Research
My research path began with hardware security primitives and progressed to the system level. FPGA Virtualization is a key aspect of my Ph.D. research. My current research direction will focus more on the contribution of hardware systems to security and privacy. I will continue to explore truly valuable cloud computing systems from hardware, system, and software levels.
FPGA Virtualization System: Hardware-Oriented Threats and Mitigations
Technologies for cloud virtualization are extensively utilized in public cloud services. Currently, there is significant focus in both industry and academic research on virtualization technologies involving FPGA-based cloud instances.
Our vision is to develop a commercial prototype of a Virtualized FPGA, further enhancing hardware acceleration support for internet applications. Considering the distinct system architecture of cloud FPGA instances, as opposed to traditional CPU/GPU-based cloud instances, and the hardware programmability of FPGAs, our focus begins with addressing the security challenges of multi-tenant FPGAs. We explore potential attack models and specific, commonly used attack methods, such as those in AI inference applications, to generate ideas for the design of Cloud FPGA hypervisors.
Featured publications
- Identified potential attacks within FPGA virtualization systems that exploit hardware programming, including but not limited to, attacks like stealing sensitive information through long-wire methods, fault injection via power distribution networks (PDN), side-channel analysis, and the denial-of-service attack.
- Engineered protective measures to counter the above attacks and incorporate these defenses into the hypervisor of FPGA virtualization systems.
- Developed specific defensive strategies for applications, such as protecting deep neural network (DNN) inference processes from the above attacks.
Hardware Security
My main contributions in the field of hardware security are focused on the development of hardware security primitives.
Featured publications
- Designed a True Random Number Generator (TRNG) hardware circuit based on Chaotic Cellular Automata Topology.
- A High-Performance and Secure TRNG Based on Chaotic Cellular Automata Topology (TCAS-I)
- The Game of Life in the grids below is a concrete example based on Cellular Automata (CA), starting with a random initial configuration and a series of evolution rules. Please click anywhere in the grids below to begin the evolution and observe the results.
- Utilized Physical Unclonable Function to design FPGA-based Trust Enclave.
- Developed a defense method for DNN inference against RowHammer attacks.
Trustworthy AI Acceleration and Optimization
The enactment of stricter privacy laws and the awakening of public awareness towards privacy protection demand higher levels of privacy and security for cloud services, urgently requiring the development of a reliable, secure computing accelerator. This research field aims to apply methods such as Multipart Computing (MPC), Fully Homomorphic Encryption (FHE), and Trusted Execution Environment (TEE) (e.g., Intel SGX, ARM TrustZone, AMD SEV) technologies to enable a trustworthy AI accelerator in the cloud, addressing critical privacy and security concerns.
Featured publications
- The research is about using quantization methods in 2-party computing-based DNN models.
- Reduce multiplication depth and optimize the performance of HE-based GCN inference.
- A DNN architecture and training method specifically designed for TEE.