I am currently an associate professor at the Institute for Network Sciences and Cyberspace, Tsinghua University. I received my Ph.D. in Computer Science from Tsinghua University (Supervisor: Prof. Xia Yin and Co-Advisor: Prof. Xingang Shi) in 2018 and B.E. in Computer Science from JiLin University in 2013.

I am broadly interested in network systems and security, with an emphasis on wide area network, internet and cloud. My research strives to make these systems smart and secure, by bridging the networking and security with observability, data science, machine learning, formal verifications, artificial intelligence and distributed computing.

I am looking for PhD/master students (will enroll in fall 2026) to join our exciting system and networking projects. Experience with system programming is a big plus. Feel free to contact me!

Network Observability: Distributed tracing system[SIGCOMM'23][SIGCOMM'25]. SSL/TLS Certificate analysis framework[WWW'25]. Configuration verification algorithm[TIFS'24]. Malicious container detection system[CCS'22].Malicious traffic detection algorithm[TIFS'22],[TIFS'23],[CCS'21],[NDSS'22]. Log analysis framework[TIFS'21]. APT detection algorithm[TIFS'23]. Flow measurement algorithm[TPDS'21][SIGCOMM'25].

Internet Routing: Routing reliability[ToN'22][CoNEXT'21].SDN routing[ICNP'22][INFOCOM'20].Routing protection algorithm[JNCA'20].Hybrid SDN routing[JNCA'20].Routing tester[TIFS'23].

Network Scheduling: Programmable switch offloading[INFOCOM'24],[TPDS'22]. Serverless function scheduling[TPDS'23]. Congestion control algorithm[INFOCOM'15],[ToN'20][IWQoS'23].Coflow scheduling frawework[TPDS'19][ICNP'17].

[1] Yantao Geng, Han Zhang*, Zhiheng Wu, Yahui Li, Jilong Wang, Xia Yin. "Non-Intrusive Distributed Tracing with Method-Level Delay Estimation for Microservices Troubleshooting", ACM ICSE 2026.(to appear)

[1] Zhang Tianyu, Han Zhang*, Yunze Wei, Yahui Li, Xingang Shi, Jilong Wang, and Xia Yin. "ACME++: Secure ACME Client Verification for Web-PKI." ACM WWW 2025.[PDF]

[2] Zhaozhen Wang, Xingang Shi*, Haijun Geng, Han Zhang, Xia Yin and Zhiliang Wang. "On Non-Commutative Routing. In Proceedings of the IEEE INFOCOM 2025 Conference, pp. 420-437. 2025."(to appear)

[3] Yahui Li, Han Zhang*, Jilong Wang, Xingang Shi, Xia Yin, Zhiliang Wang, Jiankun Hu, Congcong Miao, and Jianping Wu. "Proactively Verifying Quantitative Network Policy across Unsafe and Unreliable Environments", IEEE Transactions on Information Forensics and Security. (to appear)

[4] Ying Tian, Zhiliang Wang*, Xia Yin, Xingang Shi, Jiahai Yang and Han Zhang*. "Centralized Network Utility Maximization with Accelerated Gradient Method", IEEE Transactions on Networking. [PDF]

[5] Yantao Geng, Han Zhang*, Zhiheng Wu, Yahui Li, Jilong Wang, Xia Yin. "Low-Overhead Distributed Application Observation with DeepTrace: Achieving Accurate Tracing in Production Systems", SIGCOMM 2025.(to appear)

[6] Han Zhang, Guyue Liu*, Xingang Shi, Yahui Li, Jilong Wang, Yongqing Zhu, Ke Ruan, Jie Liang, Xia Yin. "Achieving High-Speed and Robust Encrypted Traffic Anomaly Detection with Programmable Switches", SIGCOMM 2025.(Short paper, to appear)

[7] Zhiyun Tang, Yahui Li, Xingang Shi, Jilong Wang, Yongqing Zhu, Ke Ruan, Xia Yin, Han Zhang*. " Probabilistic Analysis of Overload-Free Property for Critical Traffic", IWQOS 2025.(to appear)

[8] Zitong Jin, Xingang Shi*, Bin Xiong, Xinyao Huang, Xiaotian Xi, Dan Li, Han Zhang, Zhiliang Wang, Xia Yin. " HELA: Inferring AS Relationships withH a Hybrid of Empirical and Learning Algorithms", IEEE Transactions on Networking.(to appear)

[9] Kaiyang Zhao, Han Zhang*, Yao Tong, Yahui Li, Xingang Shi, Zhiliang Wang, Xia Yin, Jianping Wu . " SRmesh: Deterministic and Efficient Diagnosis of Latency Bottleneck Links in SRv6 Networks", IEEE ICNP 2025.(to appear)

[10] Su Wang, Hongbin Sun, Zhiliang Wang,Tao Zhou, Xia Yin, Dongqi Han, Han Zhang, Xingang Shi, Jiahai Yang. End-to-end Attack Scene Reconstruction in a Host with Rules and Anomaly-based Detection Models. IEEE Transactions on Information Forensics and Security.[PDF]

[11] Yanxu Fu, Pei Zhang*, Han Zhang, Xiaohong Huang, kun Xie, Dandan Li. " BGPFlow: Flow-based Feature Extraction for BGP Anomaly Detection", SIGCOMM 2025 workshop (to appear)

[1] Yi Qiao, Han Zhang*, Jilong Wang. "NNetFEC: In-network FEC Encoding Acceleration for Latency-sensitive Multimedia Applications." In Proceedings of the IEEE INFOCOM 2024 Conference, pp. 420-437. 2024. [PDF]

[2] Xinzhe Liu, Yahui Li*, Han Zhang, Xia Yin, Xingang Shi, Zhiliang Wang, Gang Ren, and Jiangyuan Yao. "Poster: Scalable and Interpretable Multilayer Overlay Network Checking via Ensemble Verification. In Proceedings of the ACM SIGCOMM 2024 Conference: Posters and Demos (ACM SIGCOMM Posters and Demos '24)." [PDF]

[3] Yahui Li, Han Zhang* Jilong Wang, Xingang Shi, Xia Yin, Zhiliang Wang, Jiankun Hu, Congcong Miao, and Jianping Wu. "Proactively Verifying Quantitative Network Policy across Unsafe and Unreliable Environments", IEEE Transactions on Information Forensics and Security. [PDF]

[4] Weihan Chen, Zhiliang Wang*, Han Zhang, Xia Yin, Xingang Shi, "Cost-efficient flow migration for SFC dynamical scheduling in geo-distributed clouds", Computer Networks Volume 249, July 2024. [PDF]

[5] He Jun, Yahui Li*, Han Zhang*, Changqing An, and Jilong Wang. "ROV-GD: Improving the Measurement of ROV Deployment Using Graph Difference." In 2024 IEEE Symposium on Computers and Communications (ISCC), pp. 1-7. IEEE, 2024. [PDF]

[6] Kunling, H., L. Fenghua, Jessie Hui Wang, Han Zhang, and Yiren Zhao. "AB-TCAD: An Access Behavior-Based Two-Stage Compromised Account Detection Framework." In 2024 IFIP Networking Conference (IFIP Networking), pp. 104-112. IEEE, 2024 [PDF]

[1] Shen Junxian, Han Zhang*, Yang Xiang, Xingang Shi, Xinrui Li, Yunxi Shen, Zijian Zhang et al. "Network-centric distributed tracing with DeepFlow: Troubleshooting your microservices in zero code." In Proceedings of the ACM SIGCOMM 2023 Conference, pp. 420-437. 2023. [PDF]

[2] Ming Wang, Yahui Li, Han Zhang, Anlun Hong, Jun He and Jilong Wang, "Knocking Cells: Latency-Based Identification of IPv6 Cellular Addresses on the Internet," 2023 IEEE Symposium on Computers and Communications (ISCC), Gammarth, Tunisia, 2023. [PDF]

[3] Jiawei Li, Han Zhang* and Jilong Wang, "PUVAR:Minimize Idle Resource SLO Violations by Uncertainty-Aware Scheduling in Cloud Platforms," 2023 IEEE International Conference on Web Services (ICWS), Chicago, IL, USA, 2023. [PDF]

[4] Yantao Geng, Han Zhang*, Jilong Wang, "Delay Based Congestion Control for Cross-Datacenter Networks," 2023 IEEE/ACM 31st International Symposium on Quality of Service (IWQoS), Orlando, FL, USA, 2023. [PDF]

[5] Allen Hong, Yahui Li*, Han Zhang*, Ming Wang, Changqing An and Jilong Wang, "A cheap and accurate delay-based IP Geolocation method using Machine Learning and Looking Glass," 2023 IFIP Networking Conference (IFIP Networking), Barcelona, Spain, 2023. [PDF]

[6] Jun He, Yahui Li*, Han Zhang*, Ming Wang, Changqing An, Jilong Wang, "Be Careful of Your Neighbors: Injected Sub-Prefix Hijacking Invisible to Public Monitors," ICC 2023.

[7] Shuanghong Yu, Fenghua Li*, Han Zhang, Kunling He and Xingkun Yao, "GapReplay: A High-Accuracy Packet Replayer," ICC 2023 - IEEE International Conference on Communications, Rome, Italy, 2023. [PDF]

[8] Heng Yu, Han Zhang*, Junxian Shen, Yantao Geng et al., "Serpens: A High Performance FaaS Platform for Network Functions," in IEEE Transactions on Parallel and Distributed Systems, vol. 34, no. 8, pp. 2448-2463, Aug. 2023. [PDF]

[9] Pei Zhang, Fangzhou He, Han Zhang*, Jiankun Hu et al., "Real-Time Malicious Traffic Detection With Online Isolation Forest Over SD-WAN," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 2076-2090, 2023. [PDF]

[10] Tianbo Wang, Huacheng Li, Chunhe Xia*, Han Zhang and Pei Zhang, "From the Dialectical Perspective: Modeling and Exploiting of Hybrid Worm Propagation," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 1610-1624, 2023. [PDF]

[11] Yahui Li, Han Zhang*, Jilong Wang, Xia Yin, Xingang Shi, Jianping Wu, "A General Approach to Generate Test Packets With Network Configurations," in IEEE Transactions on Parallel and Distributed Systems, vol. 34, no. 4, pp. 1362-1375, April 2023. [PDF]

[1] Yi Qiao, Menghao Zhang, Yu Zhou, Xiao Kong, Han Zhang* et al, "NetEC: Accelerating Erasure Coding Reconstruction With In-Network Aggregation," in IEEE Transactions on Parallel and Distributed Systems, vol. 33, no. 10, pp. 2571-2583, 1 Oct. 2022 [PDF]

[2] Su Wang, Zhiliang Wang*, Tao Zhou, Hongbin Sun, Xia Yin, Dongqi Han, Han Zhang et al., "THREATRACE: Detecting and Tracing Host-Based Threats in Node Level Through Provenance Graph Learning," in IEEE Transactions on Information Forensics and Security, vol. 17, pp. 3972-3987, 2022. [PDF]

[3] Han Zhang, Yin Xia, Shi Xingang*, Wang Jilong, Wang Zhiliang, Guo Yingya, Lan Tian, Li Yahui, Zhu Yongqing, Ruan Ke, Geng Haijun. "Achieving High Availability in Inter-DC WAN Traffic Engineering". IEEE/ACM Transactions on Networking, 2022. [PDF]

[4] Zongyi Zhao, Xingang Shi*, Zhiliang Wang, Qi Li, Han Zhang and Xia Yin, "Efficient and Accurate Flow Record Collection With HashFlow," in IEEE Transactions on Parallel and Distributed Systems, vol. 33, no. 5, pp. 1069-1083, 1 May 2022. [PDF]

[5] Shangbin Han, Qianhong Wu, Han Zhang, Bo Qin, Jiangyuan Yao, Willy Susilo, "Autoperman: Automatic Network Traffic Anomaly Detection with Ensemble Learning". In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Advances in Artificial Intelligence and Security. ICAIS 2022. [PDF]

[6] Junxian Shen, Han Zhang*, Yantao Geng, Jiawei Li, Jilong Wang, and Mingwei Xu. 2022, "Gringotts: Fast and Accurate Internal Denial-of-Wallet Detection for Serverless Computing", In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS '22). Association for Computing Machinery, New York, NY, USA, 2627–2641. [PDF]

[7] Dongqi Han, Zhiliang Wang*, Wenqi Chen, Kai Wang, Rui Yu, Su Wang, Han Zhang, Zhihua Wang et al.,"Anomaly Detection in the Open World: Normality Shift Detection, Explanation, and Adaptation", Network and Distributed System Security Symposium 2022. [PDF]

[8] Heng Yu, Junxain Shen, Han Zhang*, Jilong Wang, Congcong Miao and Mingwei Xu, "Scorpius: Proactive Code Preparation to Accelerate Function Startup," 2022 IEEE/ACM 30th International Symposium on Quality of Service (IWQoS), Oslo, Norway, 2022. [PDF]

[9] Yongkang Chen, Ming Zhang*, Jin Li, Xiaohui Kuang, Xurong Zhang and Han Zhang, "Dynamic and Diverse Transformations for Defending Against Adversarial Examples," 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Wuhan, China, 2022. [PDF]

[10] Ying Tian, Zhiliang Wang*, Xia Yin, Xingang Shi, Jiahai Yang and Han Zhang, "Centralized Network Utility Maximization with Accelerated Gradient Method," 2022 IEEE 30th International Conference on Network Protocols (ICNP), Lexington, KY, USA, 2022. [PDF]

[11] Shangbin Han, Qianhong Wu, Han Zhang* and Bo Qin, "Light-weight Unsupervised Anomaly Detection for Encrypted Malware Traffic," 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC), Guilin, China, 2022. [PDF]

[1] Han Zhang, Xingang Shi*, Xia Yin, Jilong Wang, Zhiliang Wang, Yingya Guo, and Tian Lan. 2021, "Boosting bandwidth availability over inter-DC WAN," In Proceedings of the 17th International Conference on emerging Networking EXperiments and Technologies (CoNEXT '21). Association for Computing Machinery, New York, NY, USA. [PDF]

[2] Dongqi Han, Zhiliang Wang*, Wenqi Chen, Ying Zhong, Su Wang, Han Zhang, Jiahai Yang, Xingang Shi, and Xia Yin. 2021, "DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications", In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS '21). Association for Computing Machinery, New York, NY, USA. [PDF]

[3] Weihan Chen, Zhiliang Wang*, Han Zhang, Xia Yin and Xingang Shi, "Cost-Efficient Dynamic Service Function Chain Embedding in Edge Clouds," 2021 17th International Conference on Network and Service Management (CNSM), Izmir, Turkey, 2021. [PDF]

[4] Ying Tian, Zhiliang Wang*, Xia Yin, Xingang Shi, Jiahai Yang, Han Zhang, Yingya Guo et al., "Traffic Engineering with Segment Routing Considering Probabilistic Failures," 2021 17th International Conference on Network and Service Management (CNSM), Izmir, Turkey, 2021. [PDF]

[5] Yingya Guo, Weipeng Wang, Han Zhang, Wenzhong Guo, Zhiliang Wang, Ying Tian et al., "Traffic Engineering in Hybrid Software Defined Network via Reinforcement Learning", Journal of Network and Computer Applications 189, 103116, 2021. [PDF]

[6] Shangbin Han, Qianhong Wu, Han Zhang*, Bo Qin, Jiankun Hu et al., "Log-Based Anomaly Detection With Robust Feature Extraction and Online Learning," in IEEE Transactions on Information Forensics and Security, vol. 16, pp. 2300-2311, 2021. [PDF]

[7] Haijun Geng, Han Zhang*, Yangyang Zhang, "Efficient Routing Protection Algorithm in Large-Scale Networks", Computers, Materials & Continua, 2021, Vol 66, Issue 3, p1733. [PDF]

[1]Weihan Chen, Zhiliang Wang, Han Zhang, Xia Yin, Xingang Shi and Lei Sun, "Poster Abstract: Joint Optimization of Service Function Chain Elastic Scaling and Routing," IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Toronto, ON, Canada, 2020. [PDF]

[2]Yahui Li, Zhiliang Wang*, Xia Yin, Xingang Shi, Jianping Wu, Fangdan Ye, Jiangyuan Yao, Han Zhang, "Assisting reachability verification of network configurations updates with NUV", Computer Networks Volume 177, 4 August 2020. [PDF]

[3]Haijun Geng, Han Zhang, Xingang Shi*, Zhiliang Wang, Xia Yin, "Efficient computation of loop-free alternates", Journal of Network and Computer Applications, Volume 151, 1 February 2020. [PDF]

[4]Haijun Geng, Han Zhang, Xingang Shi* et al., "A hybrid link protection scheme for ensuring network service availability in link-state routing networks," in Journal of Communications and Networks, vol. 22, no. 1, pp. 46-60, Feb. 2020 [PDF]

[1] Han Zhang, Haijun Geng, Yahui Li et al., "DA&FD–Deadline-Aware and Flow Duration-Based Rate Control for Mixed Flows in DCNs," in IEEE/ACM Transactions on Networking, vol. 27, no. 6, pp. 2458-2471, Dec. 2019. [PDF]

[2] Yingya Guo, Zhiliang Wang*, Han Zhang, Xia Yin, Xingang Shi, Jianping Wu, "Joint optimization of tasks placement and routing to minimize Coflow Completion Time", Journal of Network and Computer Applications, Volume 135, 1 June 2019. [PDF]

[3] Yahui Li, Zhiliang Wang*, Jiangyuan Yao, Xia Yin, Xingang Shi, Jianping Wu, Han Zhang, "MSAID: Automated detection of interference in multiple SDN applications", Computer Networks, Volume 153, 22 April 2019. [PDF]

[4] Zhiliang Wang, Han Zhang*, Xingang Shi et al, "Efficient Scheduling of Weighted Coflows in Data Centers," in IEEE Transactions on Parallel and Distributed Systems, vol. 30, no. 9, pp. 2003-2017, 1 Sept. 2019. [PDF]

[5] Yahui Li, Xia Yin, Zhiliang Wang*, Jiangyuan Yang, Xingang Shi, Jianping Wu, Han Zhang et al, "A Survey on Network Verification and Testing With Formal Methods: Approaches and Challenges," in IEEE Communications Surveys & Tutorials, vol. 21, no. 1, pp. 940-969, Firstquarter 2019. [PDF]

[1] Zhifeng Liu, Xia Yin,Zhiliang Wang,Xingang Shi,Yiqiang Hua, Xiaohong Huang,Liang Wei,Jiangyuan Yao, Han Zhang, Man Zeng,Zijun Su,Shuai Liu. Design and construction of hierarchical and cross-regional SDN verification and demonstration system[J]. Telecommunications Science, 2018. [PDF]

[2] Han Zhang, Xingang Shi, Yingya Guo, Haijun Geng, Zhiliang Wang and Xia Yin, "Joint source selection and transfer optimization for erasure coding storage system," 2017 IEEE 36th International Performance Computing and Communications Conference (IPCCC), San Diego, CA, USA, 2017 [PDF]

[3] Han Zhang, Xingang Shi*, Xia Yin and Zhiliang Wang, "Yosemite: Efficient scheduling of weighted coflows in data centers," 2017 IEEE 25th International Conference on Network Protocols (ICNP), Toronto, ON, Canada, 2017. [PDF]

[4] Han Zhang, Xingang Shi, Xia Yin, Zhiliang Wang and Yingya Guo, "FDRC - Flow duration time based rate control in data center networks," 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS), Beijing, China, 2016 [PDF]

[5] Zongyi Zhao, Qi Li, Mingwei Xu, Xingang Shi and Han Zhang, "Reduce completion time and guarantee throughput by transport with slight congestion," 2016 IEEE International Conference on Communications (ICC), Kuala Lumpur, Malaysia, 2016. [PDF]

[6] Xiao Ma, Chuang Lin, Han Zhang*, Jianwei Liu. "Energy-Aware Computation Offloading of IoT Sensors in Cloudlet-Based Mobile Edge Computing". Sensors (Basel). 2018. [PDF]

[7] M. Gharaibeh, Han Zhang, C. Papadopoulos and J. Heidemann, "Assessing co-locality of IP blocks," 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), San Francisco, CA, 2016 [PDF]

[8] Yingya Guo, Zhiliang Wang, Xia Yin, Xingang Shi, Jianping Wu and Han Zhang, "Incremental deployment for traffic engineering in hybrid SDN network," 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), Nanjing, China. [PDF]

[9] Haijun Geng, Xingang Shi, Xia Yin, Zhiliang Wang and Han Zhang, "Algebra and algorithms for efficient and correct multipath QoS routing in link state networks," 2015 IEEE 23rd International Symposium on Quality of Service (IWQoS), Portland, OR, USA, 2015. [PDF]

[10] Haijun Geng, Xia Shi, Xia Yin, Zhiliang Wang and Han Zhang, "An efficient link protection scheme for link-state routing networks," 2015 IEEE International Conference on Communications (ICC), London, UK, 2015. [PDF]

[11] Han Zhang, Xingang Shi, Xia Yin, Fengyuan Ren and Zhiliang Wang, "More load, more differentiation — A design principle for deadline-aware congestion control," 2015 IEEE Conference on Computer Communications (INFOCOM), Hong Kong, China. [PDF]

[12] Han Zhang and C. Papadopoulos, "BotTalker: Generating encrypted, customizable C&C traces," 2015 IEEE International Symposium on Technologies for Homeland Security (HST), Waltham, MA, USA, 2015. [PDF]

[13] Haijun Geng, Xia Shi, Xingang Yin, Zhiliang Wang, Han Zhang and Jiangyuan Yao, "A hybrid link protection scheme for link-state routing networks," 2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC), Austin, TX, USA, 2014. [PDF]

[14] Haijun Geng, Xingang Shi, Xia Yin, Zhiliang Wang, Han Zhang and Jiangyuan Yao, "Let more nodes have a second choice," 2014 IEEE 33rd International Performance Computing and Communications Conference (IPCCC), Austin, TX, USA, 2014 [PDF]

[15] Han Zhang, Xingang Shi*, Yingya Guo, Zhiliang Wang, and Xia Yin. 2017. More load, more differentiation Let more flows finish before deadline in data center networks. Comput. Netw. 127, C (November 2017). [PDF]

Internet engineering,(undergraduate, 32 class hours,Autumn 2023), Autumn 2024.

Network optimation theory and method,(graduate, 32 class hours,Autumn 2022), Autumn 2023, Autumn 2024.

Network anomaly detection,(graduate, 32 class hours),Spring 2022, Spring 2023, Spring 2024,Spring 2025.

Junxian Shen (Ph.D., Grade 5, co-advised with Prof. Jilong Wang)

Kaiyang Zhao (Ph.D., Grade 4, co-advised with Prof. Xia Yin and Prof. Jianping Wu)

Chenyan Gaoyang (Ph.D., Grade 3, co-advised with Prof. Youjian Zhao)

Yantao Geng (Ph.D., Grade 3)

Zhiyun Tang (Master, Grade 3)

Tianyu Zhang (Ph.D., Grade 2)

Xuefeng Liu (Ph.D., Grade 2)

Yunze Wei (Ph.D., co-advised with Prof. Xia Yin)

Zeji Xiao (Ph.D., Grade 2, co-advised with Prof. Jilong Wang)

Zhuo Li (Master, Grade 2)

Boyang Wang (Ph.D., Grade 1, co-advised with Prof. Xia Yin)

Hanyang Lin (Master, Grade 1)

Zhiheng Wu (Master, Grade 1)

Jiarui Li (Master, co-advised with Prof. Jilong Wang), Joined Alibaba.

Heng Yu (Ph.D. co-advised with Prof. Jilong Wang), Joined Zhongguancun Laboratory.

Yi Qiao (Ph.D., co-advised with Prof. Jilong Wang), Joined China Academy of Space Technology.

Shangbin Han (Ph.D., co-advised with Prof. Qianhong Wu), Joined Quan Cheng Laboratory.