My lab is looking for Ph.D. students, postdocs, and full-time research assitants. Email me if you are interested in applying.
A formally verified KVM hypervisor that hosts confidential VMs (CVMs) for multiprocessor hardware.
An extended SeKVM with kernel integrity protection.
A Rust-based secure KVM hypervisor for CVMs.
Cache flush and memory contention side-channels on AMD SEV.
A kernel-module/compiler-based system call protection framework.
Built the first prototype for CVM live migration on Arm Confidential Compute Architecture (CCA).