About Me

Dr. Junjie Zhang is a tenured Associate Professor in the Department of Computer Science and Engineering at Wright State University. He serves as the Director of the CSE Cyber Security Program and the Point of Contact for Wright State University's designation as a National Center of Academic Excellence in Cyber Defense Education (CAE-CD). His research focuses on software and network security. Dr. Zhang has led research and education initiatives supported by federal, state, and industry partners, including the National Science Foundation (NSF), Air Force Research Laboratory (AFRL), National Highway Traffic Safety Administration/Transportation Research Center (NHTSA/TRC), the Ohio Department of Higher Education (ODHE), and the Ohio Cyber Range Institute (OCRI).

Education

• Georgia Institute of Technology, USA Ph.D. in Computer Science, 2012
• Xi'an Jiaotong University, China M.S. in Systems Engineering, 2006
• Xi'an Jiaotong University, China B.S. in Computer Science, 2003

Academic Appointments

• Associate Professor, 2018-present Department of Computer Science and Engineering Wright State University, Dayton, OH
• Assistant Professor, 2012-2018 Department of Computer Science and Engineering Wright State University, Dayton, OH

Leadership

• Director of the CSE Cyber Security Program, appointed, Feb. 2022-present Department of Computer Science and Engineering Wright State University, Dayton, OH
• Point of Contact for Wright State University's CAE-CD designation.

Honors and Awards

• Awardee, Robert J. Kegerreis Distinguished Professor of Teaching Award, 2024, Wright State University.
• Awardee, Excellence in Teaching of College of Engineering and Computer Science, student voted, 2022, Wright State University.
• Awardee, Excellence in Research of College of Engineering and Computer Science, 2019, Wright State University.

Research Focus

Dr. Junjie Zhang's research focuses on software and network security. His projects and publications emphasize web application vulnerability detection, PHP and WordPress security analysis, fuzzing, firmware and binary analysis, machine-learning-assisted vulnerability detection, botnet and DNS traffic analysis, website fingerprinting, cyber-physical systems security, unmanned systems security, cybersecurity education, and cyber range curriculum.

Grants and Contracts

1. Ohio Dept. of Higher Education, "Integrative Digital Engineering Approaches for Advanced Air Mobility," PI: Darryl Ahner, Co-PI: Junjie Zhang, $896,096, Feb. 2024-June 2025.
2. Ohio Cyber Range Institute, "Digital Forensics: A Hands-on and Interdisciplinary Approach Curriculum," PI: Junjie Zhang, $15,000, 2023-2024.
3. National Security Agency, "National Pathways to Success (NPS): Establishing a National Cybersecurity Academic and Career Bridge Consortium for Community College Students," PI: Fathi Amsaad, Co-PI: Junjie Zhang, $704,535, 2023-2025.
4. Transportation Research Center, "Artificial-Intelligence-Driven Binary-to-Source-Code Function Search," PI: Junjie Zhang, Co-PI: Lingwei Chen, $123,536, 2022-2023.
5. Ohio Cyber Range Institute, "Load-and-Play Cyber Security Labs," PI: Junjie Zhang, Co-PI: Lingwei Chen, $50,000, 2022-2023.
6. Transportation Research Center, "AI-Driven Intelligent Firmware Analysis," PI: Junjie Zhang, $115,995, 2021-2022.
7. Ohio Cyber Range Institute, "Developing Cybersecurity Labs Using Interactive Programming," PI: Junjie Zhang, $15,000, 2021.
8. Air Force Research Laboratory, "Assured Digital Microelectronics Education & Training Ecosystem," PI: Vance Saunder, Co-PIs include Junjie Zhang, Yan Zhuang, Saiyu Ren, and Henry Chen, $29.75 million, 2020-2023. Zhang's share: $200,478.
9. Transportation Research Center, "Scalable Firmware Analysis," PI: Junjie Zhang, $100,000, 2020-2021.
10. Transportation Research Center, "Intelligent Firmware Modeling," PI: Junjie Zhang, $100,000, 2019-2020.
11. Transportation Research Center, "Mission-Oriented Intelligent Firmware Modeling (cont.)," PI: Junjie Zhang, $50,000, 2018-2019.
12. Transportation Research Center, "Mission-Oriented Intelligent Firmware Modeling," PI: Junjie Zhang, $50,000, 2018.
13. Air Force STTR Phase II through Knowledge Base Systems, Inc., "Developing Training Capabilities to Increase Operational System Resiliency," PI: Junjie Zhang, co-PIs: Vance Saunder and Subhashini Ganapathy, $224,658, 2017-2019.
14. NSF I/UCRC CSR, "T-RADAR: Fingerprinting Embedded Systems Using Passive and Active Network Traffic Analysis," PI: Junjie Zhang, $50,000, 2017-2018.
15. Ohio Dept. of Higher Education, "Center for Continuous Cybersecurity Education and Training (C3ET) in West Ohio (cont.) (Rapids2)," PI: Junjie Zhang, co-PI: Vance Saunder, $486,834, 2017-2019.
16. AFRL through Wright Brothers Institute, "Detecting and Analyzing Security Vulnerabilities for the Unmanned Systems Autonomy Services Architecture," PI: Junjie Zhang, $90,620, 2017.
17. National Science Foundation, "REU Site: Cyber Security Research at Wright State University," PI: Junjie Zhang, co-PI: Bin Wang, $358,474, 2016-2019.
18. Ohio Dept. of Higher Education, "Center for Continuous Cybersecurity Education and Training (C3ET) in West Ohio (Rapids1)," PI: Junjie Zhang, co-PI: Vance Saunder, $541,344, 2016-2018.
19. NSF I/UCRC CSR, "Vulnerability Detection for Cyber-Physical Systems," PI: Junjie Zhang, $50,000, 2016-2017.
20. Ball Aerospace, "Scalable Vulnerability Assessment for Large Cyber-Physical Systems," PI: Junjie Zhang, $30,000, 2014-2015.
21. Ball Aerospace, "Automatically Detecting and Analyzing Cyber-Physical System Vulnerabilities and Attack Paths," PI: Junjie Zhang, $50,000, 2013-2014.
22. DoD/AFOSR, "DURIP: Software and Hardware Infrastructure for Energy-Efficient Large-Scale Complex Language Modeling," PI: Shaojun Wang, Co-PIs: Junjie Zhang, Keke Chen, and Amit Sheth, $492,500, 2013-2014.

Conference Publications

1. Apoorva Nandigam, Rui Dai, and Junjie Zhang, "Efficient Point Cloud Streaming via Curvature and Edge-Aware Sampling and Deep-Learning-Based Reconstruction," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2025.
2. Penyu Zhao, Daniel Chong, Honglu Jiang, Junjie Zhang, and Rui Dai, "FedPDFGuard: A Federated Learning Approach for Robust Detection of Malicious PDF Files," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2025.
3. Jin Huang, Junjie Zhang, Jialun Liu, Chuang Li, and Rui Dai, "UQuery: Static Security Analysis of PHP-Based Web Programs Using Graph Models," IEEE Conference on Communications and Network Security (CNS), Oct. 2024.
4. Nathaniel Christian Boland, Junjie Zhang, Daniel Chong, and Rui Dai, "An Empirical Study of Software Sanitization Locality," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2024.
5. James MacLennan and Junjie Zhang, "Path-Safe: Enabling Dynamic Mandatory Access Controls Using Security Tokens," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2024.
6. Al Amin Hossain, Mithun Kumar PK, Junjie Zhang, and Fathi Amsaad, "Malicious Code Detection Using LLM," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2024.
7. Zhuobin Yuan, Ademola Ikusan, Rui Dai, and Junjie Zhang, "No-Reference Image Quality Assessment for Intelligent Sensing Applications," IEEE National Aerospace and Electronics Conference (NAECON), Jul. 2024.
8. David Elmo, George Fragkos, Jay Johnson, Kenneth Rohde, Sean Salinas, and Junjie Zhang, "Disrupting EV Charging Sessions and Gaining Remote Code Execution with DoS, MITM, and Code Injection Exploits using OCPP 1.6," Proceedings of 2023 Resilience Week (RWS), Nov. 2023.
9. Daniel Grahn, Lingwei Chen, and Junjie Zhang, "Code Execution Capability as a Metric for Machine Learning-Assisted Software Vulnerability Detection Models," 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Nov. 2023.
10. Daniel Chong, Junjie Zhang, Nathaniel Boland, and Lingwei Chen, "Automatically Inferring Image Base Addresses of ARM32 Binaries Using Architecture Features," 12th International Symposium on Security and Privacy on Internet of Things (SPIoT), Nov. 2023.
11. Jian Qu, Xiaobo Ma, Jianfeng Li, Xiapu Luo, Lei Xue, Junjie Zhang, Zhenhua Li, Li Feng, and Xiaohong Guan, "An Input-Agnostic Hierarchical Deep Learning Framework for Traffic Fingerprinting," 32nd USENIX Security Symposium, Aug. 2023.
12. Daniel Grahn and Junjie Zhang, "An Analysis of C/C++ Datasets for Machine Learning-Assisted Software Vulnerability Detection," Conference on Applied Machine Learning for Information Security (CAMLIS), Nov. 2021.
13. Jin Huang, Junjie Zhang, Jialun Liu, Chuang Li, and Rui Dai, "UFuzzer: Detecting PHP-Based Unrestricted File Upload Vulnerabilities Using Targeted Fuzzing," 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), Oct. 2021.
14. Xiaobo Ma, Mawei Shi, Bingyu An, Jianfeng Li, Xiapu Luo, Junjie Zhang, and Xiaohong Guan, "Context-aware Website Fingerprinting over Encrypted Proxies," INFOCOM, Aug. 2021.
15. Jin Huang, Yu Li, Junjie Zhang, and Rui Dai, "UChecker: Automatically Detecting PHP-Based Unrestricted File Upload Vulnerabilities," 49th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2019.
16. Yu Li, Ivan Frasure, Ademola Ayodeji Ikusan, Junjie Zhang, and Rui Dai, "Vulnerability Assessment for Unmanned Systems Autonomy Services Architecture," 12th International Conference on Network and System Security (NSS), Aug. 2018.
17. Soham Kelkar, Timothy Kraus, Daria Morgan, Junjie Zhang, and Rui Dai, "Analyzing HTTP-Based Information Exfiltration of Malicious Android Applications," IEEE TrustCom, 2018.
18. Yu Li, Dae Wook Kim, Junjie Zhang, and Derek Doran, "Detecting Suspicious Members in An Online Emotional Support Service," SecureComm, 2018.
19. Jianfeng Li, Xiaobo Ma, Guodong Li, Xiapu Luo, Junjie Zhang, Wei Li, and Xiaohong Guan, "Can We Learn What People Are Doing from RAW DNS Queries?," INFOCOM, 2018.
20. Guangyue Xu, Mingxuan Sun, Junjie Zhang, and Dae Wook Kim, "Tracking You Through DNS Traffic: Linking User Sessions By Clustering With Dirichlet Mixture Model," ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems, Nov. 2017.
21. Kevon Scott, Rui Dai, and Junjie Zhang, "Online-Relaying-Based Image Communication in Unmanned Aerial Vehicle Networks," IEEE International Conference on Communications (ICC), May 2017.
22. Dae Wook Kim and Junjie Zhang, "You Are How You Query: Deriving Behavioral Fingerprints From DNS Traffic," 11th International Conference on Security and Privacy in Communication Networks (SecureComm), 2015.
23. Xiaotian Wang, Matthew Davis, Junjie Zhang, and Vance Saunders, "Mission-Aware Vulnerability Assessment for Cyber-Physical Systems," 1st IEEE International Workshop on Trustworthy Software Systems (TrustSoft), 2015.
24. Jianfeng Li, Jing Tao, Xiaobo Ma, Junjie Zhang, and Xiaohong Guan, "Modeling Repeating Behaviors in Packet Arrivals: Detection and Measurement," IEEE INFOCOM, 2015.
25. Yu Li, Rui Dai, and Junjie Zhang, "Morphing Communications of Cyber-Physical Systems Towards Moving Target Defense," IEEE International Conference on Communications (ICC), 2014.
26. Junjie Zhang, Yinglian Xie, Fang Yu, David Soukal, and Wenke Lee, "Intention and Origination: An Inside Look at Large-Scale Bot Queries," Network and Distributed System Security Symposium (NDSS), 2013.
27. Liting Hu, Karsten Schwan, Ajay Gulati, Junjie Zhang, and Chengwei Wang, "Net-Cohort: Detecting and Managing VM Ensembles in Virtualized Data Centers," International Conference on Autonomic Computing (ICAC), 2012.
28. Xiapu Luo, Peng Zhou, Junjie Zhang, Roberto Perdisci, Wenke Lee, and Rocky KC Chang, "Exposing invisible timing-based traffic watermarks with BACKLIT," Annual Computer Security Applications Conference (ACSAC), 2011.
29. Junjie Zhang, Roberto Perdisci, Wenke Lee, Unum Sarfraz, and Xiapu Luo, "Detecting Stealthy P2P Botnets Using Statistical Traffic Fingerprints," IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2011.
30. Junjie Zhang, Christian Seifert, Jack W. Stokes, and Wenke Lee, "ARROW: Generating Signatures to Detect Drive-By Downloads," International World Wide Web Conference (WWW), 2011.
31. Junjie Zhang, Xiapu Luo, Roberto Perdisci, Guofei Gu, Wenke Lee, and Nick Feamster, "Boosting the Scalability of Botnet Detection using Adaptive Traffic Sampling," ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2011.
32. Xiapu Luo, Junjie Zhang, and Wenke Lee, "On the Secrecy of Spread Spectrum Flow Watermarks," European Conference on Research in Computer Security (ESORICS), 2010.
33. Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee, "BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection," USENIX Security Symposium, 2008.
34. Guofei Gu, Junjie Zhang, and Wenke Lee, "BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic," Network and Distributed System Security Symposium (NDSS), 2008.

Journal Publications

1. Hootan Alavizadeh, Lingwei Chen, and Junjie Zhang, "Reparameterizing Adversarial Reprogramming in Low-Dimensional Subspace for Efficient Software Vulnerability Detection," Journal of Information Security and Applications, in printing, 2026.
2. Daniel Grahn, Lingwei Chen, and Junjie Zhang, "Vul-Mixer: Efficient and Effective Machine Learning-Assisted Software Vulnerability Detection," Electronics, Volume 13, Issue 13, July 2024.
3. Xiaobo Ma, Jian Qu, Mawei Shi, Bingyu An, Jianfeng Li, Xiapu Luo, Junjie Zhang, Zhenhua Li, and Xiaohong Guan, "Website Fingerprinting on Encrypted Proxies: A Flow-Context-Aware Approach and Countermeasures," IEEE/ACM Transactions on Networking, Volume 32, No. 3, Jun. 2024.
4. Mahendra Suthar, Rui Dai, Junjie Zhang, Sasu Tarkoma, and Ian F. Akyildiz, "Multi-Codec Rate Adaptive Point Cloud Streaming for Holographic Type Communication," ITU Journal on Future and Evolving Technologies, Nov. 2023.
5. Yadong Zhou, Bowen Hu, Junjie Zhang, Liyuan Sun, Xingyu Zhu, and Ting Liu, "Detecting Suspicious Transactions in A Virtual-Currency-Enabled Online Social Network," Journal of Network and Computer Applications, Feb. 2023.
6. Yu Li, Jin Huang, Ademola Ikusan, Milliken Mitchell, Junjie Zhang, and Rui Dai, "ShellBreaker: Automatically Detecting PHP-Based Malicious Web Shells," Computers and Security, Nov. 2019.
7. Derek Doran, Luisa Massari, Maria Carla Calzarossa, Yu Li, Daniele Tessera, and Junjie Zhang, "User Interactions and Behaviors in A Large-Scale Online Emotional Support Service," Social Network Analysis and Mining, July 2019.
8. Yuang Yang, Zhongmin Cai, Chunyan Wang, and Junjie Zhang, "Probabilistically Inferring Attack Ramifications Using Temporal Dependency Network," IEEE Transactions on Information Forensics and Security, Nov. 2018.
9. Yu Li, Xiaotian Wang, Dae Wook Kim, Junjie Zhang, and Rui Dai, "Designing self-destructing wireless sensors with security and performance assurance," Computer Networks, 2018.
10. Yadong Zhou, Kaiyue Chen, Junjie Zhang, Junyuan Leng, and Yazhe Tang, "Exploiting the Vulnerability of Flow Table Overflow in Software-Defined Network: Attack Model, Evaluation and Defense," Security and Communication Networks, Jan. 2018.
11. Yadong Zhou, Ximi Wang, Junjie Zhang, Peng Zhang, Lili Liu, Huan Jin, and Hongbo Jin, "Analyzing and Detecting Money-Laundering Accounts in Online Social Networks," IEEE Network Magazine, 2017.
12. Dae Wook Kim and Junjie Zhang, "Deriving and Measuring DNS-Based Fingerprints," Journal of Information Security and Applications, 2017.
13. Jianfeng Li, Xiaobo Ma, Junjie Zhang, Jing Tao, Pinghui Wang, and Xiaohong Guan, "Mining Repeating Patterns in Packet Arrivals: Metrics, Models, and Applications," Information Sciences, Oct. 2017.
14. Yadong Zhou, Dae Wook Kim, Junjie Zhang, Lili Liu, Huan Jin, Hongbo Jin, and Ting Liu, "ProGuard: Detecting Malicious Accounts in Social-Network-Based Online Promotions," IEEE Access, Jan. 2017.
15. Dae Wook Kim, Peiying Yan, and Junjie Zhang, "Detecting Fake Anti-Virus Software Distribution Webpages," Computers and Security, Mar. 2015.
16. Xiaobo Ma, Junjie Zhang, Zhenhua Li, Jianfeng Li, Jing Tao, Xiaohong Guan, John C.S. Lui, and Don Towsley, "Accurate DNS Query Characteristics Estimation via Active Probing," Journal of Network and Computer Applications, Jan. 2015.
17. Xiaobo Ma, Junjie Zhang, Jing Tao, Jianfeng Li, Jue Tian, and Xiaohong Guan, "DNSRadar: Outsourcing Malicious Domain Detection Based on Distributed Cache-Footprints," IEEE Transactions on Information Forensics and Security, Nov. 2014.
18. Junjie Zhang, Roberto Perdisci, Wenke Lee, Xiapu Luo, and Unum Sarfraz, "Building a Scalable System for Stealthy P2P-Botnet Detection," IEEE Transactions on Information Forensics and Security, Jan. 2014.

Teaching

Dr. Zhang regularly teaches the following courses at Wright State University:

• CEG 4430/6430 Cyber Network Security.
• CEG 7420 Software Reverse Engineering and Program Analysis.
• CEG 7600 Trust Networks.

Ph.D. Students Advised to Completion

• Daniel Grahn, "Understanding and Enhancing the Efficiency and Efficacy of Machine Learning-Assisted Software Vulnerability Detection," Dec. 2023. First employment: Principal Data Scientist, Altamira Technologies Corporation, Dayton, OH.
• Jin Huang, "Detecting Server-Side Web Applications with Unrestricted File Upload Vulnerabilities," May 2021. First employment: Software Engineer, Google Inc., Mountain View, CA.
• Yu Li, "Securing Modern Cyberspace using a Multi-Faceted Approach," May 2019. First employment: Tenure-Track Assistant Professor, School of Computer Science and Engineering, Northeastern University (China), Shenyang, Liaoning, China.
• Dae Wook Kim, "Data-Driven Network-Centric Threat Assessment," May 2017. First employment: Tenure-Track Assistant Professor, Department of Computer Science, Eastern Kentucky University, Richmond, KY.

M.S. and Undergraduate Students

Dr. Zhang has advised 14 M.S. students to completion between 2015 and 2023, with projects covering dynamic mandatory access controls, OCPP cyber range platforms, firmware analysis, ARM32 binary image-base inference, WordPress plugin signatures, PHP interpreter fuzzing, OpenWrt malware behavior, vehicle ECU sensor location, symbolic execution, SDN DDoS detection, Android malware information leakage, XSS detection, and cyber-physical-system vulnerability assessment.

He has also supervised undergraduate projects by Jacob Saunders on Twitter data collection for defamation detection and Malcolm Richmond on network penetration testing.