I received my Ph.D Degree in Computer Security from Peking University in July 2016 and Bachelor degree in Computer Science from Peking University in July 2010.
My research interests include confidential computing, software security and system security. I'm writing some blog articles about my thoughts on Intel SGX.
Stargazer map of rust-sgx-sdk (as of Dec-30-2020, geolocation heatmap of 848 stargazers)
Star History of famous SGX frameworks
Please add your personal Github token here to get away from the Github API rate limitation
PTStore: Lightweight Architectural Support for Page Table Isolation[IEEE]
Wende Tan, Yangyu Chen, Yuan Li, Ying Liu, Jianping Wu, Yu Ding, Chao Zhang Proceedings of the 60th ACM/IEEE Design Automation Conference (DAC'23)
Building and maintaining a third-party library supply chain for productive and secure SGX enclave development[ACM]
Pei Wang, Yu Ding, Mingshen Sun, Huibo Wang, Tongxin Li, Rundong Zhou, Zhaofeng Chen, Yiming Jing Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP '20:)
Towards Memory Safety for Enclave Programs with Rust-SGX (Full paper) [PDF]
Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, Zhiqiang Lin ACM CCS'19, London, UK. Acceptance Rate = 73/724
Rust SGX SDK: Towards Memory Safety in Intel SGX Enclave [PDF]
Yu Ding, Ran Duan, Long Li, Yueqiang Cheng, Yulong Zhang, Tanghui Chen, Tao Wei Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security. DOI:10.1145/3133956.3138824
SQL Injection Prevention Based on Sensitive Characters [PDF]
Huilin Zhang, Yu Ding, Lihua Zhang, Lei Duan, Chao Zhang, Tao Wei, Guancheng Li, Xinhui Han Journal of Computer Research and Development (2016) 53(10). DOI:10.7544/issn1000-1239.2016.20160443
Accurate and Efficient Exploit Capture and Classification [PDF]
Yu Ding, Tao Wei, Hui Xue, Yulong Zhang, Chao Zhang, Xinhui Han Science China Information Science (2017) 60: 052110. doi:10.1007/s11432-016-5521-0
VTrust: Regaining Trust on Virtual Calls [PDF]
Chao Zhang, Scott Carr, Tongxin Li, Yu Ding, Chengyu Song, Mathias Payer, Dawn Song
In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS)
Classifying Downloaders [PDF]
Yu Ding, Liang Guo,Chao Zhang, Yulong Zhang, Hui Xue, Tao Wei, Yuan Zhou, Xinhui Han
In Proceedings of 36th IEEE Symposium on Security and Privacy (Poster)
SIPD: a practical SDN-based IP spoofing defense method [PDF]
Chen Li, Yu Ding, Tongxin Li, Jun Li, Xinhui Han
In 2016 Distributed Systems Security Symposium (NDSS) (Poster)
PHPGate: A Practical White-Delimiter-Tracking Protection against SQL-Injection for PHP [PDF]
Lihua Zhang, Yu Ding, Chao Zhang, Lei Duan, Zhaofeng Chen, Tao Wei, Xinhui Han,
In Proceedings of 24th USENIX Security Symposium (Poster)
AdHoneyDroid: Capture Malicious Android Advertisements [PDF] Dongqi Wang, Shuaifu Dai, Yu Ding, Tongxin Li, Xinhui Han,
In Proceedings of 21st ACM Conference on Computer and Communications Security (Poster)
Attack and Defense the OAuth based SSO systems [PDF] Jianjun Ye, Yu Ding, Tongxin Li, Huilin Zhang, Xinhui Han,
In 2014 Annual Computer Security Applications Conference (Poster)
Unider: Exploit Attack Emulator Armed with State-of-Art Exploit Techniques (Poster Session) [PDF]
Yu Ding, Chao Zhang, Tao Wei
In the Network and Distributed System Security Symposium (NDSS) , San Deigo, CA, Feb 2014.
Android Low Entropy Demystified [PDF]
Yu Ding, Zhuo Peng, Yuanyuan Zhou, Chao Zhang
In IEEE International Conference on Communications (ICC) , Sydney, Australia, June 2014.
A Framework to Eliminate Backdoors from Response Computable Authentication. [PDF]
Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding, Wei Zou, Zhenkai Liang.
In the 33rd IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, May 2012.
Heap Taichi: Exploiting Memory Allocation Granularity in Heap-Spraying Attacks. [PDF]
Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, Wei Zou.
In the 25th Annual Computer Security Applications Conference (ACSAC), Austin, TX, Dec. 2010.
A Summary of Software Classification/Taxonomy Techniques [PDF] Yu Ding, Wei Zou, Tao Wei In The 5th Conference on Vulnerability Analysis and Risk Assessment (VARA), Shanghai , China, Dec. 2012
Applying Cloud Computing Techniques in Information Security Research [PDF] Wei Zou, Yu Ding, Xinhui Han, Wenhan Yang
In Communications of the CCF, Vol 8, No. 7, July 2012
Experience
IEEE SP'25 Technical PC
ACM CCS'24 Technical PC
NDSS'13 external reviewer
S&P'13 external reviewer
AsiaCCS'13 external reviewer
Science China Volume F reviewer
S&P'16 external reviewer
AsiaCCS'16 external reviewer
IEEE Transactions on Information Forensics and Security (TIFS) external
reviewer
IEEE Transactions on Knowledge and Data Engineering (TKDE) external
reviewer
Software: Practice and Experience (SPE) external reviewer