Fengwei Zhang Associate Professor Director, COMPASS Lab Department of Computer Science and Engineering Southern University of Science and Technology Contact: Innovation Park, Building 10, Room 501 1088 Xueyuan Ave, Nanshan District Shenzhen, Guangdong Province, China 518055 Phone: (+86) (0755) 88015160 Email: zhangfw [at] sustech dot edu dot cn Lab: Innovation Park, Building 10, Suite 501 [Curriculum Vitae]

---

As of September 2019, I am a tenure-track Associate Professor at Department of Computer Science and Engineering at Southern University of Science and Technology (SUSTech). My primary research interests are in the areas of systems security, with a focus on trustworthy execution, hardware-assisted security, debugging transparency, transportation security, and plausible deniability encryption.

Before joining SUSTech, I spent four wonderful years as an Assistant Professor at Department of Computer Science at Wayne State University. I earned my Ph.D. in Computer Science from George Mason University in April 2015.

I am looking for graduate students, postdocs, undergraduate students to work with me on exciting projects in systems security. If you are interested, please send me your CV. Multiple fully funded positions are available [Hire Link, 招聘启示] [2020 SUSTech PhD Scholarship For International Students].

---

Teaching

• Fall 2019: CS 315, Computer Security

• Previous Semesters: [full list]

---

Selected Recent Publications [full list]

Authors with a star * are student mentored by me in my lab.

• SecDATAVIEW: A Secure Big Data Workflow Management System for Heterogeneous Computing Environments
  [Artifacts Evaluated – Functional]
  [Source Code]
  Saeid Mofrad*, Ishtiaq Ahmed, Shiyong Lu, Ping Yang, Heming Cui, and Fengwei Zhang
  To Appear In Proceedings of The 35th Annual Computer Security Applications Conference (ACSAC'19), San Juan, Puerto Rico, December, 2019.
  


• Defeating Speculative-Execution Attacks on SGX with HyperRace
  Guoxing Chen, Mengyuan Li, Fengwei Zhang, and Yinqian Zhang
  To Appear In Proceedings of The 2019 IEEE Conference on Dependable and Secure Computing (IDSC'19), Hangzhou, China, November, 2019.
  


• SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture  [slides]
  Zhenyu Ning*, Yinqian Zhang, and Fengwei Zhang
  In The 1st China RISC-V Forum (CRVF'19), Shenzhen, China, November, 2019.
  


• A Study of the Multiple Sign-in Feature in Web Applications
  Marwan Albahar, Xing Gao, Gaby G. Dagher, Daiping Liu, Fengwei Zhang, and Jidong Xiao
  In Proceedings of The 15th EAI International Conference on Security and Privacy in Communication Networks (SecureComm'19), Short paper, Orlando, Florida, October, 2019.
  


• Nighthawk: Transparent System Introspection from Ring -3  [slides]
  Lei Zhou*, Jidong Xiao, Kevin Leach, Westley Weimer, Fengwei Zhang, and Guojun Wang
  In Proceedings of The 24th European Symposium on Research in Computer Security (ESORICS'19), Luxembourg, September, 2019.
  


• Understanding the Security of Traffic Signal Infrastructure  [slides]
  Zhenyu Ning*, Fengwei Zhang, and Stephen Remias
  In Proceedings of The 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'19), Gothenburg, Sweden, June, 2019.
  


• Understanding the Security of ARM Debugging Features  [slides]
  Zhenyu Ning* and Fengwei Zhang
  In Proceedings of The 40th IEEE Symposium on Security & Privacy (S&P'19), San Francisco, California, May, 2019.
  Nailgun project is online! [Web] [PoC] [Video1] [Video2]
  CVE-2018-18068.


• Hardware-assisted Transparent Tracing and Debugging on ARM  [bib]
  Zhenyu Ning* and Fengwei Zhang
  In IEEE Transactions on Information Forensics & Security (TIFS'19), Vol.14, No.6, pp.1595-1609, 2019. Impact Factor: 5.824 (11/2018).


• Methods and Systems for Increased Debugging Transparency  [bib]
  Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang
  U.S. Patent Number 10,127,137. Issued on November 13, 2018.


• Preliminary Study of Trusted Execution Environments on Heterogeneous Edge Platforms  [bib]
  Zhenyu Ning*, Jinghui Liao*, Fengwei Zhang, and Weisong Shi
  In Proceedings of The 1st ACM/IEEE Workshop on Security and Privacy in Edge Computing (EdgeSP'18), in conjunction with The 3rd ACM/IEEE Symposium on Edge Computing (SEC'18), Bellevue, Washington, October, 2018.


• A Comparison Study of Intel SGX and AMD Memory Encryption Technology  [bib]
  Saeid Mofrad*, Fengwei Zhang, Shiyong Lu, and Weidong Shi
  In Proceedings of The Hardware and Architectural Support for Security and Privacy (HASP'18), in conjunction with The 45th International Symposium on Computer Architecture (ISCA'18), Los Angeles, California, June, 2018.


• DexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis  [bib]
  Zhenyu Ning* and Fengwei Zhang
  In Proceedings of The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'18), Luxembourg, June, 2018.


• MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices  [bib]
  Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching
  In Proceedings of The 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'18), Luxembourg, June, 2018.


• Transparent Malware Debugging on x86 and ARM  [bib]
  Zhenyu Ning* and Fengwei Zhang
  In DEF CON China Hacking Conference, Beijing, China, May, 2018.


• SADUS: Secure Data Deletion in User Space for Mobile Devices  [bib]
  Li Yang, Teng Wei, Fengwei Zhang, Jianfeng Ma
  In Elsevier Computers & Security (CompSec'18), Vol.77, pp.612-626, 2018. Impact Factor: 2.849.


• FINE-CFI: Fine-grained Control-Flow Integrity for Operating System Kernels  [bib]
  Jinku Li, Xiaomeng Tong, Fengwei Zhang, and Jianfeng Ma
  In IEEE Transactions on Information Forensics & Security (TIFS'18), Vol.13, No.6, pp.1535-1550, 2018. Impact Factor: 4.332.


• User-Friendly Deniable Storage for Mobile Devices  [bib]
  Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, and Zhan Wang
  In Elsevier Computers & Security (CompSec'18), Vol.72, pp.163-174, 2018. Impact Factor: 2.849.


• Towards Transparent Debugging  [bib]
  Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang
  In IEEE Transactions on Dependable and Secure Computing (TDSC'18), Vol.15, No.2, pp.321-335, 2018. Impact Factor: 4.410.


• Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices  [bib]
  Le Guan, Shijie Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin, Peng Liu, Xinyu Xing, and Luning Xia
  In Proceedings of The 33rd Annual Computer Security Application Conference (ACSAC'17), Orlando, Florida, December, 2017 (Distinguished Paper Award).


• Ninja: Towards Transparent Tracing and Debugging on ARM  [bib]
  Zhenyu Ning* and Fengwei Zhang
  In Proceedings of The 26th USENIX Security Symposium (USENIX-Security'17), Vancouver, BC, Canada, August, 2017.


• Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage  [bib]
  Kevin Leach, Fengwei Zhang, and Westley Weimer
  In Proceedings of The 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID'17), Atlanta, Georgia, September, 2017.

Recent Professional Services

Program Organization

[EuroSec]: Publicity Chair, European Workshop on Systems Security, 2019, 2018.

[IWCSS]: Program Co-Chair, International Workshop on Cyberspace Security, 2019.

[CCSW]: Publicity Chair, ACM Cloud Computing Security Workshop, 2017.

Program Committee Membership

[CCS]: ACM Conference on Computer and Communications Security, 2020, 2019, 2018, 2017.

[ACSAC]: Annual Computer Security Applications Conference, 2019, 2018, 2017, 2016.

[DSN]: IEEE/IFIP International Conference on Dependable Systems and Networks, 2020.

[ESORICS]: European Symposium on Research in Computer Security, 2020.

[HPBD&IS]: International Conference on High Performance Big Data and Intelligent Systems, 2020.

[WiSec]: ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2019.

[EuroSec]: European Workshop on Systems Security, 2019, 2018.

[MASS]: IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2019, 2018.

[SecureComm]: EAI International Conference on Security and Privacy in Communication Networks, 2018.

[ICICS]: International Conference on Information and Communications Security, 2018.

[IoTSSP]: ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy, 2018.

[ICC]: IEEE International Conference on Communications, 2018.

[CCSW]: ACM Cloud Computing Security Workshop, 2017.

[HASP]: Hardware and Architectural Support for Security and Privacy, 2017.

[ICPADS]: IEEE International Conference on Parallel and Distributed Systems, 2016.

[DependSys]: Symposium on Dependability in Sensor, Cloud, and Big Data Systems and Applications, 2016.

Artifact Evaluation Committee

[USENIX-Security]: USENIX Security Symposium, 2020.

[ACSAC]: Annual Computer Security Applications Conference, 2019.

[WOOT]: USENIX Workshop on Offensive Technologies, 2019.

---

Thesis

• Using Hardware Isolated Execution Environments for Securing Systems  [bib]