Xuhua DING

Associate Professor
School of Information Systems
Singapore Management University

Tel: +65-68280683 Fax: +65-68280913





I joined the School of Information Systems of Singapore Management University after receiving my Ph.D. degree in Computer Science from USC with most of my research done at UC Irvine. Before that, I received the B.Eng and M.Sc from the Shanghai Jiao Tong University. (A full CV is here.)

My team are inspired to design a user-centric trust anchor in commodity x86 and ARM platforms to counter kernel-level attacks. We have several openings for research engineers/assistants/visiting students. Welcome to send me your CV if interested in joining us!

Research Areas: system security, applied cryptography on privacy preserving, multimedia security

System security I am interested in building secure and trustworthy systems to counter attacks from malicious software in user space and/or the kernel. Recent publications are listed below.

(NEW) Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping, ACM CCS 2017

Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed, USENIX Security 2017

On the Effectiveness of Virtualization Based Memory Isolation on Multicore Platforms, EuroS&P 2017

HBinder: A Hardened Binder Framework on Android Systems, SECURECOMM 2016

SuperCall: A Secure Interface For Isolated Execution Environment to Dynamically Use External Services, SECURECOMM 2015

Efficient Virtualization-Based Application Protection Against Untrusted Operating System, ASIACCS 2015

Guardian: Hypervisor as Security Foothold for Personal Computers, TRUST 2013

Virtualization Based Password Protection Against Malware In Untrusted Operating Systems, TRUST 2012

DriverGuard: A Fine-grained Protection On I/O Flow, ESORICS 2011, (a journal version in TISSEC 2013)

Hardware Assisted Fine-grained Code Reuse Attack Detection, RAID 2015

ROPecker: A Generic and Practical Approach For Defending Against ROP Attack, NDSS 2014

Remote Attestation on Function Execution, INTRUST 2009,

Remote Attestation on Program Execution, ACM CCS Workshop on Scalable Trusted Computing (STC), 2008

Coercion Resistance in Authentication Responsibility Shifting, ASIACCS 2012 (short paper)

On Trustworthiness of CPU Usage Metering and Accounting, IEEE ICDCS Workshop on Security and Privacy in Cloud Computing (SPCC) 2010


Applied cryptography and privacy protection My primary interest in applied cryptography is to protect data privacy in various database and network applications.

Privacy-preserving Ad-Hoc Equi-Join on Outsourced Data, ACM TODS 2014

Verifiable and Private Top-k Monitoring (short paper), ACM ASIACCS 2013

Database Access Pattern Protection Without Full-shuffles, IEEE TIFS 2011

Embellishing Text Search Queries to Protect User Privacy, VLDB 2010

(NEW) Genomic Security (Lest We Forget) , IEEE Security & Privacy, Oct 2017 (to appear)

Achieving Revocable Fine-Grained Cryptographic Access Control over Cloud Data, ISC 2013

A Generic Construction of Accountable Decryption and Its Applications, ACISP 2012 (Best student paper award)


Multimedia security In this area, my research focuses on protecting confidentiality and integrity of H.264/SVC streams.

On Security of Content-Based Video Stream Authentication, ESORICS 2015

A hybrid scheme for authenticating scalable video codestreams, IEEE TIFS 2014

Efficient authentication and access control of scalable multimedia streams over packet-lossy networks, SCN 2014

No Tradeoff Between Confidentiality and Performance: An Analysis On H.264/SVC Partial Encryption, IFIP CMS'12 (Best paper award)



(updated on August 2017)