Publications at Top-tier Security & System Conferences

1. [CCS'21] CROSSLINE: Breaking ``Security-by-Crash'' based Memory Isolation in AMD SEV
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
ACM Conference on Computer and Communications Security, Nov. 2021.

2. [Security'21] SelectiveTaint: Efficient Data Flow Tracking With Static Binary Rewriting
Sanchuan Chen, Zhiqiang Lin, Yinqian Zhang
USENIX Security Symposium, Virtual, Aug. 2020.

3. [CCS'20] FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware
Haohuang Wen, Zhiqiang Lin, Yinqian Zhang
ACM Conference on Computer and Communications Security, Nov. 2020.
[Pdf] | [Bib]

4. [Security'20] TXSPECTOR: Uncovering Attacks in Ethereum from Transactions
Mengya Zhang, Xiaokuan Zhang, Yinqian Zhang, Zhiqiang Lin
USENIX Security Symposium, Aug. 2020.
[Pdf] | [Bib]

5. [S&P'20] SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation
Zhe Wang, Chenggang Wu, Mengyao Xie, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yang Kang, Min Yang
IEEE Symposium on Security and Privacy, May 2020.
[Pdf] | [Bib]

6. [NDSS'20] SPEECHMINER: A Framework for Investigating and Measuring Speculative Execution Vulnerabilities
Yuan Xiao, Yinqian Zhang, Mircea-Radu Teodorescu
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 2020.
[Pdf] | [Bib]

7. [CCS'19] OPERA: Open Remote Attestation for Intel’s Secure Enclaves
Guoxing Chen, Yinqian Zhang, Ten-Hwang Lai
ACM Conference on Computer and Communications Security, London, UK, Nov. 2019.
[Pdf] | [Bib]

8. [CCS'19] Automatic Fingerprinting of Vulnerable BLE IoT Devices with Static UUIDs from Mobile Apps
Chaoshun Zuo, Haohuang Wen, Zhiqiang Lin, Yinqian Zhang
ACM Conference on Computer and Communications Security, London, UK, Nov. 2019.
[Pdf] | [Bib]

9. [Security'19] Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, Yan Solihin
USENIX Security Symposium, Santa Clara, CA, Aug. 2019.
[Pdf] | [Bib] | [Presentation]

10. [Security'19] SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization
Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi
USENIX Security Symposium, Santa Clara, CA, Aug. 2019.
[Pdf] | [Bib] | [Slides]

11. [NDSS'19] Statistical Privacy for Streaming Traffic
Xiaokuan Zhang, Jihun Hamm, Michael K. Reiter, Yinqian Zhang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 2019.
[Pdf] | [Bib]

12. [NDSS'19] OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX
Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 2019.
[Pdf] | [Bib]

13. [S&P'19] Why Does Your Data Leak? Uncovering the Data Leakage in Cloud From Mobile Apps
Chaoshun Zuo, Zhiqiang Lin, and Yinqian Zhang.
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 2019.
[Pdf] | [Bib] | [Slides]

14. [CCS'18] HoMonit: Monitoring Smart Home Apps from Encrypted Traffic
Wei Zhang, Yan Meng, Yugeng Liu, Xiaokuan Zhang, Yinqian Zhang, Haojin Zhu
ACM Conference on Computer and Communications Security, Toronto, Canada, Oct. 2018.
[Pdf] | [Bib]

15. [S&P'18] Static Evaluation of Noninterference Using Approximate Model Counting
Ziqiao Zhou, Zhiyun Qian, Michael K. Reiter, Yinqian Zhang
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 2018.
[Pdf] | [Bib]

16. [S&P'18] Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races
Guoxing Chen*, Wenhao Wang*, Tianyu Chen, Sanchuan Chen, Yinqian Zhang, XiaoFeng Wang, Ten-Hwang Lai, Dongdai Lin
IEEE Symposium on Security and Privacy, San Francisco, CA, USA, May. 2018. (* co-first authors)
[Pdf] | [Bib]

17. [NDSS'18] OS-level Side Channels without Procfs: Exploring Cross-App Information Leakage on iOS
Xiaokuan Zhang, Xueqiang Wang, Xiaolong Bai, Yinqian Zhang, Xiaofeng Wang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 2018.
Top 10 Finalists of CSAW Best Applied Research Paper Award
[Pdf] | [Bib] | [Video]

18. [NDSS'18] Face Flashing: A Secure Liveness Detection Protocol based on Light Reflections
Di Tang, Zhe Zhou, Yinqian Zhang, Kehuan Zhang
Network and Distributed System Security Symposium, San Diego, CA, USA, Feb. 2018.
[Pdf] | [Bib]

19. [ATC'18] Peeking Behind the Curtains of Serverless Platforms
Liang Wang, Mengyuan Li, Yinqian Zhang, Thomas Ristenpart, Michael Swift
Usenix Annual Technical Conference, Boston, MA, USA, Jul. 2018.
[Pdf] | [Bib]

20. [CCS'17] Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves
Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang
ACM Conference on Computer and Communications Security, Dallas, Texas, USA, Oct. 2017.
(The CCS version of this paper supersedes arxiv 1707.03473.)
[Pdf] | [Bib] | [Slides] | [Project Homepage]

21. [CCS'17] Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, Carl A. Gunter
ACM Conference on Computer and Communications Security, Dallas, Texas, USA, Oct. 2017.
(The CCS version of this paper supersedes arxiv 1705.07289.)
[Pdf] | [Bib]
22. [CCS'16] Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
Xiaokuan Zhang, Yuan Xiao, Yinqian Zhang
ACM Conference on Computer and Communications Security, Vienna, Austria, Oct. 2016.
[Pdf] | [Bib] | [Slides]
23. [CCS'16] A Software Approach to Defeating Side Channels in Last-Level Caches
Ziqiao Zhou, Michael K. Reiter, Yinqian Zhang
ACM Conference on Computer and Communications Security, Vienna, Austria, Oct. 2016.
(The CCS version of this paper supersedes arxiv 1603.05615.)
[Pdf] | [Bib]
24. [Security'16] One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation
Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, Mircea-Radu Teodorescu
USENIX Security Symposium, Austin, TX, Aug. 2016.
Top 10 Finalists of CSAW Best Applied Research Paper Award
[Pdf] | [Bib] | [Slides]
25. [CCS'15] Mitigating Storage Side Channels Using Statistical Privacy Mechanisms
Qiuyu Xiao, Michael K. Reiter, Yinqian Zhang
ACM Conference on Computer and Communications Security, Denver, Colorado, Oct. 2015.
[Pdf] | [Bib]
26. [Security'15] A Placement Vulnerability Study in Multi-Tenant Public Clouds
Venkatanathan Varadarajan, Yinqian Zhang, Thomas Ristenpart and Michael Swift
USENIX Security Symposium, Washington, D.C., Aug. 2015.
[Pdf] | [Bib]
27. [CCS'14] Cross-Tenant Side-Channel Attacks in PaaS Clouds
Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart
ACM Conference on Computer and Communications Security, Scottsdale, AZ, Nov. 2014.
[Pdf] | [Bib]
28. [CCS'13] Düppel: Retrofitting Commodity Operating Systems to Mitigate Cache Side Channels in the Cloud
Yinqian Zhang, Michael K. Reiter
ACM Conference on Computer and Communications Security, Berlin, Germany, Nov. 2013.
[Pdf] | [Bib]
29. [CCS'12] Cross-VM Side Channels and Their Use to Extract Private Keys
Yinqian Zhang, Ari Juels, Michael K. Reiter, Thomas Ristenpart
ACM Conference on Computer and Communications Security, Raleigh, NC, Oct. 2012.
[Pdf] | [Bib] | [Slides]
30. [S&P'11] HomeAlone: Co-Residency Detection in the Cloud via Side-Channel Analysis
Yinqian Zhang, Ari Juels, Alina Oprea, Michael K. Reiter
IEEE Symposium on Security and Privacy, Oakland, CA, May 2011.
[Pdf] | [Bib]
31. [CCS'10] The Security of Modern Password Expiration: An Algorithmic Framework and Empirical Analysis
Yinqian Zhang, Fabian Monrose, Michael K. Reiter
ACM Conference on Computer and Communications Security, Chicago, IL, Oct. 2010.
[Pdf] | [Bib]