Projects

Rudra is a static analyzer to detect common undefined behaviors in Rust programs. This project received the distinguished artifact award in SOSP.

An Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems

A hybrid fuzzer based on concolic execution. This project is famous with its practicality, also it got best-paper award from USENIX Security.

A toolchain for automatically detecting, reporting, and diagnosing performance bugs in DBMSs.

Fuzzing JavaScript Engines with Aspect-preserving Mutation

A project removing privacy information from crash reports while preserving the correctness of report.

a state-of-the-art file system fuzzer on Linux

Dataflow integrity based defense against kernel memory corruption attacks.

Sanitizing API Usages through Semantic Cross-Checking

Automatic Techniques to Systematically Discover New Heap Exploitation Primitives

Filesystem Multicore Scalability Benchmark

A project for developing scalable and practical locking algorithms for high-performance multicore system.

Multicore Scalability Application Benchmark

A new mitigation technique that helps developers protect the released binary from fuzzing

A cloud-based system that enables attacks and defenses for machine learning (ML) models

Modified Nexus 9 kernel for Kenali Project

Building software abstraction for Intel MPK hardware feature.

Synced with SGX101 gitbook.

A project improving fuzzing performance by adding new design primitive to operating system.

A place to start designing application with Intel SGX in mind.

Enlightened Critical Sections

Lazy Translation Coherence - ASPLOS'18

This project introduces double-fetch bugs in kernel with formal definition and proposes an automatic detection method based on static analysis.

Designing scalable ordering primitive for multicore machines with invariant hardware clocks.

This is a rowhammer-based SGX attack project alarming its serious impact to cloud providers.

Crawler for GooglePlay

The branch shadowing attack: Proof of concept

Hardware-assisted Data-flow Isolation

An open platform for Intel SGX

A project detecting malicious PDF documents by analyzing execution traces.

N-version-based software diversification project with novel strategies such as sanitizer distribution.

The DrK Attack - Proof of concept

SGX Tutorial at CCS17: SGX Security and Privacy

This project builds a new graph processing engine with various optimizations, capable of processing a trillion-edge graph on a single machine.

Enabling Address Space Layout Randomization (ASLR) for SGX Programs

A tool for leaking and bypassing Android malware detection system

Compiler-based tool that protects Intel SGX applications against controlled-channel attacks

This project implements scalable NUMA-aware locks by newly adding synchronization primitives to mutex and semaphore in the Linux kernel.

Proactive Kernel Memory Initialization to Eliminate Data Leakages

A performance-oriented re-design of FakeRoot project - a tool that offers applications the illusion of root privileges - for multicore architectures

Preventing code-reuse attacks by stopping code pointer leakages

Cross-checking Semantic Correctness for File Systems

Private Browsing without Tears

This is a Facebook-Internet-Defense-Prize winning project that automatically discovers type casting bugs in C++.

Prototype for seamlessly updating Linux kernel with application checkpoint-and-restart