User Tools

Site Tools


pub:members:yubin_xia

Yubin Xia (夏虞斌)

xyb-small.jpg sosp17-xyb.jpg

Associate Professor
Institute of Parallel And Distributed Systems
School of Software
Shanghai Jiao Tong University
3401, Software Building, 800 Dongchuan Rd., Shanghai, China
Zip/Postal Code: 200240
Email: xiayubin at sjtu dot edu dot cn

中文主页

About Me

I am an associate professor in Shanghai Jiao Tong University. My research interests include operating systems, system virtualization, computer architecture. Currently, I'm focusing on building new system software that are suitable for isolation in new execution environments, like TEE, VM, enclave, etc.

Professional Services

  • 2018 OSDI: TPC Member
  • 2018 MobiSys: TPC Member
  • 2017 SOSP: Local Arrangement Chair
  • 2017 HPC China: TPC Member
  • 2017 AsiaCCS: TPC Member
  • 2016 HPC China: TPC Member
  • 2014 APSys: TPC Member
  • 2014 ACA: TPC Member

Awards and Honors

  • Senior Member, China Computer Federation (CCF)
  • The third prize of “Excellent teacher award” of SJTU, 2016
  • Special-class award (the first prize) of “Challenge Cup”, 2015
  • Best paper nominee award of HPCA 2014

Projects

My group is currently working on following research projects:

  • Untrusted Hypervisor: Hypervisor, as the critical single point of failure, has bugs. We try to minimize the TCB of hypervisor and tolerant non-critical failures.
    • In HyperCoffer [HPCA'13] pdf, we develop a secure processor that supports unmodified VM running in hardware enclave, without trusting hypervisor.
    • In Nexen [NDSS'17] pdf, we analyze 191 Xen's CVE and redesign Xen by partitioning it to multiple slices. Each slice only serves one VM. The system can defend against 75% vulnerability without knowing details.
  • System and Application on ARM TrustZone: We aim to leverage TrustZone to improve the security and performance of different scenarios, on both mobile and server platforms.
    • In vTZ [USENIX Security'17] pdf, we build a system that enables system virtualization for ARM server that supports different TrustZone for each VM.
    • In AdAttester [MobiSys'15] pdf, we leverage TrustZone to prevent Ad fraud by generating attestation of user's behavior in the secure world.
    • In VButton [MobiSys'18], we propose a new UI element named VButton which enables attestation for user's input with TrustZone, which is further verified by the server.
    • The above projects are based on T6, our full-fledged TEE operating system that has been deployed in tens of millions of mobile phones. More info of T6 can be found here: http://trustkernel.com
  • System Software Support for Intel SGX: We try to integrate SGX with system software to achieve better performance, compatibility, more functionalities and be more developer-friendly.
    • In SGX-Migration [DSN'17] pdf, we build virtualization support for SGX enclave which supports live migration without trusting hypervisor or guest operating system.
    • In ShadowEth [JCST'18], we use SGX to protect the smart contract execution in Ethereum to offer confidentiality for blockchain.
  • New Hardware Features for System Software: We are good at leveraging new hardware features and build systems faster and more secure. We believe small hardware change can benefit big system security improvement. We go deep into hardware design and the interaction between hardware and system software.
    • In CFIMon [DSN'12] pdf, we are the first to use hardware performance counter (BTS) to enforce CFI at runtime with acceptable performance overhead.
    • In TxIntro [HPCA'14] pdf, we leverage hardware transaction memory to (HTM) enhance VM introspection, which won the “Best Paper Nominee” award of HPCA'14.
    • In VPM [SoCC'16] pdf, we build a system that hybrids DRAM & PM to achieve close performance as full-PM system which keeping the whole system crash consistency.
    • In CrossOver [ISCA'15] pdf, we improve the performance of cross-domain invocation by introducing new hardware instructions.

Publication

  • [USENIX ATC] Zhichao Hua, Dong Du, Yubin Xia, Haibo Chen, Binyu Zang. EPTI: Efficient Defence against Meltdown Attack for Unpatched VMs. USENIX ATC, 2018.
  • [MobiSys] Wenhao Li, Shiyu Luo, Zhichuang Sun, Yubin Xia, Long Lu, Haibo Chen, Binyu Zang, Haibing Guan. VButton: Practical Attestation of User-driven Operations in Mobile Apps. MobiSys, 2018.
  • [JCST] Rui Yuan; Yubin Xia; Haibo Chen; Binyu Zang; Jan Xie. ShadowEth: Private Smart Contract on Public Blockchain. JCST, 2018. [pdf]
  • [JCST] Yutao Liu, Dong Du, Yubin Xia, Haibo Chen, Binyu Zang. SplitPass: A Mutually Distrusting Two-party Password Manager. JCST, 2018.
  • [Usenix Security] Zhichao Hua, Jinyu Gu, Yubin Xia, Haibo Chen, Binyu Zang and Haibing Guan. vTZ: Virtualizing ARM TrustZone. Usenix Security Symposium 2017. Vancouver, Canada, August, 2017. [pdf]
  • [ToS] Haibo Chen, Heng Zhang, Mingkai Dong, Zhaoguo Wang, Yubin Xia, Haibing Guan and Binyu Zang. Efficient and Available In-memory KV-Store with Hybrid Erasure Coding and Replication. ACM Transactions on Storage (To appear), 2017.
  • [DSN] Jinyu Gu, Zhichao Hua, Yubin Xia, Haibo Chen, Binyu Zang, Haibing Guan, Jinming Li, Secure Live Migration of SGX Enclaves on Untrusted Cloud, Proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'17). Denver, CO, June, 2017. [pdf]
  • [NDSS] Lei Shi, Yuming Wu, Yubin Xia, Nathan Dautenhahn, Haibo Chen, Binyu Zang, Haibing Guan, Jingming Li. Deconstructing Xen. The Network and Distributed System Security Symposium 2017 (NDSS'17). San Diego, California. March, 2017. [pdf, slides]
  • [SoCC] Liang Liang, Rong Chen, Haibo Chen, Yubin Xia, Haibing Guan, Binyu Zang, A Case for Virtualizing Persistent Memory, ACM Symposium on Cloud Computing 2016 (SoCC'16), Santa Clara, California, October 5-7, 2016. [pdf]
  • [FAST] Qingshu Chen, Liang Liang, Yubin Xia, Haibo Chen, Hyunsoo Kim, Mitigating Sync Amplification for Copy-on-write Virtual Disk,The 14th USENIX Conference on File and Storage Technologies (FAST'16),2016.2.22-2016.2.25. Santa Clara, US, Feb, 2016. [pdf]
  • [CCS] Yutao Liu, Tianyu Zhou, Kexin Chen, Haibo Chen, Yubin Xia, Thwarting Memory Disclosure with Efficient Hypervisor-enforced Intra-domain Isolation, Proceedings of the 22th ACM Conference on Computer and Communications Security (CCS'15), Denver, Colorado, US, October, 2015. [pdf]
  • [ToCC] Yubin Xia, Yutao Liu, Haibing Guan, Yunji Chen, Tianshi Chen, Binyu Zang, Haibo Chen, Secure Outsourcing of Virtual Appliance, IEEE Transactions on Cloud Computing, PP(99), 2015. [pdf]
  • [ISCA] Wenhao Li, Yubin Xia, Haibo Chen, Binyu Zang, Haibing Guan. Reducing World Switches in Virtualized Environment with Flexible Cross-world Calls. In the 42nd International Symposium on Computer Architecture (ISCA'15), 2015. [pdf]
  • [MobiSys] Wenhao Li, Haibo Li, Haibo Chen, Yubin Xia. AdAttester: Secure Online Advertisement Attestation on Mobile Devices Using TrustZone. In Proceedings of the 13th International Conference on Mobile Systems, Applications, and Services (MobiSys'15), 2015. [pdf]
  • [EuroSys] Yubin Xia, Yutao Liu, Cheng Tan, Mingyang Ma, Haibing Guan, Binyu Zang, Haibo Chen. TinMan: Eliminating Confidential Mobile Data Exposure with Security-oriented Offloading. In Proceedings of the 10th European Conference on Computer Systems (EuroSys'15), 2015. [pdf]
  • [ICDE] Hao Zhang, Gang Chen, Beng Chin Ooi, Weng-Fai Wong, Shensen Wu, Yubin Xia, “Anti-Caching”-based Elastic Memory Management for Big Data. In Proceedings of the International Conference on Data Engineering (ICDE'15), 2015. [pdf]
  • [APSys] Wenhao Li, Mingyang Ma, Jinchen Han, Yubin Xia, Binyu Zang, Cheng-Kang Chu, Tieyan Li, Feng Bao. Building Trusted Path on Untrusted Device Drivers for Mobile Devices. In Proceedings of the 5th Asia-Pacific Workshop on System (APSys'14), 2014. [pdf]
  • [APSys] Cheng Tan, Haibo Li, Yubin Xia, Binyu Zang, Cheng-Kang Chu, Tieyan Li, Feng Bao. PreCrime to the Rescue: Defeating Mobile Malware One Step Ahead. In Proceedings of the 5th Asia-Pacific Workshop on System (APSys'14), 2014. [pdf]
  • [HPCA] Yutao Liu, Yubin Xia, Haibing Guan, Binyu Zang and Haibo Chen. Concurrent and Consistent Virtual Machine Introspection with Hardware Transactional Memory. (Best Paper Nominee) In Proceedings of 2014 International Symposium on High Performance Computer Architecture (HPCA'14), February, 2014. [pdf, slide]
  • [HPCA] Yubin Xia, Yutao Liu and Haibo Chen. Architecture Support for Guest-Transparent VM Protection from Untrusted Hypervisor and Physical Attacks. In Proceedings of 2013 International Symposium on High Performance Computer Architecture (HPCA'13), February, 2013. [pdf]
  • [DSN] Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. CFIMon: Detecting Violation of Control Flow Integrity using Performance Counters. In Proceeding of Dependable Systems and Networks (DSN'12), Boston, US, 2012. [pdf]

Work

  • Jan. 2017 - Now: Associate Professor, Shanghai Jiao Tong University.
  • Sep. 2012 - Jan. 2017: Assistant Professor, Shanghai Jiao Tong University.
  • Aug. 2010 - Sep. 2012: PostDoc, Fudan University.

Education

  • Sep. 2004 - Jun. 2010 Ph.D, Peking University.
  • Sep. 2000 - Jun. 2004 B.S. Software School, Fudan University.

中文介绍

夏虞斌,上海交通大学副教授,CCF高级会员,ACM会员,IEEE会员,USENIX会员。主要研究方向是操作系统,研究对象是操作系统、系统虚拟化与体系结构,研究成果发表在ISCA、HPCA、EuroSys、MobiSys、FAST、CCS、USENIX Sexurity、NDSS等高水平学术会议。目前主要研究基于硬件扩展的可信执行环境(TEE:Trusted Execution Environment),带领团队开发了支持TrustZone的安全操作系统T6;在x86平台基于Intel SGX,在虚拟化等方面实现系统软件的支持。


pub/members/yubin_xia.txt · Last modified: 2018/07/01 10:36 by root