About
I am an Algorithm Expert at Ant Group and a joint postdoctoral researcher at Tsinghua University and Ant Group. I received my Ph.D. degree from the Institute for Network Sciences and Cyberspace at Tsinghua University in June 2025, under the supervision of Professor Qi Li. I was also fortunate to receive guidance from Professor Jianping Wu, Professor Ke Xu, and Professor Mingwei Xu.
My research primarily focuses on LLM and Agent security, including security attacks and defenses throughout the full lifecycle of agents, as well as traffic fingerprinting in LLM Agent scenarios. I have published 20+ papers in leading conferences and journals, including IEEE S&P, ACM CCS, NDSS, USENIX Security, KDD, WWW, IEEE INFOCOM, IEEE TIFS, and IEEE/ACM ToN.
I serve as a Program Committee (PC) member for top conferences including USENIX Security and WWW, and as a reviewer for leading journals including IEEE TIFS and IEEE TDSC. I have received several awards and honors, including the First Prize of the Science and Technology Progress Award from the Chinese Institute of Electronics, the Outstanding Doctoral Dissertation Award of Tsinghua University, and the Innovative Technology Award at the 2026 World Intelligence Expo.
Recruitment and Collaboration. Our team is currently recruiting research interns in agent security. We also welcome discussions on potential research collaborations. Email: xinhaodeng.thu@gmail.com.
Selected Publications
View All →* Equal contribution ✉ Corresponding author
[11]Benchmarking Autonomous Agents against Temporal, Spatial, and Semantic Evasions
Jianan Ma, Xiaohu Du, Ruixiao Lin, Yaoxiang Bian, Jialuo Chen, Jingyi Wang, Xiaofang Yang, Shiwen Cui, Changhua Meng, Xinhao Deng✉, Zhen Wang✉
arXiv 2026
[10]Taming OpenClaw: Security Analysis and Mitigation of Autonomous LLM Agent Threats
Xinhao Deng, Yixiang Zhang, Jiaqing Wu, Jiaqi Bai, Sibo Yi, Zhuoheng Zou, Yue Xiao, Rennai Qiu, Jianan Ma, Jialuo Chen, Xiaohu Du, Xiaofang Yang, Shiwen Cui, Changhua Meng, Weiqiang Wang, Jiaxing Song, Ke Xu, Qi Li
arXiv 2026
[9]Automating Agent Hijacking via Structural Template Injection
Xinhao Deng*, Jiaqing Wu*, Miao Chen, Yue Xiao, Ke Xu, Qi Li
arXiv 2026
[8]From Length to Content: Token-Length Side-Channel Attacks on Merged LLM API Outputs
Sijia Li, Tianyu Cui, Miao Chen, Xinjie Lin, Zheyuan Gu, Xinhao Deng, Ke Xu, Qi Li
USENIX Security Symposium, 2026
[7]Towards Practical Few-shot Multi-tab Website Fingerprinting
Lin Liu, Ziling Wei, Zhuotao Liu, Xinhao Deng, Zixuan Dong, Shuhui Chen
USENIX Security Symposium, 2026
[6]Enhancing Website Fingerprinting Attacks against Traffic Drift
Xinhao Deng, Yixiang Zhang, Qi Li, Zhuotao Liu, Yabo Wang, Ke Xu
Network and Distributed System Security Symposium (NDSS), 2026
[5]Training Robust Classifiers for Classifying Encrypted Traffic under Dynamic Network Conditions
Yuqi Qing, Qilei Yin, Xinhao Deng, Xiaoli Zhang, Peiyang Li, Zhuotao Liu, Kun Sun, Ke Xu, Qi Li
ACM Conference on Computer and Communications Security (CCS), 2025
[4]Robust and Reliable Early-Stage Website Fingerprinting Attacks via Spatial-Temporal Distribution Analysis
Xinhao Deng, Qi Li, Ke Xu
ACM Conference on Computer and Communications Security (CCS), 2024
[3]Towards Fine-Grained Webpage Fingerprinting at Scale
Xiyuan Zhao*, Xinhao Deng*, Qi Li, Yunpeng Liu, Zhuotao Liu, Kun Sun, Ke Xu
ACM Conference on Computer and Communications Security (CCS), 2024
[2]Low-Quality Training Data Only? A Robust Framework for Detecting Encrypted Malicious Network Traffic
Yuqi Qing, Qilei Yin, Xinhao Deng, Yihao Chen, Zhuotao Liu, Kun Sun, Ke Xu, Jia Zhang, Qi Li
Network and Distributed System Security Symposium (NDSS), 2024
[1]Robust Multi-tab Website Fingerprinting Attacks in the Wild
Xinhao Deng, Qilei Yin, Zhuotao Liu, Xiyuan Zhao, Qi Li, Mingwei Xu, Ke Xu, Jianping Wu
IEEE Symposium on Security and Privacy (S&P), 2023