Yuan Xiao

Department of Computer Science and Engineering
The Ohio State University

Office: 117A Bolz Hall

Email: xiao (dot) 465 (at) osu (dot) edu


I am a Ph.D. student in the Department of Computer Science and Engineering at OSU advised by Yinqian Zhang since August 2015. I work in system security, specializing in cloud security. My recent work was a tool framework called Stacco to detect side-channel vulnerabilities in SSL/TLS libraries running inside SGX enclave.

I completed my bachelor's degree in School of Information Security at Shanghai Jiao Tong University in 2015.

Outside work, I like playing basketball and video games. Besides, I am also a big movie fan.

 

Publication


One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation
Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, Mircea-Radu Teodorescu
USENIX Security, 2016. (Acceptance rate: 15.6%) PDF slides
Awarded: CSAW'16 Practical Research Final-list

Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
Xiaokuan Zhang, Yuan Xiao, Yinqian Zhang
CCS, 2016. (Acceptance rate: 16.5%) PDF slides

Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves
Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang
CCS, 2017. (Acceptance rate: 18.1%) PDF slides arxiv

Research Interests


System security, cloud security, shielded execution (SGX), SSL/TLS.

Work Experience


Graduate Research Associate 2015.8 - Present      

Graduate Teaching Associate (CSE 5473: Network Security) 2016.1 - 2016.5       

Graduate Teaching Associate (CSE 3461/5461: Computer Networking and Internet Technologies) 2015.8 - 2015.12     

Useful Links


The lightning video of my presentation on USENIX Security, August 2016, Austin TX. (QuickTime Player on mac may have no-audio issue opening it.)

My CV could be downloaded here.