Publications
2026
- [ASPLOS'26] DejaVuzz: Disclosing Transient Execution Bugs with Dynamic Swappable Memory and Differential Information Flow Tracking assisted Processor Fuzzing
Jinyan Xu, Yangye Zhou, Xingzhi Zhang, Yinshuai Li, Qinhan Tan, Yinqian Zhang, Yajin Zhou, Rui Chang, Wenbo Shen
ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Pittsburgh, U.S.A., Mar. 22-26, 2026.
2025
- [CCS'25] An Empirical Study Measuring In-The-Wild Cryptographic Microarchitectural Side-Channel Patches
Sen Deng, Zhibo Liu, Shuai Wang, Yinqian Zhang
ACM Conference on Computer and Communications Security, Taipei, Taiwan, China, Oct. 13-17, 2025.
- [CCS'25] GhostCache: Timer-Free and Counter-Free RISC-Based Instruction Cache Attacks
Yu Jin, Minghong Sun, Dongsheng Wang, Pengfei Qiu, Yinqian Zhang, Shuwen Deng
ACM Conference on Computer and Communications Security, Taipei, Taiwan, China, Oct. 13-17, 2025.
- [Security'25] EKC: A Portable and Extensible Kernel Compartment for De-Privileging Commodity OS
Jiaqin Yan, Qiujiang Chen, Shuai Zhou, Yuke Peng, Guoxing Chen, Yinqian Zhang
USENIX Security Symposium, Seattle, WA, U.S.A., Aug. 13-15, 2025.
- [Security'25] Shadows in Cipher Spaces: Exploiting Tweak Repetition in Hardware Memory Encryption
Wei Peng, Yinshuai Li, Yinqian Zhang
USENIX Security Symposium, Seattle, WA, U.S.A., Aug. 13-15, 2025.
- [Security'25] Automated Soundness and Completeness Vetting of Polygon zkEVM
Xinghao Peng, Zhiyuan Sun, Kunsong Zhao, Zuchao Ma, Zihao Li, Jinan Jiang, Xiapu Luo, Yinqian Zhang
USENIX Security Symposium, Seattle, WA, U.S.A., Aug. 13-15, 2025.
- [ATC'25] ASTERINAS: A Linux ABI-Compatible, Rust-Based Framekernel OS with a Small and Sound TCB
Yuke Peng, Hongliang Tian, Junyang Zhang, Ruihan Li, Chengjun Chen, Jianfeng Jiang, Jinyi Xian, Xiaolin Wang, Chenren Xu, Diyu Zhou,Yingwei Luo, Shoumeng Yan, Yinqian Zhang
USENIX Annual Technical Conference, Boston, MA, U.S.A., Jul. 7-9, 2025.
- [DSN'25] MicroSampler: A Framework for Microarchitecture-Level Leakage Detection in Constant Time Execution
Moein Ghaniyoun, Kristin Barber, Yinqian Zhang, Radu Teodorescu
IEEE/IFIP International Conference on Dependable Systems and Networks, Naples, Italy, June 23-26, 2025.
- [DAC'25] Zion: A Practical Confidential Virtual Machine Architecture on Commodity RISC-V Processors
Jie Wang, Juan Wang, Yinqian Zhang
Design Automation Conference, San Francisco, CA, U.S.A., Jun. 23-25, 2025.
- [DAC'25] ZenLeak: Practical Last-Level Cache Side-Channel Attacks on AMD Zen Processors
Han Wang, Ming Tang, Quancheng Wang, Ke Xu, Yinqian Zhang
ACM International Conference on the Foundations of Software Engineering, San Francisco, CA, U.S.A., Jun. 23-25, 2025.
- [FSE'25] Detecting Smart Contract State-Inconsistency Bugs via Flow Divergence and Multiplex Symbolic Execution
Yinxi Liu, Wei Meng, Yinqian Zhang
ACM International Conference on the Foundations of Software Engineering, Trondheim, Norway, Jun. 23-27, 2025.
- [ICDE'25] Orthrus: Accelerating Multi-BFT Consensus through Concurrent Partial Ordering of Transactions
Hanzheng Lyu, Shaokang Xie, Jianyu Niu, Ivan Beschastnikh, Yinqian Zhang, Mohammad Sadoghi, Chen Feng
IEEE International Conference on Data Engineering, Hong Kong, China, May 19-23, 2025.
- [S&P'25] CipherSteal: Stealing Input Data from TEE-Shielded Neural Networks with Ciphertext Side Channels
Yuanyuan Yuan, Zhibo Liu, Sen Deng, Shuai Wang, Yinqian Zhang, Zhendong Su
IEEE Symposium on Security and Privacy, San Francisco, CA, May. 12-14, 2025.
Distinguished Paper Award
[Pdf] | [Bib]
- [NDSS'25] I Know What You Asked: Prompt Leakage via KV-Cache Sharing in Multi-Tenant LLM Serving
Guanlong Wu, Zheng Zhang, Jianyu Niu, Weili Wang, Yao Zhang, Ye Wu, Yinqian Zhang
Network and Distributed System Security Symposium, San Diego, CA,U.S.A., Feb. 24-28, 2025.
[Pdf] | [Bib]
- [NDSS'25] WAVEN: WebAssembly Memory Virtualization for Enclaves
Weili Wang, Honghan Ji, Peixuan He, Yao Zhang, Ye Wu, Yinqian Zhang
Network and Distributed System Security Symposium, San Diego, CA,U.S.A., Feb. 24-28, 2025.
[Pdf] | [Bib]
- [EuroSys'25] Achilles: Efficient TEE-Assisted BFT Consensus via Rollback Resilient Recovery
Jianyu Niu, Guanlong Wu, Shengqi Liu, Xiaoqing Wen, Jiangshan Yu, Yinqian Zhang
European Conference on Computer Systems, Rotterdam, The Netherlands, Mar. 30 - Apr. 3, 2025.
- [EuroSys'25] Ladon: High-Performance Multi-BFT Consensus via Dynamic Global Ordering
Hanzheng Lyu, Shaokang Xie, Jianyu Niu, Chen Feng, Yinqian Zhang, Ivan Beschastnikh
European Conference on Computer Systems, Rotterdam, The Netherlands, Mar. 30 - Apr. 3, 2025.
[Pdf]
- [TDSC] CAPE: Commitment-based Privacy-Preserving Payment Channel Scheme in Blockchain
Keke Gai, Yunwei Guo, Jing Yu, Weilin Chan, Liehuang Zhu, Yinqian Zhang
IEEE Transactions on Dependable and Secure Computing, Early Access.
[Link] | [Bib]
- [TDSC] Chained HotStuff Under Performance Attack
Jianyu Niu, Minjie Wang, Fangyu Gai, Mohammad M. Jalalzai, Chen Feng, Yinqian Zhang
IEEE Transactions on Dependable and Secure Computing, Early Access.
[Link] | [Bib]
2024
- [ACSAC'24] Breaking the Privacy Barrier: On the Feasibility of Reorganization Attacks on Ethereum Private Transactions
Mengya Zhang, Xingyu Lyu, Jianyu Niu, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin
Annual Computer Security Applications Conference, Hawaii,U.S.A., Dec. 8-12, 2024.
[Pdf] | [Bib]
- [CCS'24] DoubleUp Roll: Double-spending in Arbitrum by Rolling It Back
Zhiyuan Sun, Zihao Li, Xinghao Peng, Xiapu Luo, Muhui Jiang, Hao Zhou, Yinqian Zhang
ACM Conference on Computer and Communications Security, Salt Lake City, U.S.A., Oct. 14-18, 2024.
Distinguished Paper Award
[Pdf] | [Bib]
- [CCS'24] HyperTheft: Thieving Model Weights from TEE-Shielded Neural Networks via Ciphertext Side Channels
Yuanyuan Yuan, Zhibo Liu, Sen Deng, Yanzuo Chen, Shuai Wang, Yinqian Zhang, Zhendong Su
ACM Conference on Computer and Communications Security, Salt Lake City, U.S.A., Oct. 14-18, 2024.
[Pdf] | [Bib]
- [APSys'24] Framekernel: A Safe and Efficient Kernel Architecture via
Rust-based Intra-kernel Privilege Separation
Yuke Peng, Hongliang Tian, Jinyi Xian, Shuai Zhou, Shoumeng Yan, Yinqian Zhang
ACM Asia-Pacific Workshop on Systems, Kyoto, Japan, Sep. 4-5, 2024.
[Pdf] | [Bib]
- [RAID'24] Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems
Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin
27th International Symposium on Research in Attacks, Intrusions and Defenses , Padua, Italy, Sep. 30-Oct. 2, 2024.
[Pdf] | [Bib]
- [ESORICS'24] SAEG: Stateful Automatic Exploit Generation
Yifan Wu, Yinshuai Li, Hong Zhu, Yinqian Zhang
29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, Sep. 16-20, 2024.
[Pdf] | [Bib]
- [ESORICS'24] ReminISCence: Trusted Monitoring Against Privileged Preemption Side-channel Attacks
Weijie Chen, Yu Zhao, Yinqian Zhang, Weizhong Qiang, Deqing Zou, Hai Jin
29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, Sep. 16-20, 2024.
[Pdf] | [Bib]
- [Security'24] π-Jack: Physical-World Adversarial Attack on Monocular Depth Estimation with Perspective Hijacking
Tianyue Zheng, Jingzhi Hu, Rui Tan, Yinqian Zhang, Ying He, Jun Luo
USENIX Security Symposium, Philadelphia, PA, USA, Aug. 14-16, 2024.
[Pdf] | [Bib]
- [Security'24] HIVE: A Hardware-assisted Isolated Execution Environment for eBPF on AArch64
Peihua Zhang, Chenggang Wu, Xiangyu Meng, Yinqian Zhang, Mingfan Peng, Shiyang Zhang, Bing Hu, Mengyao Xie, Yuanming Lai, Yan Kang, Zhe Wang
USENIX Security Symposium, Philadelphia, PA, USA, Aug. 14-16, 2024.
[Pdf] | [Bib]
- [FORTE'24] Formally Verifying a Rollback-Prevention Protocol for TEEs
Weili Wang, Jianyu Niu, Michael Reiter,Yinqian Zhang
44th International Conference on Formal Techniques for Distributed Objects, Components, and Systems, Groningen, The Netherlands, Jun. 17-21, 2024.
[Pdf] | [Bib]
- [ICMC'24] SoK: AI-Powered Security Analysis of Smart Contract
Shuo Yang, Jianyu Niu, Yinqian Zhang
IEEE International Conference on Meta Computing, Qingdao, China, Jun. 20-23, 2024.
[Pdf] | [Bib]
- [AsiaCCS'24] SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments
Mengyuan Li, Yuheng Yang, Guoxing Chen, Mengjia Yan, Yinqian Zhang
ACM ASIA Conference on Computer and Communications Security, Singapore, Jul. 1-5, 2024.
[Pdf] | [Bib]
- [SEED'24] SoK: Opportunities for Accelerating Multi-Party Computation via Trusted Hardware
Tong Liu, Zhen Huang, Jiaao Li, Jianyu Niu, Guoxing Chen, Yinqian Zhang
International Symposium on Secure and Private Execution Environment Design, Orlando, Florida, USA, May. 16-17, 2024.
[Pdf] | [Bib]
- [HPCA'24] Uncovering and Exploiting AMD Speculative Memory Access Predictors for Fun and Profit
Chang Liu, Dongsheng Wang, Yongqiang Lyu, Pengfei Qiu, Yu Jin, Zhuoyuan Lu, Yinqian Zhang, Gang Qu
IEEE International Symposium on High-Performance Computer Architecture, Edinburgh, Scotland, UK, Mar. 2-6, 2024.
[Pdf] | [Bib]
- [TDSC] Ensuring State Continuity for Confidential Computing: A Blockchain-based Approach
Wei Peng, Xiang Li, Jianyu Niu, Xiaokuan Zhang, Yinqian Zhang
Transactions on Dependable and Secure Computing, Publication Mar. 26 2024, Volume 26, Issue 6.
[Link] | [Bib]
2023
- [CCS'23] PANIC: PAN-assisted Intra-process Memory Isolation on ARM
Jiali Xu, Mengyao Xie, Chenggang Wu, Yinqian Zhang, Qijing Li, Xuan Huang, Yuanming Lai, Yan Kang, Wei Wang, Qiang Wei, Zhe Wang
ACM Conference on Computer and Communications Security, Copenhagen, Denmark, Nov. 26-30, 2023.
Distinguished Paper Award
[Pdf] | [bib]
- [Security'23] Reusable Enclaves for Confidential Serverless Computing
Shixuan Zhao, Pinshen Xu, Guoxing Chen, Mengya Zhang, Yinqian Zhang, Zhiqiang Lin
USENIX Security Symposium, Anaheim, CA, USA, Aug. 9–11, 2023.
[Pdf] | [bib]
- [Security'23] Panda: Security Analysis of Algorand Smart Contracts
Zhiyuan Sun, Xiapu Luo, Yinqian Zhang
USENIX Security Symposium, Anaheim, CA, USA, Aug. 9–11, 2023.
[Pdf] | [bib]
- [Security'23] Controlled Data Races in Enclaves: Attacks and Detection
Sanchuan Chen, Zhiqiang Lin, Yinqian Zhang
USENIX Security Symposium, Anaheim, CA, USA, Aug. 9–11, 2023.
[Pdf] | [bib]
- [Security'23] CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations
Sen Deng, Mengyuan Li, Yining Tang, Shuai Wang, Shoumeng Yan, Yinqian Zhang
USENIX Security Symposium, Anaheim, CA, USA, Aug. 9–11, 2023.
[Pdf] | [bib]
- [ISCA'23] TEESec: Pre-Silicon Vulnerability Discovery for Trusted Execution Environments
Moein Ghaniyoun, Kristin Barber, Yuan Xiao, Yinqian Zhang, Radu Teodorescu
International Symposium on Computer Architecture, Orlando, FL, USA, Jun. 17–21, 2023.
[Pdf] | [bib]
- [DIMVA'23] PWRLEAK: Exploiting Power Reporting Interface for Side-channel Attacks on AMD SEV
Wubing Wang, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Hamburg, Germany, Jul. 12-14, 2023.
[Pdf] | [bib]
- [TCAD] SPECWANDS: An Efficient Priority-based Scheduler Against Speculation Contention Attacks
Bowen Tang, Chenggang Wu, Pen-Chung Yew, Yinqian Zhang, Mengyao Xie, Yuanming Lai, Yan Kang, Wei Wang, Qiang Wei, Zhe Wang
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems , Publication Jun. 8, 2023, Volume 42, Issue 12.
[Link] | [Bib]
- [TDSC] VERITRAIN: Validating MLaaS Training Efforts via Anomaly Detection
Xiaokuan Zhang, Yang Zhang, Yinqian Zhang
Transactions on Dependable and Secure Computing, Publication Apr. 12, 2023, Volume 21, Issue 3.
[Link] | [Bib]
- [TCC] SvTPM: SGX-based Virtual Trusted Platform Modules for Cloud Computing
Juan Wang, Jie Wang, Chengyang Fan, Yueqiang Cheng, Yinqian Zhang, Wenhui Zhang, Mengda Yang, Hongxin Hu
Transactions on Cloud Computing, Publication Feb. 10, 2023, Volume 11, Issue 3.
[Link] | [Bib]
2022
- [CCS'22] Narrator: Secure and Practical State Continuity for Trusted Execution in the Cloud
Jianyu Niu, Wei Peng, Xiaokuan Zhang, Yinqian Zhang
ACM Conference on Computer and Communications Security, Los Angeles, USA, Nov. 7-11, 2022.
[Pdf] | [Bib]
- [CCS'22] ENGRAFT: Enclave-guarded Raft on Byzantine Faulty Nodes
Weili Wang, Sen Deng, Jianyu Niu, Michael K. Reiter, Yinqian Zhang
ACM Conference on Computer and Communications Security, Los Angeles, USA, Nov. 7-11, 2022.
[Pdf] | [Bib]
- [CCS'22] CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation
Mengyao Xie, Chenggang Wu, Zhe Wang, Yinqian Zhang, Jiali Xu, Yuanming Lai, Yan Kang, Wei Wang
ACM Conference on Computer and Communications Security, Los Angeles, USA, Nov. 7-11, 2022.
Best Paper Award Honorable Mention
[Pdf] | [Bib]
- [S&P'22] A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP
Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu and Yinqian Zhang
IEEE Symposium on Security and Privacy, San California, USA, May. 23-25, 2022.
Top 10 Finalists of CSAW Best Applied Research Paper Award
[Pdf] | [Bib]
- [S&P'22] vSGX: Virtualizing SGX Enclaves on AMD SEV
Shixuan Zhao, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
IEEE Symposium on Security and Privacy, Virtual, May. 23-25, 2022.
[Pdf] | [Bib] | [Source Code]
- [NDSS'22] Multi-Certificate Attacks against Proof-of-Elapsed-Time And Their Countermeasures
Huibo Wang, Guoxing Chen, Yinqian Zhang, Zhiqiang Lin
Network and Distributed System Security Symposium, Virtual and Inperson, San Diego, California, USA, Apr. 24-28, 2022.
[Pdf]
- [Security'22] MAGE: Mutual Attestation for a Group of Enclaves without Trusted Third Parties
Guoxing Chen, Yinqian Zhang
USENIX Security Symposium, BOSTON, MA, USA, Aug. 10-12, 2022.
[Pdf] | [Source Code]
- [SEED'22] ENCLYZER: Automated Analysis of Transient Data Leaks on Intel SGX
Jiuqin Zhou, Yuan Xiao, Radu Teodorescu, Yinqian Zhang
IEEE International Symposium on Secure and Private Execution Environment Design, Virtual, Sep. 26-27, 2022.
[Pdf] | [Bib]
- [book] Cloud Computing Security: Foundations and Research Directions
Anrin Chakraborti, Reza Curtmola, Jonathan Katz, Jason Nieh, Ahmad-Reza Sadeghi, Radu Sion and Yinqian Zhang
Foundations and Trends® in Privacy and Security: Vol. 3: No. 2, 2022.
[Link]|[Bib]
- [CC'22] Cape: Compiler-Aided Program Transformation for HTM-Based Cache Side-Channel Defense
Rui Zhang, Michael D. Bond, Yinqian Zhang
ACM International Conference on Compiler Construction, Seoul South Korea, Apr. 2-3, 2022.
[Pdf] | [Bib]
- [CAL] A Pre-Silicon Approach to Discovering Microarchitectural Vulnerabilities in Security Critical Applications
Kristin Barber, Moein Ghaniyoun, Yinqian Zhang, Radu Teodorescu
IEEE Computer Architecture Letters, Publication Feb. 14, 2022, Volume 21, Issue 1.
Best of CAL Award
[Link] | [Bib]
- [TDSC] Crystal: Enhancing Blockchain Mining Transparency with Quorum Certificate
Jianyu Niu, Fangyu Gai, Runchao Han, Ren Zhang, Yinqian Zhang, Chen Feng
Transactions on Dependable and Secure Computing, Publication Oct. 25, 2022, Volume 20, Issue 5.
[Link] | [Bib]
- [TDSC] Securing TEEs with Verifiable Execution Contracts
Guoxing Chen, Yinqian Zhang
Transactions on Dependable and Secure Computing, Publication Jul. 29, 2022, Volume 20, Issue 4.
[Link] | [Bib]
- [TDSC] Dancing with Wolves: An Intra-process Isolation Technique with Privileged Hardware
Chenggang Wu, Mengyao Xie, Zhe Wang, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, Min Yang, Tao Li
Transactions on Dependable and Secure Computing, Publication Apr. 19, 2022, Volume 20, Issue 3.
[Link] | [Bib]
- [TDSC] SPECBOX: A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks
Bowen Tang, Chenggang Wu, Zhe Wang, Lichen Jia, Pen-Chung Yew, Yueqiang Cheng, Yinqian Zhang, Chenxi Wang, Guoqing Harry Xu
Transactions on Dependable and Secure Computing, Publication Jan. 21, 2022, Volume 20, Issue 1.
[Link] | [Bib]
- [IJIS] Defeating Traffic Analysis via Differential Privacy: A Case Study on Streaming Traffic
Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, Yinqian Zhang
International Journal of Information Security, Publication Jan. 30, 2022, Volume 21.
[Link] | [Pdf] | [Bib]
2021
- [ACSAC'21] TLB Poisoning Attacks on AMD Secure Encrypted Virtualization
Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, Yueqiang Cheng
Annual Computer Security Applications Conference, Virtual, Dec. 6-10, 2021.
[Pdf] | [Bib]
- [Security'21] Towards Formal Verification of State Continuity for Enclave Programs
Mohit Kumar Jangid, Guoxing Chen, Yinqian Zhang, Zhiqiang Lin
USENIX Security Symposium, Virtual, Aug. 11-13, 2021.
[Pdf] | [Slides]
- [Security'21] CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel
Mengyuan Li Yinqian Zhang, Huibo Wang, Kang Li, Yueqiang Cheng
USENIX Security Symposium, Virtual, Aug. 11-13, 2021.
[Pdf] | [Bib] | [Project Homepage]
- [Security'21] SelectiveTaint: Efficient Data Flow Tracking With Static Binary Rewriting
Sanchuan Chen, Zhiqiang Lin, Yinqian Zhang
USENIX Security Symposium, Virtual, Aug. 11-13, 2021.
[Pdf] | [Slides] | [Source Code]
- [ISCA'21] INTROSPECTRE: A Pre-Silicon Framework for Discovery and Analysis of Transient ExecutionVulnerabilities
Moein Ghaniyoun, Kristin Barber, Yinqian Zhang, Radu Teodorescu
International Symposium on Computer Architecture, Virtual, Jun. 14-19, 2021.
[Pdf] | [Bib]
- [CCS'21] CROSSLINE: Breaking "Security-by-Crash" based Memory Isolation in AMD SEV
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
ACM Conference on Computer and Communications Security, Virtual, Nov. 15-19, 2021.
Best Paper Award Runner-up
[Pdf] | [Bib]
- [DIMVA'21] SPECULARIZER: Detecting Speculative Execution Attacks via Performance Tracing
Wubing Wang, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, Zhiqiang Lin
Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Virtual, Jul. 14-16, 2021.
[Pdf] | [Bib]
- [AsiaCCS'21] See through Walls: Detecting Malware in SGX Enclaves with SGX-Bouncer
Zeyu Zhang, Xiaoli Zhang, Qi Li, Kun Sun, Yinqian Zhang, SongSong Liu, Yukun Liu, Xiaoning Li
ACM ASIA Conference on Information, Computer and Communications Security, Virtual, Jun. 7-11, 2021.
[Pdf] | [Bib]
- [TDSC] Making Information Hiding Effective Again
Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, Zhiping Shi
Transactions on Dependable and Secure Computing, Publication Mar. 5, 2021, Volume 19, Issue 4.
[Link]|[Bib]
- [CSUR] A Survey of Microarchitectural Side-channel Vulnerabilities, Attacks and Defenses in Cryptography
Xiaoxuan Lou, Tianwei Zhang, Jun Jiang, Yinqian Zhang
ACM Computer Surveys, Publication Jul. 13, Volume 54, Issue 6.
[Pdf] | [Bib]
2020
- [CCS'20] FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware
Haohuang Wen, Zhiqiang Lin, Yinqian Zhang
ACM Conference on Computer and Communications Security, Virtual, Nov. 9-13, 2020.
[Pdf] | [Bib]
- [Security'20] TXSPECTOR: Uncovering Attacks in Ethereum from Transactions
Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin
USENIX Security Symposium, Virtual, Aug. 12-14, 2020.
[Pdf] | [Bib]
- [S&P'20] SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation
Zhe Wang, Chenggang Wu, Mengyao Xie, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yang Kang, Min Yang
IEEE Symposium on Security and Privacy, Virtual, May. 18-20, 2020.
[Pdf] | [Bib]
- [NDSS'20] SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities
Yuan Xiao, Yinqian Zhang, Mircea-Radu Teodorescu
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 23-26, 2020.
[Pdf] | [Bib]
2019
- [DSC'19] Defeating Speculative-Execution Attacks on SGX with HyperRace
Guoxing Chen, Mengyuan Li, Fengwei Zhang, Yinqian Zhang
IEEE Conference on Dependable and Secure Computing, Hangzhou, China, Nov. 18-20, 2019.
[Pdf] | [Bib]
- [CCS'19] OPERA: Open Remote Attestation for Intel’s Secure Enclaves
Guoxing Chen, Yinqian Zhang, Ten-Hwang Lai
ACM Conference on Computer and Communications Security, London, UK, Nov. 11-15, 2019.
[Pdf] | [Bib]
- [CCS'19] Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile Apps
Chaoshun Zuo, Haohuang Wen, Zhiqiang Lin, Yinqian Zhang
ACM Conference on Computer and Communications Security, London, UK, Nov. 11-15, 2019.
[Pdf] | [Bib]
- [PACT'19] SpecShield: Shielding Speculative Data from Microarchitectural Covert Channels
Kristin Barber, Anys Bacha, Li Zhou, Yinqian Zhang, Radu Teodorescu
International Conference on Parallel Architectures and Compilation Techniques, Seattle, WA, USA, Sep. 23-26, 2019.
[Pdf] | [Bib]
- [RAID'19] Time and Order: Towards Automatically Identifying Side-Channel Vulnerabilities in Enclave Binaries
Wubing Wang, Yinqian Zhang, Zhiqiang Lin
International Symposium on Research in Attacks, Intrusions and Defenses, Beijing, China, Sep. 23-25, 2019.
[Pdf] | [Bib]
- [Security'19] Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, Yan Solihin
USENIX Security Symposium, Santa Clara, CA, Aug. 14-16, 2019.
[Pdf] | [Bib] | [Presentation]
- [Security'19] SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization
Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi
USENIX Security Symposium, Santa Clara, CA, Aug. 14-16, 2019.
[Pdf] | [Bib] | [Slides]
- [CAL] Isolating Speculative Data to Prevent Transient Execution Attacks
Kristin Barber, Anys Bacha, Li Zhou, Yinqian Zhang, Radu Teodorescu
IEEE Computer Architecture Letters (CAL), Publication May. 14, 2019, Volume 18, Issue 2.
[Pdf] | [Bib]
- [AsiaCCS'19] Running Language Interpreters Inside SGX: A Lightweight Legacy-Compatible Script Code Hardening Approach
Huibo Wang, Erick Bauman, Vishal Karande, Yueqiang Cheng, Zhiqiang Lin, Yinqian Zhang (Short Paper)
ACM ASIA Conference on Information, Computer and Communications Security, Auckland, New Zealand, Jul. 7-12, 2019.
[Pdf] | [Bib]
- [DSN'19] Your IoTs Are (Not) Mine: On the Remote Binding Between IoT Devices and Users
Jiongyi Chen, Chaoshun Zuo, Wenrui Diao, Shuaike Dong, Qingchuan Zhao, Menghan Sun, Zhiqiang Lin, Yinqian Zhang, and Kehuan Zhang
IEEE/IFIP International Conference on Dependable Systems and Networks, Portland, Oregon, USA, Jun. 24-27, 2019
[Pdf] | [Bib]
- [EuroS&P'19] SGXPECTRE: Stealing Intel Secrets from SGX Enclaves via Speculative Execution
Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, Ten H. Lai
IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden, Jun. 17-19, 2019.
[Pdf] | [Bib] | [Project Homepage]
- [NDSS'19] Statistical Privacy for Streaming Traffic
Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, Yinqian Zhang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 24-27, 2019.
[Pdf] | [Bib]
- [NDSS'19] OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX
Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 24-27, 2019.
[Pdf] | [Bib]
- [S&P'19] Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps
Chaoshun Zuo, Zhiqiang Lin, and Yinqian Zhang.
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 20-22, 2019.
[Pdf] | [Bib] | [Slides]
2018
- [ACSAC'18] Analyzing Cache Side Channels Using Deep Neural Networks
Tianwei Zhang, Yinqian Zhang, Ruby Lee
Annual Computer Security Applications Conference, San Juan, Puerto Rico, USA, Dec. 3-7, 2018
[Pdf] | [Bib]
- [ACSAC'18] A Measurement Study of Authentication Rate-Limiting Mechanisms of Modern Websites
Bo Lu*, Xiaokuan Zhang*, Ziman Ling, Yinqian Zhang, Zhiqiang Lin
Annual Computer Security Applications Conference, San Juan, Puerto Rico, USA, Dec. 3-7, 2018 (*co-first authors)
[Pdf] | [Bib]
- [ICCD'18] NVCool: When Non-Volatile Caches Meet Cold Boot Attacks
Xiang Pan, Anys Bacha, Spencer Rudolph, Li Zhou, Yinqian Zhang and Radu Teodorescu
IEEE International Conference on Computer Design, Orlando, Florida, USA, Oct. 7-10, 2018.
[Pdf] | [Bib]
- [CCS'18] HoMonit: Monitoring Smart Home Apps from Encrypted Traffic
Wei Zhang, Yan Meng, Yugeng Liu, Xiaokuan Zhang, Yinqian Zhang, Haojin Zhu
ACM Conference on Computer and Communications Security, Toronto, Canada, Oct. 15-19, 2018.
[Pdf] | [Bib]
- [TDSC] CPU Elasticity to Mitigate Cross-VM Runtime Monitoring
Zeyu Mi, Haibo Chen, Yinqian Zhang, Shuanghe Peng, Xiaofeng Wang, and Michael Reiter
Transactions on Dependable and Secure Computing, Publication Jun. 13, 2018, Volume 17, Issue 5.
[Pdf] | [Bib]
- [ATC'18] Peeking Behind the Curtains of Serverless Platforms
Liang Wang, Mengyuan Li, Yinqian Zhang, Thomas Ristenpart, Michael Swift
Usenix Annual Technical Conference, Boston, MA, USA, Jul. 11-13, 2018.
[Pdf] | [Bib]
- [AsiaCCS'18] Leveraging Hardware Transactional Memory for Cache Side-Channel Defenses
Sanchuan Chen, Fangfei Liu, Zeyu Mi, Yinqian Zhang, Ruby B. Lee, Haibo Chen, XiaoFeng Wang (Short Paper)
ACM ASIA Conference on Information, Computer and Communications Security, Songdo, Incheon, Korea, Jun. 4, 2018.
[Pdf]
- [S&P'18] Static Evaluation of Noninterference Using Approximate Model Counting
Ziqiao Zhou, Zhiyun Qian, Michael K. Reiter, Yinqian Zhang
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 21-23, 2018.
[Pdf] | [Bib]
- [S&P'18] Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races
Guoxing Chen*, Wenhao Wang*, Tianyu Chen, Sanchuan Chen, Yinqian Zhang, XiaoFeng Wang, Ten-Hwang Lai, Dongdai Lin
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 21-23, 2018. (* co-first authors)
[Pdf] | [Bib]
- [INFOCOM'18] Differentially Private Access Patterns for Searchable Symmetric Encryption
Guoxing Chen, Ten H. Lai, Michael Reiter, Yinqian Zhang
IEEE International Conference on Computer Communications, Honolulu, HI, USA, Apr. 15-19, 2018.
[Pdf] | [Bib]| [Source code]
- [NDSS'18] OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS
Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, Xiaofeng Wang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 18-21, 2018.
Top 10 Finalists of CSAW Best Applied Research Paper Award
[Pdf] | [Bib] | [Video]
- [NDSS'18] Face Flashing: A Secure Liveness Detection Protocol based on Light Reflections
Di Tang, Zhe Zhou, Yinqian Zhang, Kehuan Zhang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 18-21, 2018.
[Pdf] | [Bib]
2017
- [CCS'17] Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves
Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang
ACM Conference on Computer and Communications Security, Dallas, Texas, USA, Oct. 30-Nov. 3, 2017.
(The CCS version of this paper supersedes arxiv 1707.03473.)
[Pdf] | [Bib] | [Slides] | [Project Homepage]
- [CCS'17] Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter
ACM Conference on Computer and Communications Security, Dallas, Texas, USA, Oct. 30-Nov. 3, 2017.
(The CCS version of this paper supersedes arxiv 1705.07289.)
[Pdf] | [Bib]
- [PETS'17] Personalized Pseudonyms for Servers in the Cloud
Qiuyu Xiao, Michael K. Reiter, Yinqian Zhang
Privacy Enhancing Technologies Symposium, Minneapolis, Minnesota, Jul. 18-21, 2017.
[Pdf] | [Bib] | [Demo] | [Presentation]
- [AsiaCCS'17] Detecting Privileged Side-Channel Attacks in Shielded Execution with DEJA VU
Sanchuan Chen, Xiaokuan Zhang, Michael Reiter, Yinqian Zhang
ACM Asia Conference on Computer and Communications Security, Abu Dhabi, UAE, Apr. 2-6, 2017.
[Pdf] | [Bib]
- [AsiaCCS'17] DoS Attacks on Your Memory in the Cloud
Tianwei Zhang, Yinqian Zhang, Ruby B. Lee
ACM Asia Conference on Computer and Communications Security, Abu Dhabi, UAE, Apr. 2-6, 2017.
(The AsiaCCS version of this paper supersedes arxiv 1603.03404.)
[Pdf] | [Bib]
- [CODASPY'17] Transparent Backward-Edge Control Flow Violation Detection Using Intel Processor Trace
Yufei Gu, Qingchuan Zhao, Yinqian Zhang, Zhiqiang Lin
ACM Conference on Data and Applications Security and Privacy, Scottsdale, Arizona, Mar. 22-24, 2017.
[Pdf] | [Bib]
2016
- [CCS'16] Return-Oriented Flush-Reload Side Channels on ARM and Their
Implications for Android Devices
Xiaokuan Zhang, Yuan Xiao, Yinqian Zhang
ACM Conference on Computer and Communications Security, Vienna, Austria, Oct. 24-28, 2016.
[Pdf] | [Bib] | [Slides]
- [CCS'16] A Software Approach to Defeating Side Channels in Last-Level Caches
Ziqiao Zhou, Michael K. Reiter, Yinqian Zhang
ACM Conference on Computer and Communications Security, Vienna, Austria, Oct. 24-28, 2016.
(The CCS version of this paper supersedes arxiv 1603.05615.)
[Pdf] | [Bib]
- [RAID'16] CloudRadar: A Real-Time Side-Channel Attack Detection System in Clouds
Tianwei Zhang, Yinqian Zhang, Ruby Lee
International Symposium on Research in Attacks, Intrusions and Defenses, Paris, France, Sep. 19-21, 2016.
[Pdf] | [Bib]
- [Security'16] One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation
Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, Mircea-Radu Teodorescu
USENIX Security Symposium, Austin, TX, Aug. 10-12, 2016.
Top 10 Finalists of CSAW Best Applied Research Paper Award
[Pdf] | [Bib] | [Slides]
2015
- [CCS'15] Mitigating Storage Side Channels Using Statistical Privacy Mechanisms
Qiuyu Xiao, Michael K. Reiter, Yinqian Zhang
ACM Conference on Computer and Communications Security, Denver, Colorado, Oct. 12-16, 2015.
[Pdf] | [Bib]
- [Security'15] A Placement Vulnerability Study in Multi-Tenant Public Clouds
Venkatanathan Varadarajan, Yinqian Zhang, Thomas Ristenpart and Michael Swift
USENIX Security Symposium, Washington, D.C., Aug. 12-14, 2015.
[Pdf] | [Bib]
2014 and before
- [CCS'14] Cross-Tenant Side-Channel Attacks in PaaS Clouds
Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart
ACM Conference on Computer and Communications Security, Scottsdale, AZ, Nov. 3-7, 2014.
[Pdf] | [Bib]
- [CCS'13] Düppel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the Cloud
Yinqian Zhang, Michael K. Reiter
ACM Conference on Computer and Communications Security, Berlin, Germany, Nov. 4-8, 2013.
[Pdf] | [Bib]
- [CCS'12] Cross-VM Side Channels and Their Use to Extract Private Keys
Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart
ACM Conference on Computer and Communications Security, Raleigh, NC, Oct. 16-18, 2012.
ACM CCS Test-of-Time Award
[Pdf] | [Bib] | [Slides]
- [S&P'11] HomeAlone: Co-Residency Detection in the Cloud via Side-Channel Analysis
Yinqian Zhang, Ari Juels, Alina Oprea, Michael K. Reiter
IEEE Symposium on Security and Privacy, Oakland, CA, May. 22-25, 2011.
[Pdf] | [Bib]
- [CCS'10] The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis
Yinqian Zhang, Fabian Monrose, Michael K. Reiter
ACM Conference on Computer and Communications Security, Chicago, IL, Oct. 4-8, 2010.
[Pdf] | [Bib]
- [ACSAC'08] Attack Grammar: A New Approach to Modeling and Analyzing Network Attack Sequences
Yinqian Zhang, Xun Fan, Yijun Wang, Zhi Xue
Annual Computer Security Applications Conference, Anaheim, CA, Dec. 8-12, 2008.
[Pdf] | [Bib]
* Ranking of security conferences can be found here and here, but note they do not completely reflect my perception of these conferences.