CV

Education

• Ph.D in Institute of Information Engineering, University of Chinese Academy of Sciences, 2025 (expected)
• B.S. in Beijing Institute of Technology, 2015

Work experience

• Winter 2022: XINGYUN LAB NSFOCUS
  • Studying Container Vulnerability
  • Container Attack Detections

Skills

• Linux Kernel
  • Linux Kernel Module
  • Compiling and Debugging
  • Kernel Observability
  • eBPF
• Virtualization
  • Hardware-assisted virtualization
  • Lightweight hypervisor
• Cloud Native
  • Containers
  • Microservices
• Trust Computing
  • Intel SGX

Publications

ConMonitor: Lightweight Container Protection with Virtualization and VM Functions

ConMonitor: Lightweight Container Protection with Virtualization and VM Functions

SEDSpec: Securing Emulated Devices by Enforcing Execution Specification

Y. Chen et al., "SEDSpec: Securing Emulated Devices by Enforcing Execution Specification," 2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Brisbane, Australia, 2024, pp. 522-534, doi: 10.1109/DSN58291.2024.00056. keywords: {Performance evaluation;Runtime;Automation;Instruments;Emulation;Prototypes;Object recognition;device emulation;anomaly detection;execution specification;program analysis}

Log2Policy: An Approach to Generate Fine-Grained Access Control Rules for Microservices from Scratch

Shaowen Xu, Qihang Zhou, Heqing Huang, Xiaoqi Jia, Haichao Du, Yang Chen, and Yamin Xie. 2023. Log2Policy: An Approach to Generate Fine-Grained Access Control Rules for Microservices from Scratch. In Proceedings of the 39th Annual Computer Security Applications Conference (ACSAC 23). Association for Computing Machinery, New York, NY, USA, 229–240. https://doi.org/10.1145/3627106.3627137