Xinyang Ge

Software Engineer @ Databricks
Email: aegiryy
LinkedIn | Google Scholar

About

I am a software engineer at Databricks. My main area of expertise is computer security, with a particular emphaisis on low-level system software (OS/hypervisors), trusted execution environments (TEE), automatic bug finding (fuzzing), and binary analysis. I have worked on enabling confidential VMs for on-prem workloads, fuzzing hypervisors for security-critical bugs, enabling reverse debugging for production failures, and mitigating memory-safety attacks. Besides research, I enjoy playing video games (rampage knights, tomb raider, hades, ...), and I like the gaming industry so much that I developed a practical SGX-based solution that protects unmodified PC games from piracy.

Before joining Databricks in 2022, I worked at Netflix protecting its games from piracy and unauthorized tampering. I was a Principal Researcher at Microsoft Research from 2016 to 2021. I received my Ph.D. in Computer Science and Engineering from Penn State in 2016, and my B.Eng. in Software Engineering from Nanjing University in 2012.

Professional Services

  • PC Member, The Network and Distributed System Security Symposium (NDSS), 2021, 2022, 2023, 2024
  • PC Member, ACM Conference on Computer and Communications Security (CCS), 2017, 2018, 2019
  • PC Member, IEEE Conference on Dependable and Secure Computing (DSC), 2017, 2018

Publications

  1. Ziqiao Zhou, Yizhou Shan, Weidong Cui, Xinyang Ge, Marcus Peinado, and Andrew Baumann. Core slicing: closing the gap between leaky confidential VMs and bare-metal cloud In Proceedings of the 17th USENIX Symposium on Operating Systems Design and Implementation (OSDI), July, 2023.
  2. Xinyang Ge, Hsuan-Chi Kuo, and Weidong Cui. Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud. In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS), November, 2022.
  3. Jiyong Yu, Xinyang Ge, Trent Jaeger, Christopher W Fletcher, and Weidong Cui. Pagoda: Towards Binary Code Privacy Protection with SGX-based Execute-Only Memory In Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED), September, 2022.
  4. Xinyang Ge, Ben Niu, Robert Brotzman, Yaohui Chen, HyungSeok Han, Patrice Godefroid, and Weidong Cui. HyperFuzzer: An Efficient Hybrid Fuzzer for Virtual CPUs. In Proceedings of the 28th ACM Conference on Computer and Communications Security (CCS), November, 2021. [Talk]
  5. Xinyang Ge, Ben Niu, and Weidong Cui. Reverse Debugging of Kernel Failures in Deployed Systems. In Proceedings of the 2020 USENIX Annual Technical Conference (ATC), July, 2020. [Talk]
  6. Weidong Cui, Xinyang Ge, Baris Kasikci, Ben Niu, Upamanyu Sharma, Ruoyu Wang, and Insu Yun. REPT: Reverse Debugging of Failures in Deployed Software. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), October, 2018. [Demo]. Best paper award.
  7. Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, and Trent Jaeger. Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM. In IEEE Transactions on Dependable and Secure Computing (TDSC), 2018.
  8. Baris Kasikci, Weidong Cui, Xinyang Ge, and Ben Niu. Lazy Diagnosis of In-Production Concurrency Bugs. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP), October, 2017.
  9. Le Guan, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, and Trent Jaeger. TrustShadow: Secure Execution of Unmodified Applications with ARM TrustZone. In Proceedings of the 15th International Conference on Mobile Systems, Applications and Services (MobiSys), June, 2017.
  10. Xinyang Ge, Weidong Cui, and Trent Jaeger. Griffin: Guarding Control Flows Using Intel Processor Trace. In Proceedings of the 22nd ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), June, 2017.
  11. Xinyang Ge, Mathias Payer, and Trent Jaeger. An Evil Copy: How the Loader Betrays You. In Proceedings of the 21st Network and Distributed System Security Symposium (NDSS), February, 2017.
  12. Yuqiong Sun, Giuseppe Petracca, Xinyang Ge, and Trent Jaeger. Pileus: Protecting User Resources from Vulnerable Cloud Services. In Proceedings of the 32nd Annual Computer Security Applications Conference (ACSAC), December, 2016.
  13. Xinyang Ge, Nirupama Talele, Mathias Payer, and Trent Jaeger. Fine-Grained Control-Flow Integrity for Kernel Software. In Proceedings of the 1st IEEE European Symposium on Security and Privacy (Euro S&P), March, 2016.
  14. Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger. Jigsaw: Protecting Resource Access by Inferring Programmer Expectations. In Proceedings of the 23rd USENIX Security Symposium (USENIX Security), August, 2014.
  15. Hayawardh Vijayakumar, Xinyang Ge, and Trent Jaeger. Policy Models to Protect Resource Retrieval. In Proceedings of the 19th ACM Symposium on Access Control Models and Technologies (SACMAT), June, 2014.
  16. Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger. Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture. In Proceedings of the 3rd IEEE Mobile Security Technologies Workshop (MoST), May, 2014.
  17. Xinyang Ge, Jia Liu, Qi Qi, and Zhenyu Chen. A New Prediction Approach Based on Linear Regression for Collaborative Filtering. In Proceedings of the 8th Internation Conference on Fuzzy Systems and Knowledge Discovery (FSKD), June, 2011.