DScope: To Reliably and Securely Acquire Live Data from Kernel-Compromised ARM Devices, ESORICS 2023 (to appear)

SMILE: Secure Memory Introspection for Live Enclave, IEEE S&P 2022

T-counter: Trustworthy and efficient CPU resource measurement using SGX in the cloud, IEEE TDSC 2022

A Coprocessor-based Introspection Framework via Intel Management Engine, IEEE TDSC 2021

On the Root of Trust Identification Problem, ACM/IEEE IPSN 2021

A Novel Dynamic Analysis Infrastructure to Instrument Untrusted Execution Flow Across User-Kernel Spaces , IEEE S&P 2021, (presentation in Blackhat 2022)

FIMCE:A Fully Isolated Micro-Computing Environment For Multicore Systems, ACM TOPS Vol 21, No. 3, April 2018

Presence Attestation: The Missing Link In Dynamic Trust Bootstrapping, ACM CCS 2017

Seeing Through The Same Lens: Introspecting Guest Address Space At Native Speed, USENIX Security 2017

On the Effectiveness of Virtualization Based Memory Isolation on Multicore Platforms, EuroS&P 2017

HBinder: A Hardened Binder Framework on Android Systems, SECURECOMM 2016

SuperCall: A Secure Interface For Isolated Execution Environment to Dynamically Use External Services, SECURECOMM 2015

Efficient Virtualization-Based Application Protection Against Untrusted Operating System, ASIACCS 2015

Guardian: Hypervisor as Security Foothold for Personal Computers, TRUST 2013

Virtualization Based Password Protection Against Malware In Untrusted Operating Systems, TRUST 2012

DriverGuard: A Fine-grained Protection On I/O Flow, ESORICS 2011, (a journal version in TISSEC 2013)

KRover: A Symbolic Execution Engine for Dynamic Kernel Analysis CCS 2023 (to appear)

How to Resuscitate a Sick VM in the Cloud DSN 2023, Disrupt 23

ScriptChecker: To Tame Third-party Script Execution with Task Capabilities NDSS 2022

Catch You With Cache: Out-of-VM Introspection to Trace Malicious Execution IEEE/IFIP DSN 2021

To Detect Stack Buffer Overflow With Polymorphic Canaries, DSN 2018

Hardware Assisted Fine-grained Code Reuse Attack Detection, RAID 2015

ROPecker: A Generic and Practical Approach For Defending Against ROP Attack, NDSS 2014

Remote Attestation on Function Execution, INTRUST 2009,

Remote Attestation on Program Execution, ACM CCS Workshop on Scalable Trusted Computing (STC), 2008

Privacy-preserving Ad-Hoc Equi-Join on Outsourced Data, ACM TODS 2014

Verifiable and Private Top-k Monitoring (short paper), ACM ASIACCS 2013

Database Access Pattern Protection Without Full-shuffles, IEEE TIFS 2011

Embellishing Text Search Queries to Protect User Privacy, VLDB 2010

Genomic Security (Lest We Forget) , IEEE Security & Privacy, Oct 2017, Volume 15, Issue 5

Achieving Revocable Fine-Grained Cryptographic Access Control over Cloud Data, ISC 2013

A Generic Construction of Accountable Decryption and Its Applications, ACISP 2012 (Best student paper award)

On Security of Content-Based Video Stream Authentication, ESORICS 2015

A hybrid scheme for authenticating scalable video codestreams, IEEE TIFS 2014

Efficient authentication and access control of scalable multimedia streams over packet-lossy networks, SCN 2014

No Tradeoff Between Confidentiality and Performance: An Analysis On H.264/SVC Partial Encryption, IFIP CMS'12 (Best paper award)