I am an associate professor at the Institute of Computing Technology (ICT), Chinese Academy of Sciences (CAS). I obtained my Ph.D. in Computer Architecture from ICT in 2018, and my bachelor in Software Engineering from Beijing University of Technology (BJUT) in 2012.
News
[06/06/2024] Four papers are accepted! Congrats to all authors.
[04/12/2023] Cheers! Our work won the CCS 2023 Distinguished Paper Award!
[25/07/2023] One paper got accepted to CCS 2023. Congrats to Jiali and Mengyao.
...
Research
My research interests lie in computer security. In particular, my primary research lies at the intersection of
security, operating systems, system virtualization, program analysis, dynamic binary translation, and compilers.
I have been working in the following directions.
Reproducing concurrency bugs for multi-threaded programs, JavaScript engine fuzzing
Hardware vulnerabilities exploit and mitigation
Transient execution attacks and defenses, traditional cache based side channels
Process-level and full-system virtualization
Dynamic binary translation, hardware-assist virtualization, software emulation based virtualization
Publications
Shining Light on the Inter-procedural Code Obfuscation: Keep Pace with Progress in Binary Diffing [PDF | Slides] Peihua Zhang, Chenggang Wu, Hanzhi Hu, Lichen Jia, Mingfan Peng, Jiali Xu, Mengyao Xie, Yuanming Lai, Yan Kang, and Zhe Wang. ACM Transactions on Architecture and Code Optimization (TACO'24). Nov 2024.
Enhancing Learning-Based Binary Code Similarity Detection Model through Adversarial Training with Multiple Function Variants [PDF | Slides] Lichen Jia, Chenggang Wu, Bowen Tang, Peihua Zhang, Zihan Jiang, Yang Yang, Ning Liu, Jingfeng Zhang, and Zhe Wang. In The 2024 Conference on Empirical Methods in Natural Language Processing (EMNLP'24). Miami, Florida, USA, Nov 2024.
HIVE: A Hardware-assisted Isolated Execution Environment for eBPF on AArch64 [PDF | Slides] Peihua Zhang, Chenggang Wu, Xiangyu Meng, Yinqian Zhang, Mingfan Peng, Shiyang Zhang, Bing Hu, Mengyao Xie, Yuanming Lai, Yan Kang, and Zhe Wang. In Proceedings of the 33rd USENIX Security Symposium (Security'24). PHILADELPHIA, PA, USA, August 2024.
OptFuzz: Optimization Path Guided Fuzzing for JavaScript JIT Compilers [PDF | Slides] Jiming Wang, Yan Kang, Chenggang Wu, Yuhao Hu, Yue Sun, Jikai Ren, Yuanming Lai, Mengyao Xie, Chao Zhang, Tao Li, and Zhe Wang. In Proceedings of the 33rd USENIX Security Symposium (Security'24). PHILADELPHIA, PA, USA, August 2024.
A Tale of Two Paths: Toward a Hybrid Data Plane for Efficient Far-Memory Applications [PDF | Slides] Lei Chen, Shi Liu, Chenxi Wang, Haoran Ma, Yifan Qiao, Zhe Wang, Chenggang Wu, Youyou Lu, Xiaobing Feng, Huimin Cui, Shan Lu, and Harry Xu. In Proceedings of the 18th USENIX Symposium on Operating Systems Design and Implementation (OSDI'24). SANTA CLARA, CA, USA, July 2024.
CodeExtract: Enhancing Binary Code Similarity Detection with Code Extraction Techniques [PDF | Slides] Lichen Jia, Chenggang Wu, Peihua Zhang, and Zhe Wang. In Proceedings of the 25th ACM International Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES'24). Copenhagen, June 2024.
PANIC: PAN-assisted Intra-process Memory Isolation on ARM [PDF | Slides] Jiali Xu, Mengyao Xie, Chenggang Wu, Yinqian Zhang, Qijing Li, Xuan Huang, Yuanming Lai, Yan Kang, Wei Wang, Qiang Wei, and Zhe Wang. In Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS'23). Copenhagen, Denmark, November 2023. ★ Distinguished Paper Award
SpecWands: An Efficient Priority-based Scheduler Against Speculation Contention Attacks [PDF] Bowen Tang, Chenggang Wu, Pen-Chung Yew, Yinqian Zhang, Mengyao Xie, Yuanming Lai, Yan Kang, Wei Wang, Qiang Wei, and Zhe Wang. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD'23). May 2023.
Khaos: The Impact of Inter-procedural Code Obfuscation on Binary Diffing Techniques [PDF | Slides] Peihua Zhang, Chenggang Wu, Mingfan Peng, Kai Zeng, Ding Yu, Yuanming Lai, Wei Wang, and Zhe Wang. In Proceedings of the 21st IEEE/ACM International Symposium on Code Generation and Optimization (CGO'23). Montréal, QC, Canada, February 2023
SoftTRR: Protect Page Tables Against RowHammer Attacks using Software-only Target Row Refresh [PDF | Slides] Zhi Zhang, Yueqiang Cheng, Minghua Wang, Wei He, Wenhao Wang, Nepal Surya, Yansong Gao, Kang Li, Zhe Wang, and Chenggang Wu. In Proceedings of the 2022 USENIX Annual Technical Conference (ATC'22). Carlsbad, CA, USA, July 2022
CETIS: Retrofitting Intel CET for Generic and Efficient Intra-process Memory Isolation [PDF | Slides] Mengyao Xie, Chenggang Wu, Yinqian Zhang, Jiali Xu, Yuanming Lai, Yan Kang, Wei Wang, and Zhe Wang. In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS'22). Los Angeles, U.S.A., November 2022. ★ Best Paper Honorable Mention Award
Dancing with Wolves: An Intra-process Isolation Technique with Privileged Hardware [PDF] Chenggang Wu, Mengyao Xie, Zhe Wang, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, Min Yang, and Tao Li. IEEE Transactions on Dependable and Secure Computing (TDSC'22). April 2022.
KOPFUZZER: A Key-Operation-based Fuzzer for Type Confusion Bugs in JavaScript Engine [PDF | Slides] Lili Sun, Chenggang Wu, Zhe Wang, Yan Kang, and Bowen Tang. In Proceedings of the 46th IEEE Annual Computers, Software, and Applications Conference (COMPSAC'22). Torino, Italy, June 2022.
SLIME: Program-sensitive Energy Allocation for Fuzzing [PDF | Slides] Chenyang Lyu, Hong Liang, Shouling Ji, Xuhong Zhang, Binbin Zhao, Meng Han, Yun Li, Zhe Wang, Wenhai Wang, and Raheem Beyah. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22). Daejeon, South Korea, July 2022.
SpecBox: A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks [PDF] Bowen Tang, Chenggang Wu, Zhe Wang, Lichen Jia, Pen-Chung Yew, Yueqiang Cheng, Yinqian Zhang, Chenxi Wang, and Guoqing Harry Xu. IEEE Transactions on Dependable and Secure Computing (TDSC'22). Jan 2022.
Ferry: State-Aware Symbolic Execution for Exploring State-Dependent Program Paths [PDF | Slides] Shunfan Zhou, Zhemin Yang, Dan Qiao, Peng Liu, Min Yang, Zhe Wang, and Chenggang Wu. In Proceedings of the 31st USENIX Security Symposium (Security'22). Boston, MA, August 2022.
Making Information Hiding Effective Again [PDF] Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi. IEEE Transactions on Dependable and Secure Computing (TDSC'21). March 2021.
SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation [PDF | Slides] Zhe Wang, Chenggang Wu, Mengyao Xie, Yinqian Zhang, Kangjie Lu, Xiaofeng Zhang, Yuanming Lai, Yan Kang, and Min Yang. In Proceedings of the 41st IEEE Symposium on Security and Privacy (Oakland'20). San Francisco, CA, May 2020.
SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization [PDF | Slides] Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, and Zhiping Shi. In Proceedings of the 28th USENIX Security Symposium (Security'19). Santa Clara, CA, August 2019.
Using Local Clocks to Reproduce Concurrency Bugs [PDF | Slides] Zhe Wang, Chenggang Wu, Xiang Yuan, Zhenjiang Wang, Jianjun, Li, Pen-Chung Yew, Jeff Huang, Xiaobing Feng, Yanyan Lan, Yunji Chen, and Yuanming Lai. IEEE Transactions on Software Engineering (TSE'18), November 2018.
ReRanz: A Light-Weight Virtual Machine to Mitigate Memory Disclosure Attacks [PDF | Slides | Code] Zhe Wang, Chenggang Wu, Jianjun Li, Yuanming Lai, Xiangyu Zhang, Wei-Chung Hsu, and Yueqiang Cheng. In Proceedings of the 13th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environment (VEE'17). Xi'an, China, April 2017.
HSPT: Practical Implementation and Efficient Management of Embedded Shadow Page Tables for Cross-ISA System Virtual Machines [PDF | Slides | Code] Zhe Wang, Jianjun Li, Chenggang Wu, Dongyan Yang, Zhenjiang Wang, Wei-Chung Hsu, Bin Li, and Yong Guan. In Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environment (VEE'15). Istanbul, Turkey, March 2015.
Awards
ACM SIGSAC China Rising Star, 2024
New 100-Academic-Stars Program in Institute of Computing Technology, 2021
Leading Wild Goose Gold and Silver Award in University of Chinese Aacademy of Sciences, 2021
Excellence Star in Institute of Computing Technology, 2020
Outstanding Scientific Research Staff in Institute of Computing Technology, 2020, 2019
Presidential Scholarship in University of Chinese Aacademy of Sciences, 2018
Special Presidential Scholarship (Xia Peisu Scholarship) in Institute of Computing Technology, 2017
National Scholarship for Ph.D. Candidates, 2017, 2015
Sugon Scholarship for Ph.D. Candidates, 2014
Pacemaker to Merit Student Award in University of Chinese Aacademy of Sciences, 2014
Merit Student Award in University of Chinese Aacademy of Sciences, 2013
Professional Skills
Virtualization: KVM, QEMU, HyperDbg, Dune
OS Kernel: Linux
Compiler Framework: LLVM
Binary Instrumentation: Pin, Dyninst, Dynamorio
Binary Disassembler/Assembler: IDA Pro, Distorm, Capstone