About Me
I am currently a Ph.D. candidate at Georgia Tech, working with Prof. Taesoo Kim at Systems Software & Security Lab. I am the author of SGX101, an Intel SGX tutorial website with programming examples and reference resources. Before coming to GaTech, I graduated from University of Southern California (USC) with a Bachelor's degree in Computer Science in 2018.
I am interested in different areas of security & privacy, including Trusted Computing, Edge and IoT Security, System Security, and Reverse Engineering. I have interned at Cisco Research and ByteDance Research.
Currently I am exploring VR/AR/XR Security.
News
- (11/2023)[Service] I am invited to serve on the program committee of the 2024 EAI International Conference on Security and Privacy in Communication Networks (SecureComm).
- (10/2023)[Paper] Our paper, "Sense: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification", has been accepted to appear in NDSS 2024!
- (9/2023)[Service] I am invited to be a Qualification Round program committee member for NYU’s CSAW’23 Cyber Security Applied Research Paper Competition.
- (10/2022)[Patent] Our patent, "Access point and communication connection method therefor" (US20220345890A1), has been published!
- (04/2022)[Paper] Our paper, "Pridwen: Universally Hardening SGX Programs via Load-Time Synthesis", has been accepted to appear in USENIX ATC 2022!
- (04/2021)[Paper] Our paper, "Hardware Support to Improve Fuzzing Performance and Precision", has been accepted to appear in ACM CCS 2021! Congrats to Ren!
Grants and Funding
-
Cisco Research Funding ($154k)2022
Delivered proposal on defeating next-generation cyber threats in the edge environment.
Resulted in $154k research funding from Cisco.
Publications and Preprints
-
Sense: Enhancing Microarchitectural Awareness for TEEs
via Subscription-Based Notification
[pdf][slides][code]
Fan Sang, Jaehyuk Lee, Xiaokuan Zhang, Meng Xu, Scott Constable, Yuan Xiao, Michael Steiner, Mona Vij, and Taesoo Kim
NDSS'24: In Proceedings of the 2024 Annual Network and Distributed System Security Symposium
San Diego, CA, USA, February 2024 (Acceptance rate: 104/694=15.0%) -
Prime+Retouch: When Cache is Locked and Leaked
[pdf]
Jaehyuk Lee, Fan Sang, and Taesoo Kim
arXiv:2402.15425 [cs.CR]
February 2024 -
Prometheus: Infrastructure Security Posture Analysis with AI-generated Attack Graphs
[pdf]
Xin Jin, Charalampos Katsis, Fan Sang, Jiahao Sun, Elisa Bertino, Ramana Kompella, and Ashish Kundu
arXiv:2312.13119 [cs.CR]
December 2023 -
Pridwen: Universally Hardening SGX Programs via Load-Time
Synthesis
[pdf][slides][code]
Fan Sang, Ming-Wei Shih, Sangho Lee, Xiaokuan Zhang, Michael Steiner, Mona Vij, and Taesoo Kim
ATC'22: In Proceedings of the 2022 USENIX Annual Technical Conference
Carlsbad, CA, USA, July 2022 (Acceptance rate: 64/394=16.2%) -
Edge Security: Challenges and Issues
[pdf]
Xin Jin, Charalampos Katsis, Fan Sang, Jiahao Sun, Ashish Kundu, and Ramana Kompella
arXiv:2206.07164v1 [cs.CR]
July 2022 -
Hardware Support to Improve Fuzzing Performance and
Precision
[pdf][slides][code]
Ren Ding, Yonghae Kim, Fan Sang, Wen Xu, Gururaj Saileshwar, and Taesoo Kim
CCS'21: In Proceedings of the 28th ACM Conference on Computer and Communications Security
Seoul, South Korea, Nov 2021 (Acceptance rate: 196/879=22.3%) -
P2FaaS: Toward Privacy-Preserving Fuzzing as a
Service
[pdf]
Fan Sang, , Daehee Jang, Ming-Wei Shih, and Taesoo Kim
arXiv:1909.11164 [cs.CR]
Sep 2019
Patents
-
Access point and communication connection method therefor
Junbum Shin, Fan Sang, Meng Xu, and Taesoo Kim
US20220345890A1
Professional Services
Program Committee
- EAI International Conference on Security and Privacy in Communication Networks (SecureComm) 2024
- European Conference on Computer Systems (EuroSys) Shadow PC 2024
- USENIX Security Symposium (Security) Artifact Evaluation 2024
- NYU CSAW Cyber Security Applied Research Paper Competition 2023
Reviewer
- ACM Transactions on Privacy and Security (TOPS) 2024
- IEEE International Conference on Data Engineering (ICDE) 2024
- IEEE International Conference on Cloud Computing Technology and Science (CloudCom) 2023
- IEEE International Conference on Mobility, Sensing and Networking (MSN) 2023
- ACM Cloud Computing Security Workshop (CCSW) 2023
- EAI International Conference on Security and Privacy in Communication Networks (SecureComm) 2023
- IEEE Transactions on Computers (TC) 2022
- IEEE Transactions on Dependable and Secure Computing (TDSC) 2022
External Reviewer
- USENIX Security Symposium (Security) 2024
- ACM Asia Conference on Computer and Communications Security (AsiaCCS) 2023
- IEEE Symposium on Security and Privacy (Oakland) 2019, 2022
- ACM Conference on Computer and Communications Security (CCS) 2019
- ISOC Network and Distributed System Security Symposium (NDSS) 2020
- ACM Symposium on Operating Systems Principles (SOSP) 2021
- USENIX Annual Technical Conference (ATC) 2019
- USENIX Symposium on Networked Systems Design and Implementation (NDSI) 2020
Work Experience
- Security Research Internship at Cisco Research (Mentor: Dr. Ashish Kundu) May 2022 - Aug 2022
- Security Research Internship at ByteDance (Mentor: Dr. Yu Ding) May 2020 - Aug 2020
- Security Research Internship at Baidu X-Lab (Mentor: Dr. Tao Wei) Jun 2017 - Aug 2017
Teaching Experience
- (GaTech) Teaching Assistant for CS6265: Information Security Lab Aug 2021 - Dec 2021
- (GaTech) Teaching Assistant for CS6265: Information Security Lab Jan 2020 - May 2020
- (GaTech) Teaching Assistant for CS6265: Information Security Lab Aug 2019 - Dec 2019
- (USC) Teaching Assistant for CSCI 270: Introduction to Algorithms and Theory of Computing Aug 2017 - May 2018
- (USC) Teaching Assistant for CSCI 103: Introduction to Programming Aug 2016 - Dec 2016