New Papers at ACSAC 2024, Usenix 2025
[36] Junqi Zhang, Shaoyin Cheng, Linqing Hu, Jie Zhang, Chengyu Shi, Xingshuo Han, Tianwei Zhang, Yueqiang Cheng, Weiming Zhang, The Ghost Navigator: Revisiting the Hidden Vulnerability of Localization in Autonomous Driving, Usenix Security, 2025
[35] Andrew Bao, Wenjia Zhao, Yanhao Wang, Yueqiang Cheng, Stephen McCamant, From Alarms to Real Bugs: Multi-target Multi-step Directed Greybox Fuzzing for Static Analysis Result Verification, Usenix Security, 2025
[34] Xiangxin Guo, Shijie Jia, Jingqiang Lin, Yuan Ma, Fangyu Zheng, Guangzheng Li, Bowen Xu, Yueqiang Cheng, Kailiang Ji, CryptoPyt: Unraveling Python Cryptographic APIs Misuse With Precise Static Taint Analysis, ACSAC, 2024
[33] Zhi Zhang, Decheng Chen, Jiahao Qi, Yueqiang Cheng, Shijie Jiang, Yiyang Lin, Yansong Gao, Surya Nepal, Yi Zou, Jiliang Zhang, Yang Xiang, SoK: Rowhammer on Commodity Operating Systems, AsiaCCS, 2024
[32] Xiaohan Zhang, Jinwen Wang, Yueqiang Cheng, Qi Li, Kun Sun, Yao Zheng, Ning Zhang, Xinghua Li: Interface-Based Side Channel in TEE-Assisted Networked Services. IEEE/ACM Trans. Netw. 32(1): 613-626 (2024)
[31] Liang Liu, Yanan Guo, Yueqiang Cheng, Youtao Zhang, Jun Yang: Generating Robust DNN With Resistance to Bit-Flip Based Adversarial Weight Attack. IEEE Trans. Computers 72(2): 401-413 (2023)
[30] Juan Wang, Jie Wang, Chengyang Fan, Fei Yan, Yueqiang Cheng, Yinqian Zhang, Wenhui Zhang, Mengda Yang, Hongxin Hu: SvTPM: SGX-Based Virtual Trusted Platform Modules for Cloud Computing. IEEE Trans. Cloud Comput. 11(3): 2936-2953 (2023)
[29] Zhi Zhang, Wei He, Yueqiang Cheng*, Wenhao Wang, Yansong Gao, Dongxi Liu, Kang Li, Surya Nepal, Anmin Fu, Yi Zou: Implicit Hammer: Cross-Privilege-Boundary Rowhammer Through Implicit Accesses. IEEE TDSC 20(5): 3716-3733 (2023)
[28] Yanan Guo, Takami Sato, Yulong Cao, Qi Alfred Chen, Yueqiang Cheng: Adversarial Attacks on Adaptive Cruise Control Systems. CPS-IoT Week Workshops 2023: 49-54
[27] Xiaoke Wang, Tao Hui, Lei Zhao, Yueqiang Cheng: Input-Driven Dynamic Program Debloating for Code-Reuse Attack Mitigation. ESEC/SIGSOFT FSE 2023: 934-946
[26] Zhi Zhang*, Yueqiang Cheng*, Minghua Wang, Wei He, Wenhao Wang, Nepal Surya, Yansong Gao, Kang Li, Zhe Wang, Chenggang Wu. . SoftTRR: Protect Page Tables Against RowHammer Attacks using Software-only Target Row Refresh. Usenix ATC, 2022
[25] Yiru Zhao, Xiaoke Wang, Lei Zhao, Yueqiang Cheng, and Heng Yin. 2022. Alphuzz: Monte Carlo Search on Seed-Mutation Tree for Coverage-Guided Fuzzing. In Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC '22). Association for Computing Machinery, New York, NY, USA, 534–547.
[24] Chunlin Xiong, Tiantian Zhu, Weihao Dong, Linqi Ruan, Runqing Yang, Yueqiang Cheng, Yan Chen, Shuai Cheng, Xutong Chen, Conan: A Practical Real-Time APT Detection System With High Accuracy and Efficiency, IEEE TDSC, 2022
[23] Bowen Tang, Chenggang Wu, Zhe Wang, Lichen Jia, Pen-Chung Yew, Yueqiang Cheng, Yinqian Zhang , Chenxi Wang , Guoqing Xu, SPECBOX: A Label-Based Transparent Speculation Scheme Against Transient Execution Attacks, IEEE TDSC, 2022
[22] Yueqiang Cheng, Zhi Zhang, Yansong Gao, Zhaofeng Chen, Shengjian Guo, Qifei Zhang, Rui Mei, Surya Nepal, Yang Xiang, Meltdown-type Attacks Are Still Feasible in the Wall of Kernel Page-Table Isolation, Computers & Security, 2022
[21] Zhi Zhang, Wei He, Yueqiang Cheng, Wenhao Wang, Yansong Gao, Minghua Wang, Kang Li, Surya Nepal, Yang Xiang, BitMine: An End-to-End Tool for Detecting Rowhammer Vulnerability, IEEE TIFS, 2022
[20] Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang L, Yueqiang Cheng, TLB Poisoning Attacks on AMD Secure Encrypted Virtualization, ACSAC, 2021
[19] Yanan Guo, Andrew Zigerelli, Yueqiang Cheng,Youtao Zhang, Jun Yang, Performance-Enhanced Integrity Verification for Large Memories, SEED, 2021 (AMD SEV enhanced scheme)
[18] Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, Yueqiang Cheng, CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via Ciphertext Side Channel, Usenix Security 2021
[17] Tianhao Wang, Joann Qiongna Chen, Zhikun Zhang, Dong Su, Yueqiang Cheng, Zhou Li, Ninghui Li, Somesh Jha, Continuous Release of Data Streams under both Centralized and Local Differential Privacy, CCS 2021
[16] Wubing Wang, Guoxing Chen, Yueqiang Cheng, Yinqian Zhang, Zhiqiang Lin, SPECULARIZER: Uncovering Speculative Execution Attacks via Performance Tracing in Commodity Hardware, DIMVA, 2021
[15] Wei Huang, Shengjie Xu, David Lie, Yueqiang Cheng, Aion Attacks: Exposing Software Timer Problem in Trusted Execution Environment, DIMVA, 2021 (Best Paper)
[14] Zhe Wang, Chenggang Wu, Yinqian Zhang, Bowen Tang, Pen-Chung Yew, Mengyao Xie, Yuanming Lai, Yan Kang, Yueqiang Cheng, Zhiping Shi, Making Information Hiding Effective Again, IEEE TDSC 2021
[13] Zhenxiao Qi, Qian Feng, Yueqiang Cheng, Mengjia Yan, Peng Li, Heng Yin, Tao Wei, SpecTaint: Speculative Taint Analysis for Discovering Spectre Gadgets, NDSS 2021
[12] Runqing Yang, Xutong Chen, Haitao Xu, Yueqiang Cheng*, Yan Chen, Chunlin Xiong, Linqi Ruan, Mohammad Kavousi, Zhenyuan Li, Liheng Xu, RATScope: Recording and Reconstructing Missing RAT Semantic Behaviors for Forensic Analysis on Windows, IEEE TDSC 2021
[11] Yuankun Zhu, Yueqiang Cheng*, Husheng Zhou, Yantao Lu, Hermes Attack: Steal DNN Models with Lossless Inference Accuracy, Usenix Security 2021
[10] Shengjian Guo, Yueqi Chen, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng, Huibo Wang, Exposing Cache Timing Side-channel Leaks throughOut-of-order Symbolic Execution, OOPSLA, 2020
[9]Tianhao Wang, Joann Qiongna Chen, Zhikun Zhang, Dong Su, Yueqiang Cheng, Zhou Li, Ninghui Li, Somesh Jha, Continuous Release of Data Streams under both Centralized and Local Differential Privacy, Preprint Arxiv, 2020
[8] Zhi Zhang, Yueqiang Cheng*, Yansong Gao, Surya Nepal, Dongxi Liu, Yi Zou, Detecting Hardware-assisted Virtualization with Inconspicuous Features, IEEE Transactions on Information Forensics and Security (TIFS), 2020
[7] Chunlin Xiong, Tiantian Zhu, Weihao Dong, Linqi Ruan, Runqing Yang, Yan Chen, Yueqiang Cheng*, Shuai Cheng, Xutong Chen, CONAN: A Practical Real-time APT Detection System with High Accuracy and Efficiency. IEEE Transactions on Dependable and Secure Computing (TDSC), 2020.
[6] Zhi Zhang, Yueqiang Cheng*, Dongxi Liu, Surya Nepal, Zhi Wang, Yuval Yarom, PThammer: Cross-User-Kernel-Boundary Rowhammer through Implicit Accesses, The 53rd IEEE/ACM International Symposium on Microarchitecture (MICRO), 2020
[5] Zhangkai Zhang, Yueqiang Cheng*, Zhoujun Li, Super Root: A New Stealthy Rooting Technique on ARM Devices, ACNS 2020
[4] Minghua Wang, Zhi Zhang, Yueqiang Cheng*, Surya Nepal, DRAMDig: A Knowledge-assisted Tool to Uncover DRAM Address Mapping, the 57th Design Automation Conference (DAC), 2020 [PDF]
[3] Shengjian Guo, Yueqi Chen, Peng Li, Yueqiang Cheng*, Huibo Wang, Meng Wu, Zhiqiang Zuo, SpecuSym: Speculative Symbolic Execution for Cache Timing Leak Validation, 42nd International Conference on Software Engineering (ICSE), 2020 [PDF]
[2] Mustakimur Rahman Khandaker, Yueqiang Cheng*, Zhi Wang, Tao Wei, COIN Attacks: on Insecurity of Enclave Untrusted Interfaces in SGX, ASPLOS 2020 [PDF]
[1] Xiaolan Gu, Ming Li, Yueqiang Cheng*, Li Xiong, Yang Cao, PCKV: Locally Differentially Private Correlated Key-Value Data Collection with Optimized Utility, Usenix Security 2020 [PDF]
Yueqiang Cheng, Zhi Zhang*, Surya Nepal, Zhi Wang. CATTmew: Defeating Software-only Physical Kernel Isolation. IEEE Transactions on Dependable and Secure Computing (TDSC), 2019.
Zhe Wang, Chenggang Wu, Bowen Tang, Pen-Chung Yew, Yinqian Zhang, Yuanming Lai, Yan Kang, Yueqiang Cheng, SafeHidden: An Efficient and Secure Information Hiding Technique Using Re-randomization, Usenix Security, 2019
Mustakimur Khandaker, Abu Naser, Wenqing Liu, Zhi Wang, Yajin Zhou, Yueqiang Cheng, Adaptive Call-site Sensitive Control Flow Integrity, EuroS&P, 2019 (Best Paper)
Peng Qin, Cheng Tan, Lei Zhao, Yueqiang Cheng, Defending Against ROP Attacks with Nearly Zero Overhead, IEEE GlobeComm, 2019 [PDF]
Huibo Wang, Erick Bauman, Vishal Karande, Zhiqiang Lin, Yueqiang Cheng, Yinqian Zhang, Short Paper: Running Language Interpreters Inside SGX: A Lightweight, Legacy-Compatible Script Code Hardening Approach, AsiaCCS 2019
Zhi Zhang, Yueqiang Cheng*, Surya Nepal, Dongxi Liu, Qingni Shen, Fethi Rabhi, KASR: A Reliable and Practical Approach to Attack Surface Reduction of Commodity OS Kernels, RAID, 2018
Juan Wang, Chengyang Fan, Yueqiang Cheng, Bo Zhao, Tao Wei, Fei Yan, Huanguo Zhang, Qian Ma, Analysis and Research on SGX Technology, Journal of Software, 2018
Binbin Chen, Xinshu Dong, Guangdong Bai, Sumeet Jauhar, Yueqiang Cheng, Secure and Efficient Software-based Attestation for Industrial Control Devices with ARM Processors, ACSAC, 2017
Zhe Wang, Chenggang Wu, Jianjun Li, Yuanming Lai, Xiangyu Zhang, Wei-Chung Hsu, Yueqiang Cheng, ReRanz: A Light-Weight Virtual Machine to Mitigate Memory Disclosure Attacks, VEE, 2017
Ruowen Wang, Ahmed M Azab, William Enck, Ninghui Li, Peng Ning, Xun Chen, Wenbo Shen, Yueqiang Cheng, SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android, AsiaCCS, 2017 (Best Paper)
Lina Wang Run Wang, Pei Liu, Lei Zhao, Yueqiang Cheng, deExploit: Identifying misuses of input data to diagnose memory-corruption exploits at the binary level, Journal of Systems and Software, 2017
Yueqiang Cheng, Xuhua Ding, Robert H. Deng, "DriverGuard: Virtualization Based Fine-Grained Protection On I/O Flows", ACM Transactions on Information and System Security (TISSEC) [pdf]
Zhi Zhang, Yueqiang Cheng, PiBooster: Performance Accelerations in Page Table Management for Paravirtual VMs, CLOUD, 2016
Yueqiang Cheng, Qing Li, Miao Yu, Xuhua Ding, Qingni Shen, SuperCall: A Secure Interface For Isolated Execution Environment to Dynamically Use External Services. in Proceeding of 11th EAI International Conference on Security and Privacy in Communication Networks (SecureComm'15), Dallas, USA
Yueqiang Cheng, Xuhua Ding, and Robert H. Deng. 2015. Efficient Virtualization-Based Application Protection Against Untrusted Operating System. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIA CCS '15). ACM, New York, NY, USA
Lei Zhao, Run Wang, Lina Wang, Yueqiang Cheng, "Reversing and Identifying Overwritten Data Structures for Memory-corruption Exploit Diagnosis", The 39th Annual International Computers, Software & Applications Conference (COMPSAC'15), Taiwan, China [PDF]
Yanlin Li, Yueqiang Cheng, Virgil D. Gligor, Adrian Perrig, "Establishing Software-Only Root of Trust on Commodity Systems: Facts and Fiction“,In 2015, the Twenty-third Security Protocols Workshop (SPW'15), London, England [PDF]
Yueqiang Cheng, Xuhua Ding, Robert H. Deng, "Efficient Virtualization-Based Application Protection Against Untrusted Operating System“,In 2015, Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS 2015), Singapore [PDF]
Yueqiang Cheng, Zongwei Zhou, Miao Yu, Xuhua Ding, Robert H. Deng, "ROPecker: A Generic and Practical Approach for Defending Against ROP Attack“,In 2014, Proceedings of the 21th Annual Network and Distributed System Security Symposium (NDSS), San Diego (USA) [PDF]
Yueqiang Cheng, Xuhua Ding, "Guardian: Hypervisor as Security Foothold for Personal Computers", In 2013, 6th International Conference On Trust & Trustworthy Computing (TRUST'13), London, England, 17-19 June, 2013 [PDF]
Yueqiang Cheng, Xuhua Ding, "Virtualization Based Password Protection Against Malware In Untrusted Operating Systems", In 2012, 5th International Conference On Trust & Trustworthy Computing (TRUST'12), Vienna, Austria, 13-15 June, 2012 [PDF]
Yueqiang Cheng, Xuhua Ding, Robert H. Deng, "DriverGuard: A Fine-Grained Protection On I/O Flows", In 2011, 16th European Symposium on Research in Computer Security (ESORICS), Leuven, Belgium, Sep 12-14, 2011 [PDF]
Liang Gu, Yueqiang Cheng, Xuhua Ding, Robert H. Deng, Yao Guo, Weizhong Shao, "Remote Attestation on Function Execution", In the International Conference on Trusted Systems (INTRUST), Lecture Notes in Computer Science 6163, Beijing, China, December 17-19th, 2009. [PDF]
Enhancing Global International Cooperation to Secure Connected Vehicles, MedTech Outlook, Enterprise Security Magazine, 2023
A User-Enterprise Approach to Cybersecurity, Enterprise Security Magazine, CIOReview, Autotech Look, Auto Business Outlook, 2022
Hermes Attack: Steal DNN Models In AI Privatization Deployment Scenarios, Blackhat Euro 2020
TeleHammer: A New Rowhammer Technique to Break ALL Existing Defenses, CanSecWest 2020
Super Root: A New Powerful and Stealthy Rooting Technique to Hack ARM Devices, CanSecWest 2020
Aion Attack: Exploiting SGX Software Timers, BlueHat 2019
Super Root: A New Powerful and Stealthy Rooting Technique to Hack ARM Devices, INSEC WORLD 2019
Mission Impossible: Steal Kernel Data from User Space on Defcon China'19
Winter is Coming Back: Defeating the Most Advanced Rowhammer Defenses to Gain Root and Kernel Privileges on BlackHat Asia 2019
Oh No! KPTI Defeated, Unauthorized Data Leakage is Still Possible on BlackHat Asia 2019
Towards Memory Safety in Intel SGX Enclave on QCon San Francisco'17
Yueqiang Cheng, Xuhua Ding, Robert H. Deng, "Protecting Applications against Untrusted Operating System", School of Information Systems, Singapore Management University, 2013.12 [pdf]
70+ US, CN patents in AI and Cloud Security (filed)
Granted Patents: Here and Here
NIO Annual Achievement Award: 2024
NIO Quality Award: 2023
Best Paper Awards: AsiaCCS'15, EuroS&P'19, DIMVA'21
Best Individual Achievement Award: 2020
Technology Pioneer Award 2019
Employee of the Quarter 2019, 2018
Innovation Project Award 2019
Innovation Breakthrough Award 2018
Best New Employee Award 2018
[2] UN WP29 R155 VTA (Vehicle Type Approval) Certificate. Led team to achieve WP29 R155 VTA certificate, making it the FIRST company in the world to receive certification under this regulation. 2022
[1] UN WP29 R155 CSMS (Cyber Security Management System) Certificate. Led team to achieve WP29 R155 CSMS certificate, making it the FIRST company in the world to receive certification under this regulation. cnevpost, benzinga, and many Chinese news. 2021
CISOMeetSF, CISO Panel, 2025
15th Annual Automotive Cybersecurity Detroit, Cybersecurity Driven-by-Design for Future-Ready Vehicles, 2025
University of Delaware, Proactive Cybersecurity Design for Future-Ready Vehicles, 2024
系统安全与可信学术论坛, New Threats from System Interface, 2020
CCF全国计算机体系结构学术年会, New Threats from Hardware: Rowhammer Attacks and Mitigations, 2020
InForSec invited talk 2020: COIN Attacks: On Insecurity of Enclave Untrusted Interfaces in SGX, 2020
Ohio State University invited talk 2019: Rowhammer Attacks and Mitigations, 2019
CMU Summit, 2021
Yueqiang Cheng, "Virtualization-Based System Hardening Against Untrusted Kernels", School of Information Systems, Singapore Management University, 2013.12 - [pdf-dissertation]