Fengwei Zhang Associate Professor Director, COMPASS Lab Department of Computer Science and Engineering Southern University of Science and Technology Contact: Room 515, South Tower, College of Engineering 1088 Xueyuan Ave, Nanshan District Shenzhen, Guangdong Province, China 518055 Phone: (+86) (755) 88015160 Email: zhangfw [at] sustech dot edu dot cn Lab: Room 441A, South Tower, College of Eng. [Curriculum Vitae]

---

As of September 2019, I am a tenure-track Associate Professor at Department of Computer Science and Engineering at Southern University of Science and Technology (SUSTech). My primary research interests are in the areas of systems security, with a focus on trustworthy execution, hardware-assisted security, debugging transparency, transportation security, and plausible deniability encryption.

Before joining SUSTech, I spent four wonderful years as an Assistant Professor at Department of Computer Science at Wayne State University (WSU). I earned my Ph.D. in Computer Science from George Mason University in April 2015.


    My research group: [COMPASS@SUSTech] [COMPASS@WSU].


I am looking for graduate students, postdocs, undergraduate students to work with me on exciting projects in systems security. If you are interested, please send me your CV. Multiple fully funded positions are available [Hire Link, 招聘启示] [SUSTech Ph.D. Scholarship For International Students].

Multiple Postdoc Openings.

---

Teaching

• Fall 2021: CS 315, Computer Security
• Spring 2021: CS 102A, Introduction to Computer Programming

• Previous Semesters: [full list]

---

Selected Recent Publications [full list]

Authors with "_" is student/scholar in my lab or courses; ˆ indicates equal contribution; * indicates the corresponding author.

• Securing Big Data Scientific Workflows via Trusted Heterogeneous Environments.  
  Saeid Mofradˆ, Ishtiaq Ahmedˆ, Fengwei Zhang*, Shiyong Lu, Ping Yang, and Heming Cui
  To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC'21), 2021. Impact Factor: 6.404.
  


• Efficient and DoS-resistant Consensus for Permissioned Blockchains  
  Xusheng Chen, Shixiong Zhao, Ji Qi, Jianyu Jiang, Haoze Song, Cheng Wang, Tsz On Li, Hubert Chan, Fengwei Zhang, Xiapu Luo, Sen Wang, Gong Zhang, and Heming Cui
  To Appear In Proceedings of the 39th International Symposium on Computer Performance, Modeling, Measurements and Evaluation (Performance'21), Politecnico Di Milano, Italy, November, 2021.
  


• A Novel Memory Management for RISC-V Enclaves  
  Haonan Liˆ, Weijie Huangˆ, Mingde Ren, Hongyi Lu, Zhenyu Ning*, Heming Cui, and Fengwei Zhang
  To Appear In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP'21), in conjunction with the 54th IEEE/ACM International Symposium on Microarchitecture (MICRO'21), October, 2021.


• Position Paper: Lessons Learned from Blockchain Applications of Trusted Execution Environments and Implications for Future Research  
  Rabimba Karanjai, Weidong Shi, Lei Xu, Lin Chen, Fengwei Zhang, and Zhimin Gao
  To Appear In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP'21), in conjunction with the 54th IEEE/ACM International Symposium on Microarchitecture (MICRO'21), October, 2021.


• Vacuum: An Efficient and Assured Deletion Scheme for User Sensitive Data on Mobile Devices  
  Li Yang, Cheng Li, Teng Wei, Fengwei Zhang, and Jianfeng Ma
  To Appear In IEEE Internet of Things Journal (IoTJ'21), 2021. 5-Year Impact Factor: 11.705.


• Keynote Talk: BadUSB-C: Revisiting BadUSB with Type-C  
  Fengwei Zhang
  In Proceedings of the 1st International Symposium on Advanced Security on Software and Systems(ASSS'21), in conjunction with the 16th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'21), Hong Kong, China, June, 2021.
  Extended Our WOOT 2021 Paper with teaching materials of CS 315 Computer Security course.


• Speedster: A TEE-assisted State Channel System  
  Jinghui Liao, Fengwei Zhang*, Wenhai Sun, and Weisong Shi
  [Paper draft]


• BadUSB-C: Revisiting BadUSB with Type-C  [slides]
  Hongyi Lu, Yechang Wu, Shuqing Li, You Lin, Chaozu Zhang, and Fengwei Zhang*
  In Proceedings of the 15th Workshop On Offensive Technologies (WOOT'21), in conjunction with the 42nd IEEE Symposium on Security and Privacy (S&P'21), May, 2021.
  This work is a course project from my CS 315 Computer Security Class, all co-authors are undergraduates in the class.
  CVE-2021-22325.


• A Coprocessor-based Introspection Framework via Intel Management Engine  
  Lei Zhou, Fengwei Zhang*, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, and Guojun Wang
  In IEEE Transactions on Dependable and Secure Computing (TDSC'21), Vol.18, No.4, pp.1920-1932, 2021. Impact Factor: 6.404.


• Happer: Unpacking Android Apps via a Hardware-Assisted Approach  
  Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, and Man Ho Au
  In Proceedings of the 42nd IEEE Symposium on Security and Privacy (S&P'21), May, 2021.


• An Attribute-Isolated Secure Communication Architecture for Intelligent Connected Vehicles  
  Mu Han, Ailan Wan, Fengwei Zhang, and Shidian Ma
  To Appear In IEEE Transactions on Intelligent Vehicle (T-IV'20), 2020. Impact Factor: 7.420.


• DAENet: Making Strong Anonymity Scale in a Fully Decentralized Network  
  Tianxiang Shen, Jianyu Jiang, Yunpeng Jiang, Xusheng Chen, Ji Qi, Shixiong Zhao, Fengwei Zhang*, Xiapu Luo, and Heming Cui*
  To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC'20), 2020. Impact Factor: 6.404.


• E-SGX: Cache Side-Channel Protection for Intel SGX on Untrusted OS  
  Fan Lang, Huorong Li, Wei Wang, Jingqiang Lin, Fengwei Zhang, Wuqiong Pan, and Qiongxiao Wang
  In Proceedings of the 16th International Conference on Information Security and Cryptology (Inscrypt'20), Guangzhou, China, December, 2020.
  


• SEED: Confidential Big Data Workflow Scheduling with Intel SGX Under Deadline Constraints  [slides] [video]
  Ishtiaq Ahmed, Saeid Mofrad, Shiyong Lu, Changxin Bai, Fengwei Zhang*, and Dunren Che
  In Proceedings of the IEEE International Conference on Services Computing (SCC'20), Beijing, China, October, 2020.
  


• HART: Hardware-assisted Kernel Module Tracing on Arm  [slides] [1-minute video] [15-minutes video]
  Yunlan Duˆ, Zhenyu Ningˆ, Jun Xu, Zilong Wang, Yueh-Hsun Lin, Fengwei Zhang*, Xinyu Xing, and Bing Mao
  In Proceedings of the 25th European Symposium on Research in Computer Security (ESORICS'20), Guildford, United Kingdom, September, 2020. (ˆ These authors contributed equally to this work).
  


• Uranus: Simple, Efficient SGX Programming and Its Applications
  Jianyu Jiang, Xusheng Chen, Tze On Li, Cheng Wang, Tianxiang Shen, Shixiong Zhao, Heming Cui, Cho-Li Wang, Fengwei Zhang
  In Proceedings of the 15th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'20), Taipei, Taiwan, October, 2020.
  


• KShot: Live Kernel Patching with SMM and SGX  [slides] [1-minute video] [video in Chinese]
  Lei Zhou, Fengwei Zhang*, Jinghui Liao, Zhenyu Ning, Jidong Xiao, Kevin Leach, Westley Weimer, and Guojun Wang
  In Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'20), Valencia, Spain, June, 2020 (Runner-up Best Paper Award, 3 out of 291 submissions).
  


• RansomSpector: An Introspection-Based Approach to Detect Crypto Ransomware  
  Fei Tang, Boyang Ma, Jinku Li, Fengwei Zhang, Jipeng Su, Jianfeng Ma
  To Appear In Elsevier Computers & Security (CompSec'20), 2020. Impact Factor: 3.579.


• Nailgun: Breaking Privilege Isolation on ARM, 钉枪：突破ARM特权隔离
  Fengwei Zhang and Zhenyu Ning, 张锋巍,宁振宇
  In Communications of China Computer Federation (CCCF'20),《中国计算机学会通讯》Vol.16, No.1, pp.51-54, 2020.

Recent Professional Services

Program Organization

[ML4CS]: General Chair, International Conference on Machine Learning for Cyber Security, 2020.

[EuroSec]: Publicity Chair, European Workshop on Systems Security, 2018, 2019.

[IWCSS]: Program Co-Chair, International Workshop on Cyberspace Security, 2019.

[CCSW]: Publicity Chair, ACM Cloud Computing Security Workshop, 2017.

Program Committee Membership

[S&P]: IEEE Symposium on Security and Privacy (“Oakland”), 2021, 2022.

[USENIX-Security]: USENIX Security Symposium, 2021, 2022.

[DAC]: Design Automation Conference, 2022.

[CCS]: ACM Conference on Computer and Communications Security, 2017, 2018, 2019, 2020.

[ACSAC]: Annual Computer Security Applications Conference, 2016, 2017, 2018, 2019, 2020, 2021.

[DSN]: IEEE/IFIP International Conference on Dependable Systems and Networks, 2020, 2021.

[ESORICS]: European Symposium on Research in Computer Security, 2020, 2021.

[AsiaCCS]: ACM ASIA Conference on Computer and Communications Security, 2021, 2022.

[WiSec]: ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2019, 2020.

[ARES]: International Conference on Availability, Reliability and Security, 2020.

[HPBD&IS]: International Conference on High Performance Big Data and Intelligent Systems, 2020.

[EuroSec]: European Workshop on Systems Security, 2018, 2019, 2020, 2021.

[AutoSec]: International Workshop on Automotive and Autonomous Vehicle Security, 2021.

[MASS]: IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2018, 2019.

[SecureComm]: EAI International Conference on Security and Privacy in Communication Networks, 2018.

[ICICS]: International Conference on Information and Communications Security, 2018, 2021.

[IoTSSP]: ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy, 2018.

[ICC]: IEEE International Conference on Communications, 2018.

[CCSW]: ACM Cloud Computing Security Workshop, 2017.

[HASP]: Hardware and Architectural Support for Security and Privacy, 2017.

[ICPADS]: IEEE International Conference on Parallel and Distributed Systems, 2016.

[DependSys]: Symposium on Dependability in Sensor, Cloud, and Big Data Systems and Applications, 2016.

Artifact Evaluation Committee

[USENIX-Security]: USENIX Security Symposium, 2020.

[ACSAC]: Annual Computer Security Applications Conference, 2019, 2020.

[WOOT]: USENIX Workshop on Offensive Technologies, 2019.

---

Thesis

• Using Hardware Isolated Execution Environments for Securing Systems  [bib]