Xuxian Jiang @ NC State University

Xuxian Jiang

Assistant Professor
Department of Computer Science
Email:
Phone: 919-513-7835

Office: Room 3256, EBII
North Carolina State University
890 Oval Drive, Campus Box 8206
Raleigh, NC 27695-8206
Fax: 919-515-7896

- Multiple RA Positions

I am looking for highly motivated students who want to take a role in building next-generation secure systems. If interested, please stop by my office or email me for an appointment!

Research

- Current research interests: virtual machines (VMs) and security (publication list, software release).

Hypervisor protection

HyperSafe: Providing Lifetime Hypervisor Control-Flow Integrity (Oakland'10)

Rootkit defense

ReturnLess: Defeating Return-Oriented Rootkits with "Return-less" Kernels (coming soon)
HookSafe: Countering Kernel Rootkits with Lightweight Hook Protection (CCS'09 -- Got Slashdotted)
KOP: Mapping Kernel Objects to Enable Systematic Integrity Checking (CCS'09)
PoKeR: Profiling Kernel Rootkit Behavior (EUROSYS'09)
NICKLE: Preventing Code-Injection Kernel Rootkits with Hypervisor-based Memory Shadowing (RAID'08 -- Received Best Paper Award)
HookMap: Countering Persistent Kernel Rootkits Through Systematic Hook Discovery (RAID'08)
VMwatcher: Detecting Stealthy Malware Through Hypervisor-Based "Out-of-the-Box" Semantic View Reconstruction (CCS'07)

Protocol reverse engineering for malware defense

ReFormat: Reverse Engineering Encrypted Messages (ESORICS'09)
AutoFormat: Reverse Engineering Plaintext Messages (NDSS'08)

Honeypots and honeyfarms for malware capture and investigation

VMscope: Monitoring VM-Based High-Interaction Honeypots (RAID'07)
HoneyMonkey: Finding Web Sites That Exploit Browser Vulnerabilities (NDSS'06 -- Got Slashdotted)
vGround: Virtual Playgrounds for Worm Behavior Investigation (RAID'05)
Collapsar: A VM-Based Architecture for Network Attack Detention Center (SECURITY'04)

- Media Coverage:

HookSafe Protects Kernel from Rootkits, Linux Pro Magazine, November 13, 2009
Scientists Unveil Lightweight Rootkit Protection, Slashdot posting, November 11, 2009
Boffins Boast Newfangled Rootkit Blocker, The Register, November 11, 2009
Protecting OSs from RootKits, Bruce Schneier's Blog, November 10, 2009
New Tool Seeks to Block Rootkits by Protecting Their Targets, Ars Technica, November 4, 2009
Boffins Work Out How to Foil Rootkits, The Inquirer, November 4, 2009
Researchers Create Hypervisor-Based Tool For Blocking Rootkits, Dark Reading, November 3, 2009
Hooks Hijacked? New Research Shows How To Block Stealthy Malware Attacks Science Daily, November 3, 2009

- Sponsors: NSF, AFRL, SOSI/ARO, IARPA, FRPD/NCSU

Teaching

- Spring 2010: CSC405 - Introduction to Computer Security
- Fall 2009: CSC591-004 - Special Topics in Computer Security
- Spring 2009: CSC501 - Operating Systems Principles
- Spring 2009: CSC801 - Seminar in Computer Science
- Fall 2008: CSC591S - Special Topics in Operating Systems Security
- Spring 2008: ISA564 - Security Laboratory
- Fall 2007: ISA564 - Security Laboratory
- Spring 2007: ISA797 - Advanced Topics in Information Security
- Fall 2006: ISA797 - Advanced Topics in Information Security
<--->

Students

- Current: Zhi Wang, Mike Grace, Tyler Bletsch, Deepa Srinivasan, Siarhei Liakh, Minh Q. Tran, and Jinku Li (Post-doc)
- Graduated stduents:

Ryan D. Riley (Ph.D. 2009, co-advised with Prof. Dongyan Xu)
- Thesis title: Architectural Approaches for Code Injection Defense at the User and Kernel Levels
- Current employment: Assistant Professor, Qatar University, Doha, Qatar
- Awards: 2009 CERIAS Diamond Award, Best Paper Award from the RAID'08 symposium

Service

- TPC Member, 4th International Conference on Trusted Cloud Infrastructure (ICTCI 2010), Shanghai, China, 2010.
- TPC Member, IEEE ICDCS 2010, Genoa, Italy, 2010.
- TPC Member, 1st Workshop on Security and Privacy in Cloud Computing (SPCC 2010), Genoa, Italy, 2010.
- TPC Member, EuroSys Workshop on Isolation and Integration for Dependable Systems (IIDS 2010), Paris, France, 2010.
- TPC Member, 5th Workshop on Virtualization in High-Performance Cloud Computing (VHPC'10), Naples, Italy, 2010.
- TPC Member, 2nd ACM Workshop on Virtual Machine Security (VMSec) 2009, Chicago, IL, 2009.
- TPC Member, ESORICS 2009, Saint Malo, Brittany, France, 2009.
- TPC Member, RAID 2009, Saint-Malo, Britanny, France, 2009.
- TPC Member, WWW 2009, Madrid, Spain, 2009.
- TPC Member, IEEE S&P 2009, Berkeley/Oakland, CA, 2009.
- TPC Member, IEEE ICDCS 2009, Montreal, Canada, 2009.
- TPC Member, 4th Workshop on Virtualization in High-Performance Cloud Computing (VHPC'09), Delft, The Netherlands, 2009.
- TPC Member, Workshop on Virtualization Technology for Dependable Systems 2009, Nuremberg, Germany, 2009.
- TPC Member, ISOC NDSS 2009, San Diego, CA, 2009.
- TPC Member, 1st ACM Workshop on Virtual Machine Security (VMSec) 2008, Fairfax, VA, 2008.
- TPC Member, ACM Workshop on Scalable Trusted Computing (STC) 2008, Fairfax, VA, 2008.
- TPC Member, IEEE ICDCS 2007, Toronto, Canada, 2007.
- TPC Member - posters,WWW 2007, Alberta, Canada, 2007.

Last modified: November 12th, 2009 calendar