Yu Ding (丁羽)

Staff Software Engineer at Google DeepMind
Former Principal Security Scientist at Baidu

Github Profile
Google Scholar

About

  • I received my Ph.D Degree in Computer Security from Peking University in July 2016 and Bachelor degree in Computer Science from Peking University in July 2010.
  • I'm the tech lead of the Rust-SGX and Teaclave project. For additional support, please contact me at rustsgx@gmail.com
  • Research Interests

    My research interests include confidential computing, software security and system security. I'm writing some blog articles about my thoughts on Intel SGX.

    Stargazer map of rust-sgx-sdk (as of Dec-30-2020, geolocation heatmap of 848 stargazers)

    Star History of famous SGX frameworks

    Please add your personal Github token here to get away from the Github API rate limitation

    Recent Talks/Presentations

  • Keyhouse: Production-ready Key Management Service in Rust, Cloud Native Rust Day EU 2021
  • Mission Impossible: Steal Kernel Data from User Space on Defcon China'19
  • MesaTEE SGX: Redefining AI and Big Data Analysis with Intel SGX on Microsoft Bluehat'19[Slides]
  • Build a Secure and Trusted Framework in Rust on RustCon Asia'19
  • Rust in Baidu Security on RustCon Asia'19 [video]
  • Oh No! KPTI Defeated, Unauthorized Data Leakage is Still Possible on BlackHat Asia 2019
  • Memory Safe * on OS2ATC'18 [Slides]
  • Bringing Intel SGX to the Rust Ecosystem on RustFest'18 [video]
  • 借助Intel SGX技术进行安全的机器学习 on QCon Beijing'18
  • Towards Memory Safety in Intel SGX Enclave [video inside] on QCon San Francisco'17
  • Invited talks on rust-sgx-sdk and rust-sgx-sdk based solution on iDash'17 competition[talk1][talk2]
  • Open Source Projects

  • Keyhouse, the key management system that secures ByteDance and TikTok's data
  • Rust SGX SDK: Developing Intel SGX Enclaves in Rust
  • Easy-to-use MD5 Chosen-Prefix Collisions generator (CUDA supported)
  • dftwin: high performance dynamic data flow tracking on windows
  • Donation is welcome at Bitcoin wallet 1HmzyGeF2E9GFnRmgnGFAmuMwPTogJAhVj
    Thanks for your donation!

    Recent Academic Services

    TPC for ACM CCS'24 and IEEE SP'25.

    Publications

    1. PTStore: Lightweight Architectural Support for Page Table Isolation[IEEE]
      Wende Tan, Yangyu Chen, Yuan Li, Ying Liu, Jianping Wu, Yu Ding, Chao Zhang
      Proceedings of the 60th ACM/IEEE Design Automation Conference (DAC'23)
    2. Building and maintaining a third-party library supply chain for productive and secure SGX enclave development[ACM]
      Pei Wang, Yu Ding, Mingshen Sun, Huibo Wang, Tongxin Li, Rundong Zhou, Zhaofeng Chen, Yiming Jing
      Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP '20:)
    3. Towards Memory Safe Python Enclave for Security Sensitive Computation[arxiv]
      Huibo Wang, Mingshen Sun, Qian Feng, Pei Wang, Tongxin Li, Yu Ding
      35th Annual Computer Security Applications Conference (ACSAC 2019)
    4. Towards Memory Safety for Enclave Programs with Rust-SGX (Full paper) [PDF]
      Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, Zhiqiang Lin
      ACM CCS'19, London, UK. Acceptance Rate = 73/724
    5. Rust SGX SDK: Towards Memory Safety in Intel SGX Enclave [PDF]
      Yu Ding, Ran Duan, Long Li, Yueqiang Cheng, Yulong Zhang, Tanghui Chen, Tao Wei
      Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security. DOI:10.1145/3133956.3138824
    6. SQL Injection Prevention Based on Sensitive Characters [PDF]
      Huilin Zhang, Yu Ding, Lihua Zhang, Lei Duan, Chao Zhang, Tao Wei, Guancheng Li, Xinhui Han
      Journal of Computer Research and Development (2016) 53(10). DOI:10.7544/issn1000-1239.2016.20160443
    7. Accurate and Efficient Exploit Capture and Classification [PDF]
      Yu Ding, Tao Wei, Hui Xue, Yulong Zhang, Chao Zhang, Xinhui Han
      Science China Information Science (2017) 60: 052110. doi:10.1007/s11432-016-5521-0
    8. VTrust: Regaining Trust on Virtual Calls [PDF]
      Chao Zhang, Scott Carr, Tongxin Li, Yu Ding, Chengyu Song, Mathias Payer, Dawn Song
      In Proceedings of the 2016 Network and Distributed System Security Symposium (NDSS)
    9. Classifying Downloaders [PDF]
      Yu Ding, Liang Guo,Chao Zhang, Yulong Zhang, Hui Xue, Tao Wei, Yuan Zhou, Xinhui Han
      In Proceedings of 36th IEEE Symposium on Security and Privacy (Poster)
    10. SIPD: a practical SDN-based IP spoofing defense method [PDF]
      Chen Li, Yu Ding, Tongxin Li, Jun Li, Xinhui Han
      In 2016 Distributed Systems Security Symposium (NDSS) (Poster)
    11. PHPGate: A Practical White-Delimiter-Tracking Protection against SQL-Injection for PHP [PDF]
      Lihua Zhang, Yu Ding, Chao Zhang, Lei Duan, Zhaofeng Chen, Tao Wei, Xinhui Han,
      In Proceedings of 24th USENIX Security Symposium (Poster)
    12. AdHoneyDroid: Capture Malicious Android Advertisements [PDF]
      Dongqi Wang, Shuaifu Dai, Yu Ding, Tongxin Li, Xinhui Han,
      In Proceedings of 21st ACM Conference on Computer and Communications Security (Poster)
    13. Attack and Defense the OAuth based SSO systems [PDF]
      Jianjun Ye, Yu Ding, Tongxin Li, Huilin Zhang, Xinhui Han,
      In 2014 Annual Computer Security Applications Conference (Poster)
    14. Unider: Exploit Attack Emulator Armed with State-of-Art Exploit Techniques (Poster Session) [PDF]
      Yu Ding, Chao Zhang, Tao Wei
      In the Network and Distributed System Security Symposium (NDSS) , San Deigo, CA, Feb 2014.
    15. Android Low Entropy Demystified [PDF]
      Yu Ding, Zhuo Peng, Yuanyuan Zhou, Chao Zhang
      In IEEE International Conference on Communications (ICC) , Sydney, Australia, June 2014.
    16. A Framework to Eliminate Backdoors from Response Computable Authentication. [PDF]
      Shuaifu Dai, Tao Wei, Chao Zhang, Tielei Wang, Yu Ding, Wei Zou, Zhenkai Liang.
      In the 33rd IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, May 2012.
    17. Heap Taichi: Exploiting Memory Allocation Granularity in Heap-Spraying Attacks. [PDF]
      Yu Ding, Tao Wei, Tielei Wang, Zhenkai Liang, Wei Zou.
      In the 25th Annual Computer Security Applications Conference (ACSAC), Austin, TX, Dec. 2010.
    18. A Summary of Software Classification/Taxonomy Techniques [PDF]
      Yu Ding, Wei Zou, Tao Wei
      In The 5th Conference on Vulnerability Analysis and Risk Assessment (VARA), Shanghai , China, Dec. 2012
    19. Applying Cloud Computing Techniques in Information Security Research [PDF]
      Wei Zou, Yu Ding, Xinhui Han, Wenhan Yang
      In Communications of the CCF, Vol 8, No. 7, July 2012

    Experience

  • IEEE SP'25 Technical PC
  • ACM CCS'24 Technical PC
  • NDSS'13 external reviewer
  • S&P'13 external reviewer
  • AsiaCCS'13 external reviewer
  • Science China Volume F reviewer
  • S&P'16 external reviewer
  • AsiaCCS'16 external reviewer
  • IEEE Transactions on Information Forensics and Security (TIFS) external reviewer
  • IEEE Transactions on Knowledge and Data Engineering (TKDE) external reviewer
  • Software: Practice and Experience (SPE) external reviewer

  • Last update, July 24th, 2019.
    hit counter html