Mengyuan's Homepage

Mengyuan Li

Postdoctoral Associate [Google Scholar]

Computer Science and Artificial Intelligence Laboratory (CSAIL)
Electrical Engineering and Computer Science Department
MIT, USA

E-mail: lmy@mit.edu .

About me

I'm now a postdoc researcher in CSAIL at MIT (2022 - now), working with Prof. Mengjia Yan. I graduated from The Ohio State University (OSU) with a Ph.D. in Computer Science and Engineering in 2022, advised by Prof. Yinqian Zhang. Before coming to OSU, I graduated from Shanghai Jiao Tong University (SJTU) with the Bachelor's degree of Electronic Engineering in 2016.

I am very honored to join USC starting from Fall 2024.

Publication

Bridge the Future: High-Performance Networks in Confidential VMs without Trusted I/O devices [arxiv]
Mengyuan Li, Shashvat Srivastava, Mengjia Yan
Under Submission.

SHIELD: A Secure and Efficient TEE Extension to Harness the Power of Customizable FPGA Accelerators
Chengkun Wei*, Mengyuan Li*, et al. (*equal contribution)
Under Submission.
[Taped Out] SHIELD is now under unit test in Alibaba Cloud for future commercial purposes.

SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments (To appear) [pdf]
Mengyuan Li, Yuheng Yang, Guoxing Chen, Mengjia Yan, Yinqian Zhang
ACM ASIACCS'24.

CipherH: Automated Detection of Ciphertext Side-channel Vulnerabilities in Cryptographic Implementations [pdf]
Sen Deng, Mengyuan Li, Yining Tang, Shuai Wang, Shoumeng Yan, Yinqian Zhang
USENIX Security Symposium'23.

PWRLEAK: Exploiting Power Reporting Interface for Side-channel Attacks on AMD SEV [pdf]
Wubing Wang, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
20th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2023).
Security bulletin from AMD [AMD-SB-3004], CVE [CVE-2023-20575]

A Systematic Look at Ciphertext Side Channels [pdf]
Mengyuan Li*, Luca Wilke*, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, Yinqian Zhang
(*equal contribution)
IEEE Symposium on Security and Privacy'22. (Acceptance rate: 57/407=14.0%)
Security bulletin from AMD [AMD-SB-1033], CVE [CVE-2021-46744]
💥An official [White Paper] from AMD for TEE developers and users to write code in a Ciphertext Side-channel-resistant way.

vSGX: Virtualizing SGX Enclaves on AMD SEV [pdf]
Shixuan Zhao, Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
IEEE Symposium on Security and Privacy'22. (Acceptance rate: 54/327=15.2%)

TLB Poisoning Attacks on AMD Secure Encrypted Virtualization [pdf]
Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, Yueqiang Chen
The 2021 Annual Computer Security Applications Conference (ACSAC 2021). (Acceptance rate: 56/326=15.2%)
Security bulletin from AMD [AMD-SB-1023], CVE [CVE-2021-26340], Announcement from Lenovo, Related Patents from Baidu X-lab[1,2,3]

CROSSLINE: Breaking "Security-by-Crash" based Memory Isolation in AMD SEV [pdf] [bib]
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin
ACM Conference on Computer and Communications Security'21, Nov. 2021. (Acceptance rate: 196/879=22.3%)
Best Paper Awards (Runner-Ups) (14/879=1.6%) [plaque][link]

CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel [pdf] [bib] [patent]
Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, Yueqiang Chen
USENIX Security Symposium'21, Virtual, Aug. 2021. (Website) (Acceptance rate: 248/1319=18.8%)
AMD filed an embargo for the ciphertext side channel identified in the paper and announced a security bulletin together with a hardware patch for SEV-SNP in August 2021 [CVE-2020-12966]. Related Patents from Baidu Security X-lab[1,2,3]

Defeating speculative-execution attacks on SGX with HyperRace [pdf] [bib]
Guoxing Chen, Mengyuan Li, Fengwei Zhang, Yinqian Zhang
IEEE Conference on Dependable and Secure Computing'19, Hangzhou, China, Nov. 2021.

Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization [pdf] [bib]
Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, Yan Solihin
USENIX Security Symposium'19, Santa Clara, CA, Aug. 2019. (Acceptance rate: 113/697=16.2%)

Peeking Behind the Curtains of Serverless Platforms [pdf] [Github] [bib]
Liang Wang, Mengyuan Li, Yinqian Zhang, Thomas Ristenpart, Michael Swift
USENIX ATC'18, Boston, MA, USA, July. 2018. (Acceptance rate: 76/378=20.1%)

Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves [pdf] [arxiv] [Github] [bib]
Yuan Xiao, Mengyuan Li, Sanchuan Chen, Yinqian Zhang
ACM Conference on Computer and Communications Security'17, Dallas, TX, USA, Oct. 2017. (Acceptance rate: 151/843=17.9%)

When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals [pdf] [slides] [bib]
Mengyuan Li, Yan Meng, Junyi Liu, Haojin Zhu, Xiaohui Liang, Yao Liu, Na Ruan
ACM Conference on Computer and Communications Security'16, Vienna, Austria, Oct. 2016. (Acceptance rate: 137/831=16.5%)
( Demo and Youtube video). Media Coverage: The Register, The TechNews, Techworm, SPIEGEL ONLINE, Silicon, Fossbytes, Bitport

Work Experience

Graduate Research Associate 2017.9 - 2022.8

Graduate Teaching Associate (CSE 5331: Foundations II: Data Structures and Algorithms) 2022.5 - 2022.8

Graduate Teaching Associate (CSE 4471: Information Security) 2022.1 - 2022.5

Graduate Teaching Associate (CSE 5245: Introduction to Network Science) 2022.1 - 2022.5

Graduate Teaching Associate (CSE 6331: Algorithms) 2021.8 - 2021.12

Intern: Baidu Security (USA) (Teaclave Contributor)2021.1 - 2021.5

Professional Services

Program Committee

ACM Conference on Computer and Communications Security (CCS) 2024
IEEE European Symposium on Security and Privacy (EuroS&P) 2024
International Conference on Applied Cryptography and Network Security (ACNS) 2023

Reviewer

IEEE Transactions on Dependable and Secure Computing (TDSC) 2021, 2022, 2023
IEEE Transactions on Parallel and Distributed Systems (TPDS) 2023
IEEE Transactions on Mobile Computing (TMC) 2021, 2022
IEEE/ACM Transactions on Networking (TNET) 2021, 2022
IEEE Transactions on Emerging Topics in Computing (TETCSI) 2022

External Reviewer

IEEE Symposium on Security and Privacy (Oakland) 2020, 2022, 2023
ACM Conference on Computer and Communications Security (CCS) 2019, 2020, 2022, 2023
USENIX Security Symposium 2021
ISOC Network and Distributed System Security Symposium (NDSS) 2019
ACM Asia Conference on Computer and Communications Security (AsiaCCS) 2020
ACM Cloud Computing Security Workshop (CCSW)2021