张锋巍Google Scholar ResearcherID

副教授 计算机科学与工程系 课题组网站
张锋巍老师是南方科技大学计算机科学与工程系副教授，研究员。在加入南科大之前，他是美国韦恩州立大学计算机系助理教授（2015-2019）。他于2015年获得美国乔治梅森大学计算机专业的博士学位。主要研究领域是系统安全，包括可信执行、硬件辅助安全、恶意软件透明分析、交通灯系统安全，以及可否认加密。张老师已经发表了50余篇国际会议和期刊论文，并担任IEEE S&P，USENIX Security，ACM CCS等多个国际顶级会议程序委员会的成员，获ACSAC 2017杰出论文奖和IEEE/IFIP DSN 2020最佳论文提名。他的研究工作曾获得了多项美国自然基金项目的支持。加入南方科技大学后，他主持了2项企业横向项目，主持了1项国家自然科学基金青年科学基金项目。
个人简介教育背景?2010年8月-2015年5月，美国乔治梅森大学，计算机博士
2008年8月-2010年5月，美国哥伦比亚大学，计算机硕士
2004年9月-2008年7月，中国北方工业大学，计算机2+2双学位学士
?2006年8月-2008年5月，美国南方州立理工大学，计算机2+2双学位学士
工作经历?2019年9月-现今，南方科技大学计算机科学与工程系，副教授
2015年8月-2019年7月，美国韦恩州立大学计算机系，助理教授
荣誉与奖项2020 IEEE/IFIP DSN 最佳论文提名
2019 美国国家科学基金SaTC奖，项目主要负责人（share: ~50%）
2017 美国国家科学基金CICI奖，项目共同负责人 （share: ~25%）
2017 美国国家科学基金S&AS奖，项目共同负责人（share: ~20%）
2017 ACSAC 杰出论文奖

个人简介

研究领域计算机系统安全，可信执行环境，硬件辅助安全，恶意软件透明分析，可否认加密，交通安全。

---

教学南方科技大学
- 2021年春季学期， CS 102A 计算机程序设计概论
- 2020年秋季学期， CS 315 计算机安全
- 2020年春季学期， CS 102A 计算机程序设计概论
- 2019年秋季学期， CS 315 计算机安全
美国韦恩州立大学
- Winter 2019: CSC 5290, Cyber Security Practice, Instructor
- Winter 2019: CSC 3010, Ethics in Computer Science, Instructor
- Fall 2018: CSC 6991, Topics in Computer Security, Instructor
- Winter 2018: CSC 4992, Cyber Security Practice, Instructor
- Winter 2018: CSC 3010, Ethics in Computer Science, Instructor
- Fall 2017: CSC 6991, Topics in Computer Security, Instructor
- Winter 2017: CSC 4992, Cyber Security Practice, Instructor
- Fall 2016: CSC 6991, Topics in Computer Security, Instructor
- Winter 2016: CSC 5991, Cyber Security Practice, Instructor
- Fall 2015: CSC 6991, Advanced Computer Security, Instructor
美国乔治梅森大学
- Spring 2011: CS 571, Operating Systems, Teaching Assistant
- Fall 2010: CS 310, Data Structures, Teaching Assistant

---

学术成果 查看更多标记下划线”_”的作者是我实验室的学生，标记星号”*”的表示我是通讯作者。
Peer-Reviewed Conference and Workshop Publications
[1].BadUSB- C: Revisiting BadUSB with Type-C, Hongyi Lu, Shuqing Li, You Lin, Chaozu Zhang, Yechang Wu, Fengwei Zhang*, To Appear In Proceedings of the 15th Workshop On Offensive Technologies (WOOT’21), in conjunction with the 42nd IEEE Symposium on Security and Privacy (S&P’21), May, 2021. This work is a course project from my CS 315 Computer Security Class, all co-authors are undergraduates in the class.
[2].Happer: Unpacking Android Apps via a Hardware-Assisted Approach , Lei Xue, Hao Zhou, Xiapu Luo, Yajin Zhou, Yang Shi, Guofei Gu, Fengwei Zhang, and Man Ho Au, To Appear In 42nd IEEE Symposium on Security and Privacy (S&P’21), May, 2021.
[3].E-SGX: Cache Side-Channel Protection for Intel SGX on Untrusted OS, Fan Lang, Huorong Li, Wei Wang, Jingqiang Lin, Fengwei Zhang, Wuqiong Pan, and Qiongxiao Wang, To Appear In Proceedings of the 16th International Conference on Information Security and Cryptology (Inscrypt’20), Guangzhou, China, December, 2020.
[4].SEED: Confidential Big Data Workflow Scheduling with Intel SGX Under Deadline Constraints, Ishtiaq Ahmed, Saeid Mofrad, Shiyong Lu, Changxin Bai, Fengwei Zhang*, and Dunren Che, In Proceedings of the IEEE International Conference on Services Computing (SCC’20), Beijing, China, October, 2020.
[5].HART: Hardware-assisted Kernel Module Tracing on Arm, Yunlan Du?, Zhenyu Ning?, Jun Xu, Zilong Wang, Yueh-Hsun Lin, Fengwei Zhang*, Xinyu Xing, and Bing Mao, In Proceedings of the 25th European Symposium on Research in Computer Security (ESORICS’20), Guildford, United Kingdom, September, 2020. (? These authors contributed equally to this work).
[6].Uranus: Simple, Efficient SGX Programming and Its Applications, Jianyu Jiang, Xusheng Chen, Tze On Li, Cheng Wang, Tianxiang Shen, Shixiong Zhao, Heming Cui, Cho-Li Wang, Fengwei Zhang, In Proceedings of the 15th ACM ASIA Conference on Computer and Communications Security (AsiaCCS’20), Taipei, Taiwan, October, 2020.
[7].KShot: Live Kernel Patching with SMM and SGX, Lei Zhou, Fengwei Zhang*, Jinghui Liao, Zhenyu Ning, Jidong Xiao, Kevin Leach, Westley Weimer, and Guojun Wang, In Proceedings of the 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’20), Valencia, Spain, June, 2020 (Runner-up Best Paper Award, 3 out of 291 submissions).
[8].SecDATAVIEW: A Secure Big Data Workflow Management System for Heterogeneous Computing Environments, Saeid Mofrad, Ishtiaq Ahmed, Shiyong Lu, Ping Yang, Heming Cui, and Fengwei Zhang*, In Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC’19), San Juan, Puerto Rico, December, 2019.
[9].Defeating Speculative-Execution Attacks on SGX with HyperRace, Guoxing Chen, Mengyuan Li, Fengwei Zhang, and Yinqian Zhang, In Proceedings of the 2019 IEEE Conference on Dependable and Secure Computing (IDSC’19), Hangzhou, China, November, 2019.
[10].SecLabel: Enhancing RISC-V Platform Security with Labelled Architecture, Zhenyu Ning,?Yinqian Zhang, and Fengwei Zhang*, In the 1st China RISC-V Forum (CRVF’19), Shenzhen, China, November, 2019.
[11].A Study of the Multiple Sign-in Feature in Web Applications, Marwan Albahar, Xing Gao, Gaby G. Dagher, Daiping Liu, Fengwei Zhang, and Jidong Xiao, In Proceedings of the 15th EAI International Conference on Security and Privacy in Communication Networks (SecureComm’19), Short paper, Orlando, Florida, October, 2019.
[12].Nighthawk: Transparent System Introspection from Ring -3, Lei Zhou, Jidong Xiao, Kevin Leach, Westley Weimer, Fengwei Zhang*, and Guojun Wang, In Proceedings of the 24th European Symposium on Research in Computer Security (ESORICS’19), Luxembourg, September, 2019.
[13].Understanding the Security of Traffic Signal Infrastructure, Zhenyu Ning, Fengwei Zhang*, and Stephen Remias, In Proceedings of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA’19), Gothenburg, Sweden, June, 2019.
[14].Understanding the Security of ARM Debugging Features, Zhenyu Ning and Fengwei Zhang, In Proceedings of the 40th IEEE Symposium on Security & Privacy (S&P’19), San Francisco, California, May, 2019. , Nailgun project is online! CVE-2018-18068.
[15].Preliminary Study of Trusted Execution Environments on Heterogeneous Edge Platforms, Zhenyu Ning, Jinghui Liao, Fengwei Zhang, and Weisong Shi, In Proceedings of the 1st ACM/IEEE Workshop on Security and Privacy in Edge Computing (EdgeSP’18), in conjunction with The 3rd ACM/IEEE Symposium on Edge Computing (SEC’18), Bellevue, WA, October, 2018.
[16].A Comparison Study of Intel SGX and AMD Memory Encryption Technology, Saeid Mofrad, Fengwei Zhang, Shiyong Lu, and Weidong Shi, In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP’18), in conjunction with The 45th International Symposium on Computer Architecture (ISCA’18), Los Angeles, California, June, 2018.
[17].DexLego: Reassembleable Bytecode Extraction for Aiding Static Analysis, Zhenyu Ning and Fengwei Zhang, In Proceedings of the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’18), Luxembourg, June, 2018.
[18].MobiCeal: Towards Secure and Practical Plausibly Deniable Encryption on Mobile Devices, Bing Chang, Fengwei Zhang, Bo Chen, Yingjiu Li, Wen-Tao Zhu, Yangguang Tian, Zhan Wang, and Albert Ching, In Proceedings of the 48th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’18), Luxembourg, June, 2018.
[19].Transparent Malware Debugging on x86 and ARM, Zhenyu Ning and Fengwei Zhang, In DEF CON China Hacking Conference, Beijing, China, May, 2018.
[20].Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices, Le Guan, Shijie Jia, Bo Chen, Fengwei Zhang, Bo Luo, Jingqiang Lin, Peng Liu, Xinyu Xing, and Luning Xia, In Proceedings of the 33rd Annual Computer Security Application Conference (ACSAC’17), Orlando, Florida, December, 2017 (Distinguished Paper Award).
[21].Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage, Kevin Leach, Fengwei Zhang, and Westley Weimer, In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID’17), Atlanta, Georgia, September, 2017.
[22].Ninja: Towards Transparent Tracing and Debugging on ARM, Zhenyu Ning and Fengwei Zhang, In Proceedings of the 26th USENIX Security Symposium (USENIX-Security’17), Vancouver, BC, Canada, August, 2017.
[23].Using Asynchronous Collaborative Attestation to Build A Trusted Computing Environment for Mobile Applications, Lei Zhou, Fengwei Zhang, and Guojun Wang, In Proceedings of the 3rd IEEE International Conference on Smart World Congress (SWC’17), Newark, California, August, 2017.
[24].Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments, Zhenyu Ning, Fengwei Zhang, Weisong Shi, and Larry Shi, In Proceedings of the Hardware and Architectural Support for Security and Privacy(HASP’17) , in conjunction with The 44th International Symposium on Computer Architecture (ISCA’17), Toronto, ON, Canada, June, 2017.
[25].COMS: Customer Oriented Migration Service, Kai Huang, Xing Gao, Fengwei Zhang, and Jidong Xiao, In Proceedings of the 10th IEEE International Conference on Cloud Computing (CLOUD’17), Honolulu, Hawaii, June, 2017.
[26].Breaking BLE Beacons For Fun But Mostly Profit, Constantinos Kolias, Lucas Copi, Fengwei Zhang, and Angelos Stavrou, In Proceedings of the 10th European Workshop on Systems Security (EuroSec’17), in conjunction with The 12th European Conference on Computer Systems (EuroSys’17), Belgrade, Serbia, April, 2017.
[27].SoK: A Study of Using Hardware-assisted Isolated Execution Environments for Security, Fengwei Zhang and Hongwei Zhang, In Proceedings of the Hardware and Architectural Support for Security and Privacy (HASP’16), in conjunction with The 43rd International Symposium on Computer Architecture (ISCA’16), Seoul, South Korea, June, 2016.
[28].Towards Transparent Introspection, Kevin Leach, Chad Spensky, Westley Weime, and Fengwei Zhang, In Proceedings of the 23rd IEEE Conference on Software Analysis, Evolution, and Reengineering (SANER’16), Osaka, Japan, March, 2016.
[29].MobiPluto: File System Friendly Deniable Storage for Mobile Devices, Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang, In Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC’15), Los Angeles, California, December, 2015.
[30].Class-Chord: Efficient Messages to Classes of Nodes in Chord, Dan Fleck, Sharath Hiremagalore, Stephen Reese, Liam McGhee, and Fengwei Zhang, In Proceedings of the 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud’15), New York City, New York, November, 2015.
[31].Using Hardware Features for Increased Debugging Transparency, Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, and Kun Sun, In Proceedings of the 36th IEEE Symposium on Security and Privacy (S&P’15), San Jose, California, May, 2015.
[32].TrustLogin: Securing Password-Login on Commodity Operating Systems, Fengwei Zhang, Kevin Leach, Haining Wang, and Angelos Stavrou, In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (AsiaCCS’15), Singapore, April, 2015.
[33].A Framework to Secure Peripherals at Runtime, Fengwei Zhang, Haining Wang, Kevin Leach, and Angelos Stavrou, In Proceedings of the 19th European Symposium on Research in Computer Security (ESORICS’14), Wroclaw, Poland, September, 2014.
[34].IOCheck: A Framework to Enhance the Security of I/O Devices at Runtime (student paper) , Fengwei Zhang, In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’13), Budapest, Hungary, June, 2013.
[35].SPECTRE: A Dependable Introspection Framework via System Management Mode, Fengwei Zhang, Kevin Leach, Kun Sun, and Angelos Stavrou, In Proceedings of the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’13), Budapest, Hungary, June, 2013.
[36].SecureSwitch: BIOS-Assisted Isolation and Switch between Trusted and Untrusted Commodity OSes, Kun Sun, Jiang Wang, Fengwei Zhang, and Angelos Stavrou, In Proceedings of the 19th Annual Network & Distributed System Security Symposium (NDSS’12), San Diego, California, February, 2012.
[37].Firmware-assisted Memory Acquisition and Analysis tools for Digital Forensic, Jiang Wang, Fengwei Zhang, Kun Sun, and Angelos Stavrou, In Proceedings of the 6th International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE’11), in conjunction with The 32nd IEEE Symposium on Security and Privacy (S&P’11), Oakland, California, May, 2011.
[38].Temporal Metrics for Software Vulnerabilities, Ju An Wang, Fengwei Zhang, and Min Xia, In Proceedings of the 4th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW’08), Oak Ridge, Tennessee, May, 2008.
Journal Publications
[1].A Coprocessor-based Introspection Framework via Intel Management Engine, Lei Zhou, Fengwei Zhang*, Jidong Xiao, Kevin Leach, Westley Weimer, Xuhua Ding, and Guojun Wang. To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC’21), 2021.
[2].An Attribute-Isolated Secure Communication Architecture for Intelligent Connected Vehicles, Mu Han, Ailan Wan, Fengwei Zhang, and Shidian Ma, To Appear In IEEE Transactions on Intelligent Vehicle (T-IV’20), 2020. Impact Factor: 7.420.
[3].DAENet: Making Strong Anonymity Scale in a Fully Decentralized Network, Tianxiang Shen, Jianyu Jiang, Yunpeng Jiang, Xusheng Chen, Ji Qi, Shixiong Zhao, Fengwei Zhang*, Xiapu Luo, and Heming Cui*, To Appear In IEEE Transactions on Dependable and Secure Computing (TDSC’20), 2020. Impact Factor: 6.404.
[4].RansomSpector: An Introspection-Based Approach to Detect Crypto Ransomware, Fei Tang, Boyang Ma, Jinku Li, Fengwei Zhang, Jipeng Su, Jianfeng Ma, To Appear In Elsevier Computers & Security (CompSec’20), 2020. Impact Factor: 3.579.
[5].Nailgun: Breaking Privilege Isolation on ARM, 钉枪：突破ARM特权隔离, Fengwei Zhang and Zhenyu Ning, 张锋巍,宁振宇, In Communications of China Computer Federation (CCCF’20),《中国计算机学会通讯》Vol.16, No.1, pp.51-54, 2020.
[6].A Study of Using TEE on Edge Computing, 基于边缘计算的可信执行环境研究, Zhenyu Ning, Fengwei Zhang*, and Weisong Shi, 宁振宇,张锋巍*,施巍松, In Journal of Computer Research and Development (JCDR’19),《计算机研究与发展》Vol.56, No.7, pp.1441-1453, 2019.
[7].Hardware-assisted Transparent Tracing and Debugging on ARM, Zhenyu Ning and Fengwei Zhang, In IEEE Transactions on Information Forensics & Security (TIFS’19), Vol.14, No.6, pp.1595-1609, 2019. Impact Factor: 5.824 (11/2018).
[8].SADUS: Secure Data Deletion in User Space for Mobile Devices, Li Yang, Teng Wei, Fengwei Zhang, Jianfeng Ma, In Elsevier Computers & Security (CompSec’18), Vol.77, pp.612-626, 2018. Impact Factor: 2.849.
[9].FINE-CFI: Fine-grained Control- Flow Integrity for Operating System Kernels, Jinku Li, Xiaomeng Tong, Fengwei Zhang, and Jianfeng Ma, In IEEE Transactions on Information Forensics & Security (TIFS’18), Vol.13, No.6, pp.1535-1550, 2018. Impact Factor: 4.332.
[10].User-Friendly Deniable Storage for Mobile Devices, Bing Chang, Yao Cheng, Bo Chen, Fengwei Zhang, Wen Tao Zhu, Yingjiu Li, and Zhan Wang, In Elsevier Computers & Security (CompSec’18), Vol.72, pp.163-174, 2018. Impact Factor: 2.849.
[11].Towards Transparent Debugging, Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang, In IEEE Transactions on Dependable and Secure Computing (TDSC’18), Vol.15, No.2, pp.321-335, 2018. Impact Factor: 4.410.
[12].HyperCheck: A Hardware-Assisted Integrity Monitor, Fengwei Zhang, Jiang Wang, Kun Sun, and Angelos Stavrou, In IEEE Transactions on Dependable and Secure Computing (TDSC’14), Vol.11, No.4, pp.332-344, July-August 2014.
[13].Metrics for Information Security Vulnerabilities, Ju An Wang, Min Xia, and Fengwei Zhang,In Journal of Applied Global Research (JAGR’08), Vol.1, No.1, pp.48-58, 2008.
Patents
[1].Methods and Systems for Increased Debugging Transparency, Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang, U.S. Patent Number 10,127,137. Issued on November 13, 2018.



新闻动态 更多新闻
第二届Compass组会总结大会圆满结束2021-06-08

转：华为采用南科大计算机系本科生的成果封堵手机漏洞2021-05-30

北京大学郭宗明教授来我校做前沿讲座报告2021-05-29

团队成员 查看更多








加入团队 Array
The COMputer And Systems Security (COMPASS) lab ?is dedicated to pursue cutting-edge research in all aspects of computer and systems security. Our research includes trustworthy execution, mobile malware analysis, system introspection, debugging transparency, and plausible deniability encryption.
张锋巍博士现任南方科技大学副教授（PI），主要研究计算机系统安全领域，个人主页https://fengweiz.github.io。课题组拟招聘博士后及博士研究生等科研人才。有意者请将CV、成绩单及其他补充材料说明发送至邮箱zhangfw@sustech.edu.cn，以“应聘位置-应聘者姓名”为题，联系人：张锋巍。
博士后招聘岗位要求:
年龄35周岁以下；
已获得或即将获得计算机、应用数学、信息科学或相关领域的博士学位，原则上获得博士学位不超过3年；
对科学研究具有浓厚兴趣，工作认真负责，科学研究态度严谨，具有良好的团队合作精神；
具有专业英文文献阅读、写作能力；
发表过高水平期刊、会议论文；
具有计算机系统安全背景者优先考虑。
薪酬福利:
年薪不低于5万元（含省市补贴）。优秀博士后可申请“校长卓越博士后”，年薪不低于50.7万元（含省市补贴）；
福利费参照学校教职工标准发放，并按深圳市有关规定参加社会保险及住房公积金；
未使用校内周转宿舍或未依托学校使用深圳市公租房的博士后，可另享受住房补贴。
博士后项目及基金介绍：
广东省博士后在站生活补贴：30万/两年
深圳市博士后在站生活补贴：12万/两年（税后）
博士后创新人才支持计划：63万/两年（与广东省补贴不兼容）
博士后国际交流计划引进项目：60万/两年（与广东省补贴不兼容）
中国博士后科学基金特别赞助（站前、站中）：18万（科研经费）
中国博士后科学基金面上项目：12万/8万（科研经费）
广东省海外青年博士后引进项目：60万/两年（与广东省、深圳市补贴不兼容）
岗位职责:
进行计算机系统安全领域科研工作并撰写英文论文；
协助进行本科生及研究生科研训练。
博士研究生南方科技大学与众多国际一流大学共同招收联合培养博士研究生，实行双校联合培养，双导师指导，毕业后颁发合作大学博士学位。张老师的课题组已经和境外多所大学的教授建立好了合作关系。招生通知：https://gs.sustc.edu.cn/boshilianpei2020。
南方科技大学从2019年开始独立招收硕士和博士研究生，全面实行“申请-考核”制，每年度进行两次，分别于秋季、春季学期进行。招生通知：https://gs.sustc.edu.cn/boshi2020。
招收条件：
已获得或即将获得计算机、应用数学、信息科学或相关领域的硕士学位，或本科学位特别优秀者；
对科学研究具有兴趣，工作认真负责，科学研究态度严谨, 具有良好的团队合作精神；
具有较好英文文献阅读、写作能力；
发表过高水平期刊、会议论文者优先考虑；
具有计算机系统安全背景者优先考虑。
岗位待遇：
奖学金10万元，根据https://gs.sustc.edu.cn/jiangxuejina规定发放；
根据工作表现及科研成绩发放绩效奖金。
岗位职责：
进行计算机系统安全领域科研工作并撰写英文论文；
协助进行本科生科研训练。
研究助理招聘招聘条件：
已获得或即将获得计算机、应用数学、信息科学或相关领域的硕士学位，或本科学位特别优秀者；
对科学研究具有兴趣，工作认真负责，科学研究态度严谨, 具有良好的团队合作精神；
具有较好英文文献阅读、写作能力；
发表过高水平期刊、会议论文者优先考虑；
具有计算机系统安全统背景者优先考虑；
有意在南方科技大学研博者优先考虑。
岗位待遇：
基本工资8000元/月起；
根据工作表现及科研成绩发放绩效奖金；
享受医疗保险、养老保险、工伤保险等基本社会保险和住房公积金；
享受餐费、过节费、高温补贴等其他教职工福利待遇。
岗位职责：
进行计算机系统安全领域科研工作并撰写英文论文；
协助进行本科生科研训练；
辅助课题组日常管理工作。
访问学生招聘招聘条件：
计算机、应用数学、信息科学或相关领域的在读本科或硕博生；
对科学研究具有兴趣，工作认真负责，科学研究态度严谨, 具有良好的团队合作精神；
具有较好英文文献阅读、写作能力；
欢迎交叉学科背景****；
岗位待遇：
面议，享住房、餐食、交通等补助。
岗位职责：
进行计算机系统安全领域科研工作并撰写英文论文。

查看更多