Xuhua DING Professor of Computer Science
School of Computing and Information Systems Singapore Management University Tel: +65-68280683 Fax: +65-68280913
|
My team and I are inspired to design trustworthy systems in commodity x86 and ARM platforms to counter kernel space attacks. We mainly use hardware virtualization to construct hypervisor-based systems for various purposes. Our present interest centers on provisioning new systems for dynamic malware analysis including hybrid symbolic execution. Current team members are:
System security I am interested in building secure and trustworthy systems to counter attacks from malicious software in user space and/or the kernel. Recent publications are listed below.
ESem: To Harden Process Synchronization for Servers, ASIACCS 2024
DScope: To Reliably and Securely Acquire Live Data from Kernel-Compromised ARM Devices, ESORICS 2023
SMILE: Secure Memory Introspection for Live Enclave, IEEE S&P 2022
T-counter: Trustworthy and efficient CPU resource measurement using SGX in the cloud, IEEE TDSC 2022
A Coprocessor-based Introspection Framework via Intel Management Engine, IEEE TDSC 2021
On the Root of Trust Identification Problem, ACM/IEEE IPSN 2021
A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces , IEEE S&P 2021, (presentation in Blackhat 2022)
FIMCE:A Fully Isolated Micro-Computing Environment For Multicore Systems, ACM TOPS Vol 21, No. 3, April 2018
Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping, ACM CCS 2017
Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed, USENIX Security 2017
On the Effectiveness of Virtualization Based Memory Isolation on Multicore Platforms, EuroS&P 2017
HBinder: A Hardened Binder Framework on Android Systems, SECURECOMM 2016
SuperCall: A Secure Interface For Isolated Execution Environment to Dynamically Use External Services, SECURECOMM 2015
Efficient Virtualization-Based Application Protection Against Untrusted Operating System, ASIACCS 2015
Guardian: Hypervisor as Security Foothold for Personal Computers, TRUST 2013
Virtualization Based Password Protection Against Malware In Untrusted Operating Systems, TRUST 2012
DriverGuard: A Fine-grained Protection On I/O Flow, ESORICS 2011, (a journal version in TISSEC 2013)
KRover: A Symbolic Execution Engine for Dynamic Kernel Analysis CCS 2023
How to Resuscitate a Sick VM in the Cloud DSN 2023, Disrupt 23
ScriptChecker: To Tame Third-party Script Execution with Task Capabilities NDSS 2022
Catch You With Cache: Out-of-VM Introspection to Trace Malicious Execution IEEE/IFIP DSN 2021
To Detect Stack Buffer Overflow With Polymorphic Canaries, DSN 2018
Hardware Assisted Fine-grained Code Reuse Attack Detection, RAID 2015
ROPecker: A Generic and Practical Approach For Defending Against ROP Attack, NDSS 2014
Remote Attestation on Function Execution, INTRUST 2009,
Remote Attestation on Program Execution, ACM CCS Workshop on Scalable Trusted Computing (STC), 2008
Applied cryptography and privacy protection My primary interest in applied cryptography is to protect data privacy in various database and network applications.
Privacy-preserving Ad-Hoc Equi-Join on Outsourced Data, ACM TODS 2014
Verifiable and Private Top-k Monitoring (short paper), ACM ASIACCS 2013
Database Access Pattern Protection Without Full-shuffles, IEEE TIFS 2011
Embellishing Text Search Queries to Protect User Privacy, VLDB 2010
Genomic Security (Lest We Forget) , IEEE Security & Privacy, Oct 2017, Volume 15, Issue 5
Achieving Revocable Fine-Grained Cryptographic Access Control over Cloud Data, ISC 2013
A Generic Construction of Accountable Decryption and Its Applications, ACISP 2012 (Best student paper award)
On Security of Content-Based Video Stream Authentication, ESORICS 2015
A hybrid scheme for authenticating scalable video codestreams, IEEE TIFS 2014
Efficient authentication and access control of scalable multimedia streams over packet-lossy networks, SCN 2014
No Tradeoff Between Confidentiality and Performance: An Analysis On H.264/SVC Partial Encryption, IFIP CMS'12 (Best paper award)
Short BIO: I joined the School of Information Systems of Singapore Management University after receiving my Ph.D. degree in Computer Science from USC with most of my research done at UC Irvine. Before that, I received my B.Eng and M.Sc degrees from Shanghai JiaoTong University.
(updated on Jan 2022)