News

[Apr 25] Validation and Endorsement Services accepted at SysTEX’25
[Mar 25] Accepted to serve on EuroSys’26 PC
[Feb 25] Cloud-Scale Distributed Capabilities accepted at HCDS’25
[Nov 24] Serve as co-chair for SysTEX’25
[Sep 24] Pegasus was accepted at EuroSys’25
[Aug 24] HFI is selected into IEEE Micro Top Picks 2023
[Aug 24] HFI is awarded honorable mention of the Intel Hardware Security Academic Award (IHSAA)
[Aug 24] Endokernel published at USENIX Security’24
[May 24] Accepted to serve as associate editor of ACM TOPS

Projects

Memory-Safe Hardware and Software Architecture

Optimize local microservice executions using memory-safe languages and hardware optimizations

Research Artifacts and Evaluation

Building and evaluating reproducible and reusable research artifacts.

Protecting Persistent Data

Enforcing security policies at the storage layer to reduce attack surface of existing solutions.

Secure In-Process Memory Isolation and Efficient Cloud Deployments

Providing in-process isolation for sensitive data and state to increase the security and robustness of applications and its use to provide efficient cloud deployments

Shielding Applications in an untrusted Cloud

Lift and shift unmodified applications into Intel SGX enclaves to shield them in an untrusted cloud.

Selected Publications

More Publications

Pegasus: Transparent and Unified Kernel-Bypass Networking for Fast Local and Remote Communication ACM EuroSys, 2025.

PDF Code

Segue & ColorGuard: Optimizing SFI Performance and Scalability on Modern Architectures ASPLOS, 2025.

PDF Code

SoK: A Systems Perspective on Compound AI Threats and Countermeasures arXiv, 2024.

PDF

Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud arXiv, 2024.

PDF

Endokernel: A Thread Safe Monitor for Lightweight Subprocess Isolation USENIX Security, 2024.

Hardware-Assisted Fault Isolation: Going Beyond the Limits of Software-Based Sandboxing IEEE Micro Top Picks, 2024.

PDF

Going beyond the Limits of SFI: Flexible and Secure Hardware-Assisted In-Process Isolation with HFI ASPLOS, Distinguished Paper Award, 2023.

PDF

uSwitch: Fast Kernel Context Isolation with Implicit Context Switches IEEE S&P, 2023.

PDF Code

ERIM: Secure, Efficient In-Process Isolation with Memory Protection Keys USENIX Security, Distinguished Paper Award and Internet Defense Prize, 2019.

PDF Code Slides Video

Thoth : Comprehensive Policy Compliance in Data Retrieval Systems Usenix Security, 2016.

PDF

Service

Program Committee (Co-)Chair

Program Committee

  • Usenix Security: 2021, 2022, 2023, 2024 & Research Ethics Committee Member, 2025
  • EuroSys: 2025, 2026
  • ACM Conference on Reproducibility and Replicability: 2023, 2024, 2025
  • Middleware Doctoral Workshop: 2020
  • Intel Software Professionals Conference - Security Track: 2020
  • EuroSys ShadowPC: 2020
  • SOCC Posters: 2020

Artifact Evaluation

Steering Committee

Journal

  • ACM TOPS Associate Editor [2024 - ]
  • DTRAP External Reviewer: 2021

Organization

Awards

  • Intel Corporate Research Council Mentor of the Month December 2024 for our successful collaboration with Purdue
  • HFI selected into IEEE Micro Top Picks 2024
  • HFI wins honorable mention at Intel Hardware Security Academic Award (IHSAA)
  • Distinguished Paper Award at ASPLOS 2023 for HFI
  • Selected as DARPA Riser 2022, Topic: “The Rise of Memory-Safe Languages: Building a Fast, Elastic, Secure Software & Hardware Architecture”
  • Intel High-5 Patent Award 2021
  • Intel Labs 2021 Gordy Award Honorable Mention in “Excelence in Risk Taking” for our continued work on the Graphene Library OS (in collaboration with Dmitrii Kuvaiskii, Mona Vij, Sudha Krishnakumar, Isaku Yamahata)
  • Facebook and USENIX Internet Defense Prize 2019 for ERIM
  • Distinguished Paper Award at USENIX Security 2019 for ERIM

Contact