Biography

Understanding security across global IoT supply chains and their real-world impact.

I study how security breaks across the global IoT supply chain from white-label manufacturing to cross-border marketplaces that distribute insecure devices at scale. My work focuses on safeguarding vulnerable user groups, including households and children, whose devices often inherit systemic weaknesses from opaque upstream vendors. I combine Internet-wide measurements, device and firmware reverse engineering, and machine learning鈥揵ased analysis to uncover structural risks and translate empirical findings into actionable defenses.

Research Interests

  • Network Security
  • Machine Learning
  • Internet of Things
  • Supply Chain
  • Vulnerable Group Security
  • Enterprise Security

Education

  • Ph.D. IoT and Supply Chain Hasso Plattner Institue 路 In Pursuit
  • M.Sc. Networking San Jose State University 路 2020
  • B.Sc. Computer and Electrical Engineering Purdue University 路 2018

Recent Publications

Exploreing IoT vulnerability through supply chain investigation.

Hand-curated highlights; browse the full list on Google Scholar or via DOI links.

See all records

Beyond the Device: A Security Analysis of White-Label Children鈥檚 Smartwatches and Their Ecosystem

AsiaCCS 2026 路 Vulnerable Group Security, IoT Security, Supply Chain

White-label children鈥檚 smartwatches are built in supply chains by thin margins and weak oversight, creating systemic security gaps for vulnerable children. This paper presents the first comprehensive analysis exposing new critical vulnerabilities across firmware, apps, cloud backends, and the supply chain itself.

Huancheng Hu, Christian Doerr

LotBoNC: Novel Botnet Traffic Classification under Long-tailed Distributions

AsiaCCS 2026 路 Network Security, IoT Security, Machine Learning

In operational networks, botnet traffic is long-tailed, dominated by common classes, and constantly enriched by rare, unseen variants. To address this, we propose LotBoNC, a unified framework tailored for long-tailed, open-world encrypted traffic.

Huancheng Hu, Ziyun Li, Christian Doerr

BoNC: Discovering and Classifying Novel Encrypted Botnet Traffic

Open Journal of Communication Societies (OJCOMS) 路 Network Security, IoT Security, Machine Learning

This paper presents BoNC, a unified framework that accurately detects and classifies both known and previously unseen encrypted botnet traffic in open-world environments.

Huancheng Hu, Ziyun Li, Christian Doerr

DOI: 10.1109/OJCOMS.2025.3638985

Opening a Can of Worms: A Comprehensive View into the Android Debug Bridge Malware

TrustCom 2025 路 IoT Security

We present the first comprehensive study of ADB-targeting worms, analyzing over seven years of real-world data encompassing 1.7 million infected IPs and more than 6 billion compromise attempts.

Huancheng Hu, Christian Doerr

SIP Bruteforcing in the Wild: Adversaries, Techniques, and Tools

IFIP Networking 2023 路 Network Security

Provides the first Internet-scale study of SIP brute-force toolchains, covering attacker personas, automation tactics, and countermeasures.

Harm Griffieon, Huancheng Hu, Christian Doerr

Contact

Let鈥檚 collaborate on building a more reliable and trustworthy global IoT supply chain.

For collaboration opportunities, drop me a message.

  • huancheng.hu@hpi.de

    • Search Publications

    Start typing to filter publications. Press Escape or click 脳 to close.