Kailiang Ying （应凯梁）

Software Engineer @ Google

Research: Mobile Security, TrustZone, AI security

Email, Google Scholar, Linkedin

Education

- PhD in Computer Science at Syracuse University 2014 - 2018
- M.S. in Computer Science at Syracuse University 2012 - 2014
- B.S. in Computer Science at Shanghai Ocean University 2008 - 2012

Publication

Kailiang Ying. Integrating TrustZone Protection with Communication Paths for Mobile Operating System. PhD Dissertation. May 2019.
Kailiang Ying, Priyank Thavai, and Wenliang Du. TruZ-View: Developing TrustZone User Interface for Mobile OS using Delegation Integration Model. In Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY 2019). March 25 - 27, 2019. Dallas, TX, USA.
Kailiang Ying, Amit Ahlawat, Bilal Alsharifi, Yuexin Jiang, Priyank Thavai, and Wenliang Du. TruZ-Droid: Integrating TrustZone with Mobile Operating System. In Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2018). June 10 - 15, 2018. Munich, Germany. (Bib)
Xiao Zhang, Yousra Aafer, Kailiang Ying and Wenliang Du. Hey, You, Get Off of My Image: Detecting Data Residue in Android Images. To appear in Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS'16). Heraklion, Crete, Greece. September 26-30, 2016. Bib
Xiao Zhang, Kailiang Ying, Yousra Aafer, Zhenshen Qiu, and Wenliang Du. Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, California, USA. February 21-24, 2016. Website, Bib
Xing Jin, Xunchao Hu, Kailiang Ying, Wenliang Du, Heng Yin and Gautam Nagesh Peri. Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA. November 3 - 7, 2014. Website, Bib

NSF Funded Projects

Expanding TrustZone: Enabling Mobile Apps to Transparently Leverage TrustZone for Attestation and Data Protection
- Enable mobile application to transparently integrate with TrustZone protection
- Split TLS protocol to protect online data transmission between the server and TrustZone
- Propose new design model for TrustZone UI and significantly reduces the TCB size.
- Wrote NSF proposal and won half million dollar funding
SEED: Developing Hands-on Labs for Computer SEcurity EDucation.
- SQL injection lab
- VPN lab
- Buffer Overflow Catch-The-Flag
- Format String lab
Develop Fine-Grained Access Control for Third-Party Components in Mobile Systems
- Google acknowledge Android data residue vulnerability finding
- SC Magazine US news: Smartphones at risk of malicious code injection through HTML5-based apps

Talk

CODASPY 2019, TruZ-View paper presentation, 25 March 2019.
MobiSys 2018, TruZ-Droid paper presentation, 12 June 2018. Video
Invited instructor of the CES+ Global Workshop at Seoul Womens' University, Seoul, Korea, 6/21-6/23, 2017. URL

Program committee

Peer Reviewer

International Journal of Security and Networks 20'
IEEE Access 20'
KSII Transactions on Internet and Information Systems 17'-20'
Pervasive and Mobile Computing 2018
SCIREA Journal of Computer (URL)
DFRWS 2019
IEEE Transactions on Software Engineering 2019
National Cyber Summit 2019
SecureComm 2019
IEEE Global Communications Conference 2019

External Conference Reviews

ASIACCS'18, ICISS20'17, CCS Poster'17, ESORICS'17, ASIACCS'16, ESORICS'15, CCS'14

External Journal Reviews

Transactions on Mobile Computing'18