Yuhui ZHU
PhD Candidate in Cybersecurity at Scuola Superiore Sant'Anna

Istituto Tecip, Zona CNR
Via Giuseppe Moruzzi, 1
56124 Pisa PI, Italy
I am Yuhui Zhu, a Ph.D. candidate in the National PhD Program in Cybersecurity at the Sant’Anna School of Advanced Studies and the IMT School for Advanced Studies Lucca.
Since February 2023, I have been a PhD researcher at the ReTiS Laboratory under the supervision of Prof. Alessandro Biondi. I earned my Master’s degree in Computer Science from the University of Jinan, China, in June 2022, where I was supervised by Prof. Zhenxiang Chen.
From February to August 2025, I was a visiting researcher with the VUSec group at Vrije Universiteit Amsterdam, where I collaborated with Prof. Cristiano Giuffrida.
See more about me on misc page.
research
My research focuses on the security of computer systems and broader cybersecurity engineering topics, including microarchitectures, embedded systems, operating systems, and foundational software. In particular, I work on:
- Developing advanced techniques and theories to enhance the security of personal computing devices, network infrastructures, embedded applications, and virtualization systems.
- Investigating vulnerabilities that arise at the intersection of hardware and software security mechanisms by reverse-engineering diverse CPU microarchitectures and systematically analyzing security-critical software components, such as OS kernels, language runtimes, and browsers.
OPEN TO JOB OPPORTUNITIES
I am currently looking for a position in the field of cybersecurity, particularly in system security, hardware security, or software security. If you are interested in my profile, please feel free to contact me via email yuhui.zhu@santannapisa.it!
news
Jun 11, 2025 | Paper Exploiting Inaccurate Branch History in Side-Channel Attacks has been accepted at the 34th USENIX Security Symposium 2025. |
---|---|
Feb 15, 2025 | I have joined the VUSec group at Vrije Universiteit Amsterdam as a visiting PhD researcher. |
Jan 22, 2025 | A new vulnerability, Spectre-BSE (CVE-2024-10929), reported by our team in September 2024, has been disclosed by Arm. Further details are available in the Arm CPU Security Bulletin. |