đź“© zhangchuqi1999 AT
gmail DOT
com
🗺️ Singapore / Tempe, Arizona, USA
<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/f30304aa-3449-4968-94ed-4711f30b0b92/icons8-twitter-48.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/f30304aa-3449-4968-94ed-4711f30b0b92/icons8-twitter-48.png" width="40px" /> @ChuqiZhang99
</aside>
<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/46a01e87-8cf8-4ca8-98b3-f6bc18fbef39/linkedin_480px.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/46a01e87-8cf8-4ca8-98b3-f6bc18fbef39/linkedin_480px.png" width="40px" /> @ChuqiZhang
</aside>
<aside> <img src="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/2fa74db2-238f-4c09-9885-67ffd6699abb/icons8-instagram-48.png" alt="https://prod-files-secure.s3.us-west-2.amazonaws.com/93c3be3b-0845-402a-851e-2c59447f333f/2fa74db2-238f-4c09-9885-67ffd6699abb/icons8-instagram-48.png" width="40px" /> @cookiecan999
</aside>
<aside> <img src="/icons/git_gray.svg" alt="/icons/git_gray.svg" width="40px" /> @icegrave0391
</aside>
$$ \Huge \textbf {Chuqi ZHANG} \\ \small \textnormal {Ph.D. student in computer science} $$
Hello there! I'm a 5th-year Ph.D. student at the National University of Singapore (NUS), where I am working with Dr. Zhenkai Liang as my advisor. Meanwhile, I'm advised by Dr. Adil Ahmad at Arizona State University (ASU) as part of the ASTeRiSC Lab since November 2022.
My research focuses on the design of secure system software, spanning operating systems, hypervisors, and trusted execution environments (TEEs). I aim to build trustworthy and efficient system foundations for emerging application domains, such as SaaS, FaaS, and agentic AI platforms.
Currently, I work on enhancing confidential computing architectures, particularly confidential virtual machines (CVMs) and user-land library operating systems (LibOS). My goal is to extend CVM isolation for sandboxes and confidential containers, improving the security, reliability, and efficiency of cloud infrastructures and AI code agents. In parallel, I work on virtualization-based system monitoring designs for client-side isolation and privacy, including privacy-preserving secure gaming architectures, and LLM powered code semantics-assisted OS-level exploit detection and investigation frameworks. Previously, I also worked on eBPF, auditing system architecture design, forensics/provenance analysis, and program (binary) analysis.
Before pursuing my Ph.D. degree, I received my B.E. degree in Computer Science (ACM class) at the Huazhong University of Science and Technology in June, 2021.
I’m currently (during June - Sept 2025) working as a research intern at Microsoft Research in Redmond, WA, USA for “Systems for Scalable and Reliable AI Agents”. Mentored by: Jay Bosamiya, Weiteng Chen, and Weidong Cui.
📢 I’m open to work opportunities around the world! Please reach out if you're interested. Here’s my current CV:
Kernel Auditing using Augmented Reference Behavior Analysis and Virtualized Selective Tracing (to appear)
IEEE Symposium on Security and Privacy (S&P 2026)
Keywords: Virtualization-based security, EPTP-switching, LLM for profiling
<aside> đź’ˇ TBD.
</aside>
Erebor: A Drop-In Sandbox Solution for Private Data Processing in Untrusted Confidential Virtual Machines
European chapter of ACM SIGOPS (EuroSys 2025)
Keywords: TEE/sandbox container, Confidential VM, Intel Trust Domain eXtensions (Intel TDX)
<aside> đź’ˇ Confidential VMs (CVMs) protect data from cloud infrastructures, but they do not guarantee data privacy whenever the CVM tenants/workloads are untrusted (as third-party SaaS service providers). We ensure private client data processing in untrusted SaaS CVMs by creating sandboxes using (a) intra-kernel privilege isolation for a small security monitor, and (b) secure container runtime with userspace LibOS.
</aside>
Fuzzing the PHP Interpreter via Dataflow Fusion
In the 34th USENIX Security Symposium (USENIX Security 2025)
Distinguished Paper Award
The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches
In Proceedings of the 31st ACM Conference on Computer and Communications Security (CCS 2024).
Keywords: eBPF, TEE/enclave, OS/hypervisor, ARM Confidential Computing Architecture (ARM CCA)
<aside> đź’ˇ System observability (eBPF) is critical but vulnerable to a privileged, untrusted OS. We protect the integrity and availability of observability using a first-principles approach, which includes: (a) leveraging memory permission primitives (Stage-2 Page Table, S2PT, or Granule Protection Table, GPT), and (b) creating a secure enclave without trusting the OS or hypervisor.
</aside>
PalanTĂr: Optimizing Attack Provenance with Hardware-enhanced System Observability
In Proceedings of the 29st ACM Conference on Computer and Communications Security (CCS 2022).
Keywords: system auditing, Intel Processor Tracing (Intel PT), static taint summarization
<aside> đź’ˇ System call-level auditing is the fundamental approach for forensics but is too coarse-grained. We enhance its granularity by introducing hardware-assisted userspace control flow tracing, which (a) recovers instruction-level dependencies among syscalls, and (b) ensures efficient provenance tracking by static taint summarization.
</aside>
Erebor: A Drop-In Sandbox for Private Data Processing in Untrusted Confidential Virtual Machines
Microsoft Research Security & Privacy Workshop, Redmond, WA, USA, July 2025
EuroSys 2025, Rotterdam, Netherlands, April 2025
Towards Trusted Extensible Device Measurement and Management via Intra-Firmware Privilege Isolation
WoSCI (co-located with ASPLOS/EuroSys) 2025, Rotterdam, Netherlands, March 2025
- The HitchHiker's Guide to High-Assurance System Observability Protection with Efficient Permission Switches
- PalanTĂr: Optimizing Attack Provenance with Hardware-enhanced System Observability