Xuhua DING

Associate Professor
School of Information Systems
Singapore Management University

Tel: +65-68280683    Fax: +65-68280913

I joined the School of Information Systems of Singapore Management University after receiving my Ph.D. degree in Computer Science from USC with most of my research done at UC Irvine. Before that, I received the B.Eng and M.Sc from the Shanghai Jiao Tong University. (A full CV is here.)

My team
are currently inspired to design a user-centric trust anchor in commodity x86 and ARM platforms to counter kernel-level attacks. We have several openings for research engineers/assistants/visiting students. Welcome to send me your CV if interested in joining us!

Research  (system security, applied cryptography on privacy preserving, multimedia security

System security  I am interested in building secure and trustworthy systems to counter attacks from malicious software from both the application and kernel levels. I have worked on the following projects in the recent years.
SuperCall: A Secure Interface For Isolated Execution Environment to Dynamically Use External Services, SECURECOMM 2015
Hardware Assisted Fine-grained Code Reuse Attack Detection,  RAID 2015
Efficient Virtualization-Based Application Protection Against Untrusted Operating System,  ASIACCS 2015
Guardian: Hypervisor as Security Foothold for Personal Computers TRUST 2013
Virtualization Based Password Protection Against Malware In Untrusted Operating Systems TRUST 2012
DriverGuard: A Fine-grained Protection On I/O Flow, ESORICS 2011, TISSEC

ROPecker: A Generic and Practical Approach For Defending Against ROP Attack,  NDSS 2014
Remote Attestation on Function Execution, INTRUST 2009,
Remote Attestation on Program Execution, ACM CCS Workshop on Scalable Trusted Computing (STC), 2008

Coercion Resistance in Authentication Responsibility Shifting, ASIACCS 2012 (short paper)
On Trustworthiness of CPU Usage Metering and Accounting, IEEE ICDCS Workshop on Security and Privacy in Cloud Computing (SPCC) 2010

Applied cryptography and privacy protection My primary interest in applied cryptography is to protect data privacy in various database and network applications.
Privacy-preserving Ad-Hoc Equi-Join on Outsourced Data, ACM TODS 2014
Verifiable and Private Top-k Monitoring (short paper), ACM ASIACCS 2013
Database Access Pattern Protection Without Full-shuffles, IEEE TIFS 2011
Embellishing Text Search Queries to Protect User Privacy,  VLDB 2010

          Achieving Revocable Fine-Grained Cryptographic Access Control over Cloud Data, ISC 2013        
          A Generic Construction of Accountable Decryption and Its Applications, ACISP 2012 (Best student paper award)

Multimedia security
In this area, my research focuses on protecting confidentiality and integrity of H.264/SVC streams.

          On Security of Content-Based Video Stream Authentication, ESORICS 2015
          A hybrid scheme for authenticating scalable video codestreams, IEEE TIFS 2014
          Efficient authentication and access control of scalable multimedia streams over packet-lossy networks, SCN 2014
          No Tradeoff Between Confidentiality and Performance: An Analysis On H.264/SVC Partial Encryption, IFIP CMS'12 (Best paper award)

(updated on March 2015)