Selected Publications

"Toward Understanding the Security of Plugins in Continuous Integration Services",
Xiaofan Li, Yacong Gu, Chu Qiao, Zhenkai Zhang, Daiping Liu, Lingyun Ying, Haixin Duan, and Xing Gao,
to appear in ACM CCS 2024, Salt Lake City, UT, October 2024.
"Game Theory in Distributed Systems Security: Foundations, Challenges, and Future Directions",
Mustafa Abdallah, Saurabh Bagchi, Shaunak Bopardikar, Kevin Chan, Xing Gao, Murat Kantarcioglu, Congmiao Li, Peng Liu, and Quanyan Zhu,
to appear in IEEE Security & Privacy.
"Invalidate+Compare: A Timer-Free GPU Cache Attack Primitive",
Zhenkai Zhang, Kunbei Cai, Yanan Guo, Fan Yao, and Xing Gao,
to appear in USENIX Security 2024, Philadelphia, PA, August 2024.
"More Haste, Less Speed: Cache Related Security Threats in Continuous Integration Services",
Yacong Gu, Lingyun Ying, Huajun Chai, Yingyuan Pu, Haixin Duan, and Xing Gao,
in IEEE S&P 2024, San Francisco, CA, May 2024.
"Characterizing Ethereum Upgradable Smart Contracts and Their Security Implications",
Xiaofan Li, Jin Yang, Jiaqi Chen, Yuzhe Tang, and Xing Gao,
in The Web Conference (WWW) 2024, Singapore, May 2024.
"TunneLs for Bootlegging: Fully Reverse-Engineering GPU TLBs for Challenging Isolation Guarantees of NVIDIA MIG",
Zhenkai Zhang, Tyler Allen, Fan Yao, Xing Gao, and Rong Ge,
in ACM CCS 2023, Copenhagen, Denmark, November 2023.
"Unsupervised Multi-Criteria Adversarial Detection in Deep Image Retrieval",
Yanru Xiao, Cong Wang, and Xing Gao,
in EAI SecureComm 2023, Hong Kong SAR, Hong Kong, October 2023.
"Continuous Intrusion: Characterizing the Security of Continuous Integration Services",
Yacong Gu, Lingyun Ying, Huajun Chai, Chu Qiao, Haixin Duan, and Xing Gao,
in IEEE S&P 2023, San Francisco, CA, May 2023.
"Investigating Package Related Security Threats in Software Registries",
Yacong Gu, Lingyun Ying, Yingyuan Pu, Xiao Hu, Huajun Chai, Ruimin Wang, Xing Gao, and Haixin Duan,
in IEEE S&P 2023, San Francisco, CA, May 2023.
"SDN Application Backdoor: Disrupting the Service via Poisoning the Topology",
Shuhua Deng, Xian Qing, Xiaofan Li, Xing Gao, and Xieping Gao,
in IEEE INFOCOM 2023, New York, May 2023.
"Ready Raider One: Exploring the Misuse of Cloud Gaming Services",
Guannan Liu, Daiping Liu, Shuai Hao, Xing Gao, Kun Sun, and Haining Wang,
in ACM CCS 2022, Los Angeles, LA, November 2022.
"An Investigation on Data Center Cooling Systems Using FPGA-based Temperature Side Channels",
Yuan Liang, Xing Gao, Kun Sun, Wenjie Xiong, and Haining Wang,
in SRDS 2022, Vienna, Austria, September 2022.
"Exploring the Unchartered Space of Container Registry Typosquatting",
Guannan Liu, Xing Gao, Haining Wang, and Kun Sun,
in USENIX Security 2022, Boston, MA, August 2022.
"TORPEDO: A Fuzzing Framework for Discovering Adversarial Container Workloads",
Kent McDonough*, Xing Gao*, Shuai Wang, and Haining Wang,
in IEEE DSN 2022, Baltimore, MD, June 2022. (*Co-first authors)
"Time-Print: Authenticating USB Flash Drives with Novel Timing Fingerprints",
Patrick Cronin, Xing Gao, Haining Wang, and Chase Cotton,
in IEEE S&P 2022, San Francisco, CA, May 2022.
"An Exploration of ARM System-Level Cache and GPU Side Channels",
Patrick Cronin, Xing Gao, Haining Wang, and Chase Cotton,
in ACSAC 2021, Virtual Conference, December 2021.
"Charger-Surfing: Exploiting a Power Line Side-Channel for Smartphone Information Leakage",
Patrick Cronin, Xing Gao, Chengmo Yang, and Haining Wang,
in USENIX Security 2021, Vancouver, BC, Canada, August 2021.
"A Framework for Behavioral Biometric Authentication using Deep Metric Learning on Mobile Devices",
Cong Wang, Yanru Xiao, Xing Gao, Li Li, and Jun Wang,
in IEEE Transactions on Mobile Computing (TMC).
"CloudSkulk: A Nested Virtual Machine Based Rootkit and Its Detection",
Joseph Connelly, Taylor Roberts, Xing Gao, Jidong Xiao, Haining Wang, and Angelos Stavrou,
in IEEE DSN 2021, Virtual Conference, June 2021.
"Red Alert for Power Leakage: Exploiting Intel RAPL-Induced Side Channels",
Zhenkai Zhang, Sisheng Liang, Fan Yao, and Xing Gao,
in ACM AsiaCCS 2021, Hong Kong, China, June 2021.
"An Investigation of Identity-Account Inconsistency in Single Sign-On",
Guannan Liu, Xing Gao, and Haining Wang,
in The Web Conference (WWW) 2021, Ljubljana, Slovenia, April 2021.
"Evade Deep Image Retrieval by Stashing Private Images in the Hash Space",
Yanru Xiao, Cong Wang, and Xing Gao,
in IEEE CVPR 2020, Seattle, WA, June 2020.
"Investigating Security Vulnerabilities in a Hot Data Center with Reduced Cooling Redundancy",
Xing Gao, Guannan Liu, Zhang Xu, Haining Wang, Li Li, and Xiaorui Wang,
in IEEE Transactions on Dependable and Secure Computing (TDSC).
"Understanding the Security Implication of Aborting Live Migration",
Xing Gao, Jidong Xiao, Haining Wang, and Angelos Stavrou,
in IEEE Transactions on Cloud Computing (TCC).
"Houdini’s Escape: Breaking the Resource Rein of Linux Control Groups",
Xing Gao, Zhongshu Gu, Zhengfa Li, Hani Jamjoom, and Cong Wang,
in ACM CCS 2019, London, UK, November 2019.
"Close the Gap between Deep Learning and Mobile Intelligence by Incorporating Training in the Loop",
Cong Wang, Yanru Xiao, Xing Gao, Li Li, and Jun Wang,
in ACM Multimedia 2019, Nice, France, October 2019. (Oral presentation)
"A Study on the Security Implications of Information Leakages in Container Clouds",
Xing Gao, Benjamin Steenkamer, Zhongshu Gu, Mehmet Kayaalp, Dimitrios Pendarakis, and Haining Wang,
in IEEE Transactions on Dependable and Secure Computing (TDSC).
"Reduced Cooling Redundancy: A New Security Vulnerability in a Hot Data Center",
Xing Gao, Zhang Xu, Haining Wang, Li Li, and Xiaorui Wang,
in NDSS 2018, San Diego, CA, February 2018.
"Packet Injection Attack and Its Defense in Software-Defined Networks",
Shuhua Deng, Xing Gao, Zebin Lu, and Xieping Gao,
in IEEE Transactions on Information Forensics and Security (TIFS).
"ContainerLeaks: Emerging Security Threats of Information Leakages in Container Clouds",
Xing Gao, Zhongshu Gu, Mehmet Kayaalp, Dimitrios Pendarakis, and Haining Wang,
in IEEE DSN 2017, Denver, CO, June 2017.
"Detecting Passive Cheats in Online Games via Performance-Skillfulness Inconsistency",
Daiping Liu, Xing Gao, Mingwei Zhang, Haining Wang, and Angelos Stavrou,
in IEEE DSN 2017, Denver, CO, June 2017.
"E-Android: A New Energy Profiling Tool for Smartphones",
Xing Gao, Dachuan Liu, Daiping Liu, Haining Wang, and Angelos Stavrou,
in IEEE ICDCS 2017, Atlanta, GA, June 2017.
"PmDroid: Permission Supervision for Android Advertising",
Xing Gao, Dachuan Liu, Haining Wang, and Kun Sun,
in IEEE SRDS 2015, Montreal, Quebec, Canada, September 2015.
"Exploiting Eye Tracking for Smartphone Authentication",
Dachuan Liu, Bo Dong, Xing Gao, and Haining Wang,
in ACNS 2015, New York, NY, June 2015.