Untrusted Hypervisor: Hypervisor, as the critical single point of failure, has bugs. We try to minimize the TCB of hypervisor and tolerant non-critical failures.
In HyperCoffer [HPCA'13][pdf], we develop a secure processor that supports unmodified VM running in hardware enclave, without trusting hypervisor.
In Nexen [NDSS'17][pdf], we analyze 191 Xen's CVE and redesign Xen by partitioning it to multiple slices. Each slice only serves one VM. The system can defend against 75% vulnerability without knowing details.
System and Application on ARM TrustZone: We aim to leverage TrustZone to improve the security and performance of different scenarios, on both mobile and server platforms.
In vTZ [USENIX Security'17][pdf], we build a system that enables system virtualization for ARM server that supports different TrustZone for each VM.
In AdAttester [MobiSys'15][pdf], we leverage TrustZone to prevent Ad fraud by generating attestation of user's behavior in the secure world.
In VButton [MobiSys'18][pdf], we leverage TrustZone to provide secure attestation of user-driven operations.
In TEEv [VEE'19][pdf], we support different TEEs to securely run in the single device.
The above projects are based on T6, our full-fledged TEE operating system that has been deployed in hundreds of millions of mobile phones. More information about T6 and our startup TrustKernel (瓶钵信息科技) can be found here: https://www.trustkernel.com
System and Application on ARM TrustZone: We try to integrate SGX with system software to achieve better performance, compatibility, more functionalities and be more developer-friendly.
In SGX-Migration [DSN'17][pdf], we build virtualization support for SGX enclave which supports live migration without trusting hypervisor or guest operating system.
In SGX-chain, we use SGX to protect the smart contract execution in Ethereum to offer confidentiality for blockchain.
New Hardware Features for System Software: We are good at leveraging new hardware features and build systems faster and more secure. We believe small hardware change can benefit big system security improvement. We go deep into hardware design and the interaction between hardware and system software.
In CFIMon [DSN'12][pdf], we are the first to use hardware performance counter (BTS) to enforce CFI at runtime with acceptable performance overhead.
In TxIntro [HPCA'14][pdf], we leverage hardware transaction memory to (HTM) enhance VM introspection, which won the “Best Paper Nominee” award of HPCA'14.
In VPM [SoCC'16][pdf], we build a system that hybrids DRAM & PM to achieve close performance as full-PM system which keeping the whole system crash consistency.
In CrossOver [ISCA'15][pdf], we improve the performance of cross-domain invocation by introducing new hardware instructions.
In-memory computing and graph computing:
Wukong: Fast and Concurrent Query Processing on Big (Linked) Data
DrTM: Fast In-memory Transactional Processing using Transactional Memory