Staff Security Researcher
Sunnyvale, CA 94089, USA


Mingshen Sun (Bob) is a Staff Security Researcher at Baidu. He received the Ph.D. from The Chinese University of Hong Kong, advised by Prof. John C.S. Lui. He was a member of Advanced Networking and System Research Laboratory (ANSRLab) in CUHK.

Mingshen leads, maintains and actively contributes to Apache Teaclave (incubating) (a confidential computing platform), Pass for iOS, and several open source projects. He regularly gives talks at industry events in security. He also collaborates with academic researchers in some interesting research projects on solving real-world problems in industry.

His interests lie in the areas of security and privacy, operating system, and programming language.



  1. Zhuohua Li, Jincheng Wang, Mingshen Sun, John C.S. Lui. MirChecker: Detecting Bugs in Rust Programs via Static Analysis. To appear at the 28th ACM Conference on Computer and Communications Security. CCS '21, Virtual Conference, November, 2021.
  2. Jincheng Wang, Zhuohua Li, Mingshen Sun, John C.S. Lui. Topology-Theoretic Approach To Address Attribute Linkage Attacks In Differential Privacy. In Proceedings of IEEE INFOCOM WKSHPS: BigSecurity 2021: International Workshop on Security and Privacy in Big Data. Virtual Conference, May, 2021.
  3. Shengye Wan, Mingshen Sun, Kun Sun, Ning Zhang, and Xu He. RusTEE: Developing Memory-Safe ARM TrustZone Applications. In Proceedings of the 35th Annual Computer Security Applications Conference. ACSAC '20, Austin, Texas, USA, December 2020.
  4. Hui Xu, Zhuangbin Chen, Mingshen Sun, Yangfan Zhou and Michael Lyu. Memory-Safety Challenge Considered Solved? An In-Depth Study with All Rust CVEs. arXiv preprint. arXiv:2003.03296, 2020.
  5. Pei Wang, Yu Ding, Mingshen Sun, Huibo Wang, Tongxin Li, Rundong Zhou, Zhaofeng Chen, and Yiming Jing. Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development. In Proceedings of the 42nd International Conference on Software Engineering, the Software Engineering In Practice Track. ICSE-SEIP '20, Seoul, South Korea, May, 2020.
  6. Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, and Zhiqiang Lin. Towards Memory Safety for Enclave Programs with Rust-SGX. In Proceedings of the 26th ACM Conference on Computer and Communications Security. CCS '19, London, UK, November, 2019.
  7. Zhuohua Li, Jincheng Wang, Mingshen Sun, and John C.S. Lui. Securing the Device Drivers of Your Embedded Systems: Framework and Prototype. In Proceedings of the 3rd International Workshop on Security and Forensics of IoT (in conjunction with ARES 2019). IoT-SECFOR '19, Canterbury, UK, August 2019.
  8. Mingshen Sun, Tao Wei, and John C.S. Lui. TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime. In Proceedings of the 23rd ACM Conference on Computer and Communications Security. CCS '16, Vienna, Austria, October 2016.
  9. Mingshen Sun, John C.S. Lui, and Yajin Zhou. Blender: Self-randomizing Address Space Layout for Android Apps. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses. RAID '16, Evry, France, September 2016.
  10. Mingshen Sun, Mengmeng Li, and John C.S. Lui. DroidEagle: Seamless Detection of Visually Similar Android Apps. In Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec '15, New York City, USA, June 2015.
  11. Mingshen Sun, Min Zheng, John C.S. Lui, and Xuxian Jiang. Design and Implementation of an Android Host-based Intrusion Prevention System. In Proceedings of the 30th Annual Computer Security Applications Conference. ACSAC '14, New Orleans, USA, December 2014.
  12. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidTrace: A Ptrace Based Android Dynamic Analysis System with Forward Execution Capability. In Proceedings of the 10th International Wireless Communications and Mobile Computing Conference. IWCMC '14, Nicosia, Cyprus, August 2014.
  13. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidRay: A Security Evaluation System for Customized Android Firmwares. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ASIACCS '14, Kyoto, Japan, June 2014.
  14. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware. In Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. TrustCom '13, Melbourne, Australia, July 2013.


  1. Yang Hu, Mingshen Sun, John C.S. Lui. Exploiting Non-Uniform Program Execution Time to Evade Record/Replay Forensic Analysis. Computers & Security. 0167-4048, 2019
  2. Mingshen Sun, Xiaolei Li, John C.S. Lui, Richard T.B. Ma, and Zhenkai Liang. Monet: A User-oriented Behavior-based Malware Variants Detection System for Android. IEEE Transactions on Information Forensics and Security. TIFS, 12(5), 1103-1112, 2017.


  • Apache Teaclave (incubating): an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
  • MesaPy: a fast and safe Python implementation based on PyPy with SGX support.
  • Rust OP-TEE TrustZone SDK: enabling safe, functional, and ergonomic development of trustlets.
  • MesaLock Linux: a memory-safe Linux distribution.
  • MesaBox: a collection of core system utilities written in Rust for Unix-like systems.
  • RPython by Example: a collection of runnable examples that illustrate various RPython concepts and libraries.
  • Pass for iOS: a password manager for iOS (compatible with Password Store).
  • More…

Seminars & Talks

Professional Services