User Tools

Site Tools


Yutao Liu (刘宇涛)

Ph.D Candidate
Shanghai Jiao Tong University
800 Dongchuan Road, Minhang District, Shanghai, P.R.China
Zip/Postal Code: 200240

About Me

I am a fourth year Ph.D student in the Software Engineering at Shanghai Jiaotong University. I work in the Security Group of Institute of Parallel And Distributed System (IPADS), adviced by Prof. Haibo Chen. My research interests are system/virtualization security and mobile security.


Long-term Research Goal

My primary research goal is to improve server and mobile security in system perspective. My current and prospective research projects have and may have been along two lines:

  • leveraging potential architecture support to improve the dependability and security of current systems, specifically, using hardware features in different architectures to protect data privacy, enforce control flow integrity, actively monitor the whole system and timely detect potential attack, etc.
  • building and optimizing reliable virtualization environment to benefit system security. Currently virtualization has been a tremendous success, especially in server consolidation and security enhancement. However there’re still some problems when considering security aspects, and my goal is to ameliorate virtualization architecture to adapt to increasing security requirement.


  • Sep. 2012 - Current Ph.D Candidate, Institute of Parallel And Distributed System (IPADS), Shanghai Jiaotong University (SJTU), Supervisor: Haibo Chen
  • Apr. 2014 - Sep. 2014 Exchange Ph.D Student, School of Computer (SoC), National University of Singapore (NUS), Supervisor: Ooi Beng Chin
  • Jul. 2011 - Sep. 2011 Exchange Student, School of Computer Science and Informatics, University College Dublin (UCD), Supervisor: Keyun Ruan
  • Sep. 2008 - Jun. 2012 B.S. Software School, Fudan University


  • [HPCA] Yutao Liu, Peitao Shi, Xinran Wang, Haibo Chen, Binyu Zang and Haibing Guan. Transparent and Efficient CFI Enforcement with Intel Processor Trace. The 23rd IEEE Symposium on High Performance Computer Architecture, Austin, TX, USA, Feb 2017.[pdf, slides]
  • [TCC] Yubin Xia, Yutao Liu, Haibin Guan, Yunji Chen, Tianshi Chen, Binyu Zang, Haibo Chen. Secure Outsourcing of Virtual Appliance. IEEE Transactions on Cloud Computing, 2015.[pdf]
  • [CCS] Yutao Liu, Tianyu Zhou, Kexin Chen, Haibo Chen, Yubin Xia. Thwarting Memory Disclosure with Efficient Hypervisor-enforced Intra-domain Isolation. In the 22nd ACM Conference on Computer and Communications Security, 2015.[pdf]
  • [EuroSys] Yubin Xia, Yutao Liu, Cheng Tan, Mingyang Ma, Haibing Guan, Binyu Zang, Haibo Chen. TinMan: Eliminating Confidential Mobile Data Exposure with Security-oriented Offloading. In Proceedings of the 10th European Conference on Computer Systems, 2015.[pdf]
  • [HPCA] Yutao Liu, Yubin Xia, Haibing Guan, Binyu Zang and Haobo Chen. Concurrent and Consistent Virtual Machine Introspection with Hardware Transactional Memory. In Proceedings of the 20th IEEE International Symposium On High Performance Computer Architecture (Best Paper Nominee), Orlando, Florida, 2014. [pdf]
  • [APSys] Yutao Liu, Yubin Xia and Haobo Chen. Component-based Decoupling of Mobile Applications using RemoteBinder. Poster in 4th Asia-Pacific Workshop on Systems, July, 2013. [pdf]
  • [HPCA] Yubin Xia, Yutao Liu and Haibo Chen. Architecture Support for Guest-Transparent VM Protection from Untrusted Hypervisor and Physical Attacks. In Proceedings of 2013 Internal Symposium on High Performance Computer Architecture, February, 2013. [pdf]
  • [DSN] Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. CFIMon: Detecting Violation of Control Flow Integrity using Performance Counters. In Proceeding of Dependable Systems and Networks, Boston, US, 2012. [pdf]
  • [DCDV] Yubin Xia, Yutao Liu, Haibo Chen, and Binyu Zang. Defending against VM Rollback Attack, in The Second International Workshop on Dependability of Clouds Data Centers and Virtual Machine Technology, Boston, US, 2012. [pdf]


  • FlowGuard: Leveraging Intel Processor Trace for Control Flow Integrity. An efficient and transparent approach that effectively enforces CFI by using Intel Processor Trace (IPT) to collect and check runtime control flow. It constructs IPT-compatible control flow graph to addresses the slow decoding of IPT, and embraces efficiency and precision through separating fast and slow path checking.
  • AutoMITM: Attacking Android Auto System using Man-in-the-middle Approach. Android Auto is proposed by Google to allow mobile device to be operated in automobiles through the dashboard's head unit. We conduct a real man-in-the-middle attack between Android device and Pioneer NEX 4100 head unit, which results in bypassing Auto authentication and displaying arbitrarily video stream in the head unit .
  • SeCage: Leveraging Intel VMFunc for Secret Protection and Memory Disclosure Attacks Prevention. A mechanism that firstly use hybrid analysis to decompose monolithic software into several compartments, each of which may contain different secrets and their corresponding code. It then retrofits the VMFUNC mechanism in Intel processors and nested paging to transparently provide different memory views for different compartments, while allowing low-cost and transparent invocation across domains without hypervisor intervention.
  • TinMan: A System Aiming at Protecting Confidential Data on Mobile Devices. An Android security system, which utilizes asymmetric taint, distributed share memory, and packet header switch, etc. techniques to ensure no exposure of plain text of Confidential Data (CoD, e.g., password) on mobile devices and thus can protect CoD even if the device is lost or stolen.
  • TxIntro: Leveraging Hardware Transactional Memory for Virtual Machine Introspection. A system that leverages the Intel’s Restricted Transactional Memory (RTM) to build a timely, concurrent and consistent Virtual Machine Introspection (VMI) system, which can detect kernel module rootkit efficiently, and we also proposed two optimizations to reduce the conflict aborts.
  • SplitPass: Applying Two-man Rule for Authentication of Mobile Applications. A password manager that splits a password into two shares stored separately on mutually distrusting mobile device and cloud-based password assistant. It proposes “session joining” at SSL layer and “packet reframing” at TCP layer, to retain transparency to existing apps/servers.
  • RemoteBinder: A Transparent Service Component-based Decoupling Approach for Mobile Security. An Android security extension, which provides component-based decoupling using the Android IPC mechanism, specifically, it transparently decouples suspicious Services from applications to the cloud with much stronger security protection.
  • HyperCoffer: Architecture Support for Guest-Transparent VM Protection from Untrusted Hypervisor and Physical Attacks. A prototype of a hardware-software framework in a Qemu-based full-system emulator and VM-Shim mechanism in a Xen-based real machine, which leverages the Secure Processor to guard the privacy and integrity of virtual machine.
  • CFIMon: Detecting Violation of Control Flow Integrity using Performance Counters. A system that can detect and reason about a variety of attacks violating control flow integrity without any changes to applications. We combined static analysis and runtime training to collect legal control flow transfers, and leverages the branch tracing store mech- anism in commodity processors to collect and analyze runtime traces on-the-fly to detect violation of control flow integrity.

TA Work

  • Spring, 2015 Computer System Design and Implementation
  • Autumn, 2013 Computer System Principle
  • Spring, 2012 Computer System Engineering


  • Autumn, 2015 Tang Lixin Scholarship(唐立新奖学金)
  • Autumn, 2015 National Scholarship(国家奖学金)
  • Spring, 2014 HPCA Best Paper Nominee Award
  • Summer, 2012 Outstanding Graduate Student Award of Shanghai
  • Spring, 2011 Received the Title of Xiyuan Scholar
  • Spring, 2010 Shamrock Software Competition Championship

pub/members/yutao_liu.txt · Last modified: 2017/03/11 16:48 by ytliu