Fengwei Zhang Associate Professor Director, COMPASS Lab Department of Computer Science and Engineering Southern University of Science and Technology Contact: Room 515, South Tower, College of Engineering 1088 Xueyuan Ave, Nanshan District Shenzhen, Guangdong Province, China 518055 Phone: (+86) (755) 88015160 Email: zhangfw [at] sustech dot edu dot cn Lab: Room 441A, South Tower, College of Eng. [Curriculum Vitae]

---

As of September 2019, I am a tenure-track Associate Professor at Department of Computer Science and Engineering at Southern University of Science and Technology (SUSTech). My primary research interests are in the areas of systems security, with a focus on trustworthy execution, hardware-assisted security, debugging transparency, transportation security, and plausible deniability encryption.

Before joining SUSTech, I spent four wonderful years as an Assistant Professor at Department of Computer Science at Wayne State University (WSU). I earned my Ph.D. in Computer Science from George Mason University in April 2015.


    My research group: [COMPASS@SUSTech] [COMPASS@WSU].


I am looking for graduate students, postdocs, undergraduate students to work with me on exciting projects in systems security. If you are interested, please send me your CV. Multiple fully funded positions are available [Hire Link, 招聘启示] [SUSTech Ph.D. Scholarship For International Students].

Multiple Postdoc Openings.

---

Teaching

• Fall 2022: CS 315, Computer Security
• Spring 2022: CS 102A, Introduction to Computer Programming

• Previous Semesters: [full list]

---

Selected Recent Publications [full list]

Authors with "_" is student/scholar in my lab or courses; ˆ indicates equal contribution; * indicates the corresponding author.

• StrongBox: A GPU TEE on Arm Endpoints  
  Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, and Fengwei Zhang*
  To Appear In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS'22), Los Angeles, CA, November 2022.
  


• Raven: A Novel Kernel Debugging Tool on RISC-V  
  Hongyi Lu, Fengwei Zhang*
  In Proceedings of the 59th IEEE/ACM Design Automation Conference (DAC'22), San Francisco, CA, July 2022.
  


• SMILE: Secure Memory Introspection for Live Enclave  
  Lei Zhou, Xuhua Ding, Fengwei Zhang*
  In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P'22), San Francisco, CA, May 2022.
  


• SOTER: Guarding Black-box Inference for General Neural Networks at the Edge  
  Tianxiang Shen, Ji Qi, Jianyu Jiang, Xian Wang, Siyuan Wen, Xusheng Chen, Shixiong Zhao, Sen Wang, Li Chen, Xiapu Luo, Fengwei Zhang, and Heming Cui
  In Proceedings of the 2022 USENIX Annual Technical Conference (ATC'22), San Francisco, CA, July 2022.
  


• Speedster: An Efficient Multi-party State Channel via Enclaves  
  Jinghui Liao, Fengwei Zhang*, Wenhai Sun, and Weisong Shi
  In Proceedings of the 17th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'22), Nagasaki, Japan, May 2022.
  


• RetTag: Hardware-assisted Return Address Integrity on RISC-V   [slides]
  Yu Wang, Jinting Wu, Tai Yue, Zhenyu Ning*, and Fengwei Zhang
  In Proceedings of the 15th European Workshop on Systems Security (EuroSec'22), in conjunction with the European Conference on Computer Systems (EuroSys'22), Rennes, France, April 2022.


• Revisiting ARM Debugging Features: Nailgun and Its Defense  
  Zhenyu Ning, Chenxu Wang, Yinhua Chen, Fengwei Zhang*, and Jiannong Cao
  In IEEE Transactions on Dependable and Secure Computing (TDSC'22), 2022. Impact Factor: 6.404.
  


• Securing Big Data Scientific Workflows via Trusted Heterogeneous Environments  
  Saeid Mofradˆ, Ishtiaq Ahmedˆ, Fengwei Zhang*, Shiyong Lu, Ping Yang, and Heming Cui
  In IEEE Transactions on Dependable and Secure Computing (TDSC'21), 2021. Impact Factor: 6.404.
  


• Efficient and DoS-resistant Consensus for Permissioned Blockchains  [slides]
  Xusheng Chen, Shixiong Zhao, Ji Qi, Jianyu Jiang, Haoze Song, Cheng Wang, Tsz On Li, Hubert Chan, Fengwei Zhang, Xiapu Luo, Sen Wang, Gong Zhang, and Heming Cui
  In Proceedings of the 39th International Symposium on Computer Performance, Modeling, Measurements and Evaluation (Performance'21), Politecnico Di Milano, Italy, November 2021.
  


• A Novel Memory Management for RISC-V Enclaves   [slides]
  Haonan Liˆ, Weijie Huangˆ, Mingde Ren, Hongyi Lu, Zhenyu Ning*, Heming Cui, and Fengwei Zhang
  In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP'21), in conjunction with the 54th IEEE/ACM International Symposium on Microarchitecture (MICRO'21), October 2021.


• Position Paper: Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research  
  Rabimba Karanjai, Weidong Shi, Lei Xu, Lin Chen, Fengwei Zhang, and Zhimin Gao
  In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP'21), in conjunction with the 54th IEEE/ACM International Symposium on Microarchitecture (MICRO'21), October 2021.


• Vacuum: An Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile Devices  
  Li Yang, Cheng Li, Teng Wei, Fengwei Zhang, Jianfeng Ma, and Naixue Xiong
  In IEEE Internet of Things Journal (IoTJ'21), 2021. 5-Year Impact Factor: 11.705.


• Keynote Talk: BadUSB-C: Revisiting BadUSB with Type-C  
  Fengwei Zhang
  In Proceedings of the 1st International Symposium on Advanced Security on Software and Systems(ASSS'21), in conjunction with the 16th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'21), Hong Kong, China, June 2021.
  Extended Our WOOT 2021 Paper with teaching materials of CS 315 Computer Security course.


• BadUSB-C: Revisiting BadUSB with Type-C  [slides]
  Hongyi Lu, Yechang Wu, Shuqing Li, You Lin, Chaozu Zhang, and Fengwei Zhang*
  In Proceedings of the 15th Workshop On Offensive Technologies (WOOT'21), in conjunction with the 42nd IEEE Symposium on Security and Privacy (S&P'21), May 2021.
  This work is a course project from my CS 315 Computer Security Class, all co-authors are undergraduates in the class.
  CVE-2021-22325.


• A Coprocessor-based Introspection Framework via Intel Management Engine  
  Lei Zhou, Fengwei Zhang*, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, and Guojun Wang
  In IEEE Transactions on Dependable and Secure Computing (TDSC'21), Vol.18, No.4, pp.1920-1932, 2021. Impact Factor: 6.404.


• Happer: Unpacking Android Apps via a Hardware-Assisted Approach  
  Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, and Man Ho Au
  In Proceedings of the 42nd IEEE Symposium on Security and Privacy (S&P'21), May 2021.

Recent Professional Services

Program Organization

[CCS]: Proceedings Co-Chair, ACM Conference on Computer and Communications Security, 2022.

[ML4CS]: General Chair, International Conference on Machine Learning for Cyber Security, 2020.

[EuroSec]: Publicity Chair, European Workshop on Systems Security, 2018, 2019.

[IWCSS]: Program Co-Chair, International Workshop on Cyberspace Security, 2019.

[CCSW]: Publicity Chair, ACM Cloud Computing Security Workshop, 2017.

Program Committee Membership

[S&P]: IEEE Symposium on Security and Privacy (“Oakland”), 2021, 2022, 2023.

[USENIX-Security]: USENIX Security Symposium, 2021, 2022, 2023.

[CCS]: ACM Conference on Computer and Communications Security, 2017, 2018, 2019, 2020, 2022.

[NDSS]: ISOC Network and Distributed System Security Symposium, 2023.

[DAC]: IEEE/ACM Design Automation Conference, 2022, 2023.

[ACSAC]: Annual Computer Security Applications Conference, 2016, 2017, 2018, 2019, 2020, 2021, 2022.

[DSN]: IEEE/IFIP International Conference on Dependable Systems and Networks, 2020, 2021, 2023.

[ESORICS]: European Symposium on Research in Computer Security, 2020, 2021.

[AsiaCCS]: ACM ASIA Conference on Computer and Communications Security, 2021, 2022.

[WiSec]: ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2019, 2020, 2022.

[ARES]: International Conference on Availability, Reliability and Security, 2020.

[HPBD&IS]: International Conference on High Performance Big Data and Intelligent Systems, 2020.

[EuroSec]: European Workshop on Systems Security, 2018, 2019, 2020, 2021.

[AutoSec]: International Workshop on Automotive and Autonomous Vehicle Security, 2021, 2022.

[MASS]: IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2018, 2019.

[SecureComm]: EAI International Conference on Security and Privacy in Communication Networks, 2018.

[ICICS]: International Conference on Information and Communications Security, 2018, 2021.

[IoTSSP]: ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy, 2018.

[ICC]: IEEE International Conference on Communications, 2018.

[CCSW]: ACM Cloud Computing Security Workshop, 2017.

[HASP]: Hardware and Architectural Support for Security and Privacy, 2017.

[ICPADS]: IEEE International Conference on Parallel and Distributed Systems, 2016.

[DependSys]: Symposium on Dependability in Sensor, Cloud, and Big Data Systems and Applications, 2016.

Artifact Evaluation Committee

[USENIX-Security]: USENIX Security Symposium, 2020.

[ACSAC]: Annual Computer Security Applications Conference, 2019, 2020, 2022.

[WOOT]: USENIX Workshop on Offensive Technologies, 2019.

---

Thesis

• Using Hardware Isolated Execution Environments for Securing Systems  [bib]