Java程序辅导

  
 
Mengyuan LI 
Email: li.7533@osu.edu 
 
EDUCATION BACKGROUND 
Shanghai Jiao Tong University (SJTU)                                                                                                                         09/2012-06/2016 
Major: Information Engineering                   Department: Electronic Information and Electrical Engineering  
Degree: Bachelor of Science (Jun.2016)      
Ohio State University (OSU)                                                                                                                                          08/2016-Present 
Major: Computer Science and Engineering           Department: Computer Science and Engineering  
Expected Degree: Ph.D                                                                            
 
RESEARCH INTERESTS & COMPUTER SKILLS 
Interested Areas: System Security, Cloud security, Hardware security, Side-channel attacks, Confidential computing, Network security  
Computer Language: JAVA, C Language, Python, Lab VIEW, MATLAB, FPGA, etc. 
 
SELECTED PUBLICATIONS 
⚫ Mengyuan Li*, Luca Wilke*, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, Yinqian Zhang, “A Systematic Look at 
Ciphertext Side Channels”. In IEEE Symposium on Security and Privacy (S&P) 2022. 
⚫ Shixuan Zhao, Mengyuan Li, Yinqian Zhang, and Zhiqiang Lin, “vSTX: Virtualizing SGX Enclaves on AMD SEV”. In IEEE 
Symposium on Security and Privacy (S&P) 2022.  
⚫ Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng, “TLB Poisoning Attacks on AMD Secure 
Encrypted Virtualization”. In 2021 Annual Computer Security Applications Conference (ACSAC 2021). 
⚫ Mengyuan Li, Yinqian Zhang, and Zhiqiang Lin, “CROSSLINE: Breaking ''Security-by-Crash'' based Memory Isolation 
in AMD SEV”. In Proceedings of the ACM Conference on Computer and Communications Security (CCS) 2021. Nov. 2021 
(Best Paper Candidate).  
⚫ Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng, “CIPHERLEAKS: Breaking Constant-time 
Cryptography on AMD SEV via the Ciphertext Side Channel”. In 30th USENIX Security Symposium (USENIX Security 
21), 717-732. 2021. Website: CIPHERLEAKs. 
⚫ Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, and Yan Solihin, “Exploiting Unprotected I/O Operations in AMD’s Secure 
Encrypted Virtualization”. In 28th USENIX Security Symposium (USENIX Security 19), pp. 1257-1272. 2019. 
⚫ Guoxing Chen, Mengyuan Li, Fengwei Zhang, and Yinqian Zhang, “Defeating Speculative-Execution Attacks on SGX with 
HyperRace”. In 2019 IEEE Conference on Dependable and Secure Computing (DSC), pp. 1-8. IEEE, 2019. 
⚫ Liang Wang, Mengyuan Li, Yinqian Zhang, Thomas Ristenpart, Michael Swift , “Peeking Behind the Curtains of Serverless 
Platforms”. In Proceedings of the USENIX Annual Technical Conference (ATC), Boston, MA, USA, Jul. 2018.  
⚫ Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang, “Stacco: Differentially Analyzing Side-Channel Traces for 
Detecting SSL/TLS Vulnerabilities in Secure Enclaves”.  In Proceedings of the ACM Conference on Computer and 
Communications Security (CCS) 2017, Dallas, Texas, USA, Oct. 2017.  
⚫ Mengyuan Li, Yan Meng, Junyi Liu, Haojin Zhu, Xiaohui Liang, Yao Liu, Na Ruan, “When CSI Meets Public WiFi: Inferring 
Your Mobile Phone Password via WiFi Signals”. In Proceedings of the ACM Conference on Computer and Communications 
Security (CCS) 2016.  
 
RESEARCH EXPERIENCE 
Graduate Research Assistant, System Security Lab at OSU                              
Supervisor: Prof. Yinqian Zhang          09/2017-Present 
⚫ A systematic study of Ciphertext Side Channel  
- Systematically study the ciphertext side channel in the entire memory of SEV-protected VMs. It shows that the ciphertext side 
channel can be exploited in all memory regions, including kernel structures, stacks, and heaps. 
- Present end-to-end ciphertext side-channel attacks against the ECDSA implementation of the OpenSSL library. Other main 
cryptography libraries (including OpenSSL, WolfSSL, GnuTLS, OpenSSH, and libgcrypt) are also shown to be vulnerable to 
  
the ciphertext side channel. 
- Show ciphertext side channel’s threat to all TEEs with deterministic encryption. Present a kernel patch to mitigate ciphertext 
side channels caused by kernel structures. The ciphertext side channel can be mitigated when adopting both the kernel patch 
together with software fixes from cryptographic libraries. 
⚫ Virtualizing SGX Enclaves on AMD SEV 
- Present vSGX, a new system that allows the SGX execution atop AMD SEV enhancing enclave applications' inter-TEE 
operability in a virtualized environment. 
- vSGX achieves comparable security guarantees to SGX to allow secure execution of SGX enclaves, while preserving the 
benefits of being protected by SEV. 
⚫ TLB Poisoning Attacks in AMD SEV 
- Demystify AMD SEV's TLB management mechanisms, which have never been studied and reported in-depth, and identifies 
a severe flaw of its design of TLB isolation that leads to misuse of TLBs under the assumption of a malicious or compromised 
hypervisor. 
- Present a novel category of attacks against SEV, namely TLB Poisoning Attacks, which manipulate the TLB entries shared by 
two processes within the same SEV VM and breach the integrity and confidentiality of one of the processes. 
⚫ Exploiting Ciphertext Side Channel in AMD SEV-SNP 
- Present a novel ciphertext side channel on SEV processors. This discovery identifies a fundamental flaw in the SEV's use of 
XEX mode memory encryption.  
- Propose a new CIPHERLEAKs attack that exploits the ciphertext side channel to infer register values from encrypted VMSA.  
- Present successful attacks against the constant-time RSA and ECDSA implementation of the latest OpenSSL library, which 
has been considered secure against side channels. 
⚫ Breaking ''Security-by-Crash'' based Memory Isolation in AMD SEV 
- Demystify AMD SEV’s ASID- based isolation for encrypted memory pages, cache lines, and TLB entries. 
- Propose the CROSSLINE attacks, a novel class of attacks against SEV that allow the adversary to launch an attacker VM and 
change its ASID to that of the victim VM to impersonate the victim. 
⚫ Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization                                             
- Exploit the insecurity of SEV from the perspective of the unprotected I/O operations. 
- Construct a memory decryption oracle and memory encryption oracle, which enable attacker to extract guest VM’s memory 
content protected by SEV or replace guest’s memory blocks. 
⚫ Peeking Behind the Curtains of Serverless Platforms 
- Explore mainstream serverless computing services. Examples include AWS Lambda, Azure Fcuntions and Google Cloud 
Functions. 
- Conduct measurement study of more than 50,000 function instances in order to characterize their architectures, performance 
and resource management efficiency. 
- Explain how those platforms isolate the functions and characterize performance in terms of scalability, coldstart latency and 
resource efficiency. 
⚫ Stacco: Side-channel Vulnerability Detection of SSL/TLS in Secure Enclaves                         
- Build a Side-channel Trace Analyzer for finding Chosen-Ciphertext Oracles (Stacco).  
- Stacco is a software framework for conducting differential analysis on the SSL/TLS implementations to detect sensitive 
control-flow vulnerabilities that can be exploited to create decryption oracles for CBC padding oracle attacks and 
Bleichenbacher attacks. Open-sourced at https://github.com/OSUSecLab/Stacco 
 
SERVICE 
⚫ Reviewer 
o  IEEE Transactions on Dependable and Secure Computing (TDSC) 
⚫ External Reviewer 
o  IEEE Symposium on Security and Privacy (Oakland) 
o  ACM Conference on Computer and Communications Security (CCS) 
o  USENIX Security Symposium 
o  ISOC Network and Distributed System Security Symposium (NDSS)