dataset entities from the main textual content of scientific papers. The model utilizes rule embedding and adopts a parallel structure of CNN and Bi-LSTM with the self-attention mechanism. We evaluate the proposed model on datasets which are constructed from the published papers of four research areas in computer science, i.e., NLP, CV, Data Mining and AI. The experimental results demonstrate that our model performs well in all the four areas and it features a good learning capacity for cross-area learning and recognition. We also conduct experiments to evaluate the effectiveness of different building modules within our model which indicate that the importance of different building modules in collectively contributing to the good entity recognition performance as a whole. The data augmentation experiments on our model demonstrated that data augmentation positively contributes to model training, making our model much more robust in dealing with the scenarios where only small number of training samples are available. We finally apply our model on PAKDD papers published from 2009-2019 to mine insightful results from scientific papers published in a longer time span.

preprint2021arXiv

Nonlocal magnon entanglement generation in coupled hybrid cavity systems

We investigate dynamical generation of macroscopic nonlocal entanglements between two remote massive magnon-superconducting-circuit hybrid systems. Two fiber-coupled microwave cavities are employed to serve as an interaction channel connecting two sets of macroscopic hybrid units each containing a magnon (hosted by a Yttrium-Iron-Garnet sphere) and a superconducting-circuit qubit. Surprisingly, it is found that stronger coupling does not necessarily mean faster entanglement generation. The proposed hybrid system allows the existence of an optimal fiber coupling strength that requests the shortest amount of time to generate a systematic maximal entanglement. Our theoretical results are shown to be within the scope of specific parameters that can be achieved with current technology. The noise effects on the implementation of systems are also treated in a general environment suggesting the robustness of entanglement generation. Our discrete-variable qubit-like entanglement theory of magnons may lead to direct applications in various quantum information tasks.

preprint2020arXiv

Classical route to quantum chaotic motions

We extract the information of a quantum motion and decode it into a certain orbit via a single measurable quantity. Such that a quantum chaotic system can be reconstructed as a chaotic attractor. Two configurations for reconstructing this certain orbit are illustrated, which interpret quantum chaotic motions from the perspectives of probabilistic nature and the uncertainty principle, respectively. We further present a strategy to import classical chaos to a quantum system, revealing a connection between the classical and quantum worlds.

preprint2020arXiv

Security Analysis of EOSIO Smart Contracts

The EOSIO blockchain, one of the representative Delegated Proof-of-Stake (DPoS) blockchain platforms, has grown rapidly recently. Meanwhile, a number of vulnerabilities and high-profile attacks against top EOSIO DApps and their smart contracts have also been discovered and observed in the wild, resulting in serious financial damages. Most of EOSIO's smart contracts are not open-sourced and they are typically compiled to WebAssembly (Wasm) bytecode, thus making it challenging to analyze and detect the presence of possible vulnerabilities. In this paper, we propose EOSAFE, the first static analysis framework that can be used to automatically detect vulnerabilities in EOSIO smart contracts at the bytecode level. Our framework includes a practical symbolic execution engine for Wasm, a customized library emulator for EOSIO smart contracts, and four heuristics-driven detectors to identify the presence of four most popular vulnerabilities in EOSIO smart contracts. Experiment results suggest that EOSAFE achieves promising results in detecting vulnerabilities, with an F1-measure of 98%. We have applied EOSAFE to all active 53,666 smart contracts in the ecosystem (as of November 15, 2019). Our results show that over 25% of the smart contracts are vulnerable. We further analyze possible exploitation attempts against these vulnerable smart contracts and identify 48 in-the-wild attacks (25 of them have been confirmed by DApp developers), resulting in financial loss of at least 1.7 million USD.

preprint2020arXiv

The Garden of Forking Paths: Towards Multi-Future Trajectory Prediction

This paper studies the problem of predicting the distribution over multiple possible future paths of people as they move through various visual scenes. We make two main contributions. The first contribution is a new dataset, created in a realistic 3D simulator, which is based on real world trajectory data, and then extrapolated by human annotators to achieve different latent goals. This provides the first benchmark for quantitative evaluation of the models to predict multi-future trajectories. The second contribution is a new model to generate multiple plausible future trajectories, which contains novel designs of using multi-scale location encodings and convolutional RNNs over graphs. We refer to our model as Multiverse. We show that our model achieves the best results on our dataset, as well as on the real-world VIRAT/ActEV dataset (which just contains one possible future).

preprint2019arXiv

Discrete Phase Space, Relativistic Quantum Electrodynamics, and a Non-Singular Coulomb Potential

This paper deals with the relativistic, quantized electromagnetic and Dirac field equations in the arena of discrete phase space and continuous time. The mathematical formulation involves partial difference equations. In the consequent relativistic quantum electrodynamics, the corresponding Feynman diagrams and S#-matrix elements are derived. In the special case of electron-electron scattering (Moller scattering), the explicit second order element <f|S#(2)|i> is deduced. Moreover, assuming the slow motions for two external electrons, the approximation of <f|S#(2)|i> yields a divergence-free Coulomb potential.

preprint2019arXiv

Persistent spin squeezing of dissipative Lipkin-Meshkov-Glick Model embedded in a general thermal environment

We investigate spin squeezing for a Lipkin-Meshkov-Glick (LMG) model coupled to a general non-Markovian environment in a finite temperature regime. Using the non-Markovian quantum state diffusion and master equation approach, we numerically study non-Markovian spin squeezing generation in LMG model. Our results show that the total spin number N, energy kBT, and certain coefficients in a LMG model can play a crucial role in generating spin squeezing. In particular, it shows that the maximum spin squeezing can be significantly enhanced when the participating environment has a relatively long memory time.

Ting Yu

Quick read

Decide how to stay connected

How to connect with this researcher

Open a focused conversation when the fit is right

See the researcher in context

Building this graph slice

14 published item(s)

Exposing Hidden Interfaces: LLM-Guided Type Inference for Reverse Engineering macOS Private Frameworks

Overcoming the Retrieval Barrier: Indirect Prompt Injection in the Wild for LLM Systems

A Large Scale Study and Classification of VirusTotal Reports on Phishing and Malware URLs

Asymptotic behaviors for distribution dependent SDEs driven by fractional Brownian motions

Dative epitaxy of commensurate monocrystalline covalent-van der Waals moiré supercrystal

Finding MNEMON: Reviving Memories of Node Embeddings

All-Chalcogenide Programmable All-Optical Deep Neural Networks

Method and Dataset Entity Mining in Scientific Literature: A CNN + Bi-LSTM Model with Self-attention

Nonlocal magnon entanglement generation in coupled hybrid cavity systems

Classical route to quantum chaotic motions

Security Analysis of EOSIO Smart Contracts

The Garden of Forking Paths: Towards Multi-Future Trajectory Prediction

Discrete Phase Space, Relativistic Quantum Electrodynamics, and a Non-Singular Coulomb Potential

Persistent spin squeezing of dissipative Lipkin-Meshkov-Glick Model embedded in a general thermal environment