Research Areas

My primary research interests are in the areas of Systems Security, with a focus on Hardware-assisted Security, Trusted Execution Environment, Arm/x86/RISC-V Architecture Security , Confidential Computing, Debugging Transparency.

Educational Background

• August 2010 - May 2015, Ph.D. in CS, George Mason University, USA

• August 2008 - May 2010, M.S. in CS, Columbia University, USA

• September 2004 - July 2008, 2+2 Dual Bachelor, B.S. in CS, North China University of Technology, China

• August 2006 - May 2008, 2+2 Dual Bachelor, B.S. in CS, Southern Polytechnic State University, USA

Professional Experience

• September 2019 - Present, Associate Professor, Southern Univeristy of Science and Technology, Shenzhen, China

• August 2015 - July 2019, Assistant Professor, Wayne State University, Detroit, USA

Honors & Awards

• Runner-up Best Paper Award in IEEE/IFIP DSN 2020

• NSF SaTC Award 2019, Lead PI (share: ~50%)

• NSF CICI Award 2017, Co-PI (share：~25%)

• NSF S&AS Award 2017, Co-PI (share：~20%)

• Distinguished Paper Award, ACSAC 2017

Selected Publication

Authors with an underline “_” is student/scholar mentored by me in my lab; * indicates the corresponding author.

1. Shelter: Extending Arm CCA with Isolation in User Space  

   Yiming Zhangˆ, Yuxin Huˆ, Zhenyu Ning, Fengwei Zhang*, Xiapu Luo, Haoyang Huang, Shoumeng Yan, and Zhengyu He
   To Appear In Proceedings of the 32nd USENIX Security Symposium (USENIX Security'23), Anaheim, CA, August 2023.

2. Alligator In Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features  
   Yiming Zhang, Yuxin Hu, Haonan Li, Wenxuan Shi, Zhenyu Ning, Xiapu Luo, and Fengwei Zhang
   To Appear In Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'23), Seattle, Washington, July 2023.

3. FlushTime: Towards Mitigating Flush-based Cache Attacks via Collaberating Flush Instructions & Timers on ARMv8-A  
   Jingquan Ge and Fengwei Zhang*
   To Appear In Proceedings of the 18th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'23), Melbourne, Australia, July 2023.

4. Revisiting ARM Debugging Features: Nailgun and Its Defense  
   Zhenyu Ning, Chenxu Wang, Yinhua Chen, Fengwei Zhang*, and Jiannong Cao
   In IEEE Transactions on Dependable and Secure Computing (TDSC'23), Vol.20, No.1, pp.574-589, 2023. Impact Factor: 6.404.

5. StrongBox: A GPU TEE on Arm Endpoints  [slides]
   Yunjie Dengˆ, Chenxu Wangˆ, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, and Fengwei Zhang*
   In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS'22), Los Angeles, CA, November 2022.

6. Raven: A Novel Kernel Debugging Tool on RISC-V  [slides]
   Hongyi Lu, Fengwei Zhang*
   In Proceedings of the 59th IEEE/ACM Design Automation Conference (DAC'22), San Francisco, CA, July 2022.

7. SMILE: Secure Memory Introspection for Live Enclave  [slides]
   Lei Zhou, Xuhua Ding, Fengwei Zhang*
   In Proceedings of the 43rd IEEE Symposium on Security and Privacy (S&P'22), San Francisco, CA, May 2022.

8. SOTER: Guarding Black-box Inference for General Neural Networks at the Edge  
   Tianxiang Shen, Ji Qi, Jianyu Jiang, Xian Wang, Siyuan Wen, Xusheng Chen, Shixiong Zhao, Sen Wang, Li Chen, Xiapu Luo, Fengwei Zhang, and Heming Cui
   In Proceedings of the 2022 USENIX Annual Technical Conference (ATC'22), San Francisco, CA, July 2022.

9. Speedster: An Efficient Multi-party State Channel via Enclaves  
   Jinghui Liao, Fengwei Zhang*, Wenhai Sun, and Weisong Shi
   In Proceedings of the 17th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'22), Nagasaki, Japan, May 2022.

10. RetTag: Hardware-assisted Return Address Integrity on RISC-V   [slides]
    Yu Wang, Jinting Wu, Tai Yue, Zhenyu Ning*, and Fengwei Zhang
    In Proceedings of the 15th European Workshop on Systems Security (EuroSec'22), in conjunction with the European Conference on Computer Systems (EuroSys'22), Rennes, France, April 2022.

11. Securing Big Data Scientific Workflows via Trusted Heterogeneous Environments  
    Saeid Mofradˆ, Ishtiaq Ahmedˆ, Fengwei Zhang*, Shiyong Lu, Ping Yang, and Heming Cui
    In IEEE Transactions on Dependable and Secure Computing (TDSC'22), Vol.19, No.6, pp.4187-4203, 2022. Impact Factor: 6.404.

Patents

1. 随机数生成方法、系统、设备及存储介质，发明人：张锋巍,宁振宇,廖京辉,汪湛博，专利号ZL202211314715.5，授权公告日: 2023/3/14

2. 数据记录方法和数据记录装置，发明人：张锋巍,宁振宇,张一鸣，专利号ZL202210881085.3，授权公告日:  2022/12/27

3. 内核空间调试方法及其装置、计算机设备、存储介质，发明人：卢弘毅,何宛凝,郑鑫颖,张锋巍，专利号ZL202210436969.8，授权公告日: 2022-07-26

4. 内核修复方法、装置、电子设备及存储介质，发明人：张锋巍,周雷，专利号ZL202010824141.0，授权公告日: 2022-06-21

5. 基于ARM架构的GPU可信执行方法、系统、设备及存储介质，发明人：张锋巍,宁振宇,邓韵杰,王晨旭,刘世晴,于顺昌，专利号ZL202111150136.7，授权公告日: 2022-06-21

6. 可信执行环境构建方法、系统及存储介质，发明人：宁振宇,张锋巍，专利号ZL202011313471.X，授权公告日: 2022-05-31

7. Methods and Systems for Increased Debugging Transparency, Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang, U.S. Patent Number 10,127,137. Issued on November 13, 2018.

Other Information

Program Organization

[CCS]: Proceedings Co-Chair, ACM Conference on Computer and Communications Security, 2022.

[ML4CS]: General Chair, International Conference on Machine Learning for Cyber Security, 2020.

[EuroSec]: Publicity Chair, European Workshop on Systems Security, 2018, 2019.

[IWCSS]: Program Co-Chair, International Workshop on Cyberspace Security, 2019.

[CCSW]: Publicity Chair, ACM Cloud Computing Security Workshop, 2017.

Program Committee Membership

[S&P]: IEEE Symposium on Security and Privacy (“Oakland”), 2021, 2022, 2023, 2024.

[USENIX-Security]: USENIX Security Symposium, 2021, 2022, 2023, 2024.

[CCS]: ACM Conference on Computer and Communications Security, 2017, 2018, 2019, 2020, 2022, 2023.

[NDSS]: ISOC Network and Distributed System Security Symposium, 2023, 2024.

[DAC]: IEEE/ACM Design Automation Conference, 2022, 2023.

[ACSAC]: Annual Computer Security Applications Conference, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023.

[DSN]: IEEE/IFIP International Conference on Dependable Systems and Networks, 2020, 2021, 2023.

[ESORICS]: European Symposium on Research in Computer Security, 2020, 2021, 2023.

[AsiaCCS]: ACM ASIA Conference on Computer and Communications Security, 2021, 2022.

[WiSec]: ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2019, 2020, 2022.

[SecureComm]: EAI International Conference on Security and Privacy in Communication Networks, 2023.

[VehicleSec]: Symposium on Vehicle Security and Privacy, 2023.

[EthiCS]: International Workshop on Ethics in Computer Security, 2023.

[ARES]: International Conference on Availability, Reliability and Security, 2020.

[HPBD&IS]: International Conference on High Performance Big Data and Intelligent Systems, 2020.

[EuroSec]: European Workshop on Systems Security, 2018, 2019, 2020, 2021.

[AutoSec]: International Workshop on Automotive and Autonomous Vehicle Security, 2021, 2022.

[MASS]: IEEE International Conference on Mobile Ad-hoc and Sensor Systems, 2018, 2019.

[SecureComm]: EAI International Conference on Security and Privacy in Communication Networks, 2018.

[ICICS]: International Conference on Information and Communications Security, 2018, 2021.

[IoTSSP]: ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy, 2018.

[ICC]: IEEE International Conference on Communications, 2018.

[CCSW]: ACM Cloud Computing Security Workshop, 2017.

[HASP]: Hardware and Architectural Support for Security and Privacy, 2017.

[ICPADS]: IEEE International Conference on Parallel and Distributed Systems, 2016.

Artifact Evaluation Committee

[USENIX-Security]: USENIX Security Symposium, 2020.

[ACSAC]: Annual Computer Security Applications Conference, 2019, 2020.

[WOOT]: USENIX Workshop on Offensive Technologies, 2019.