Staff Security Researcher
Baidu X-Lab, Baidu USA
Sunnyvale, CA 94089, USA


Dr. Mingshen Sun (Bob) is a staff security researcher of Baidu X-Lab at Baidu USA. He received his Ph.D. degree in Computer Science and Engineering from The Chinese University of Hong Kong, under the supervision of Prof. John C.S. Lui. He was a member of Advanced Networking and System Research Laboratory (ANSRLab) in CUHK. During the Ph.D. studies, he worked as a research intern in Qihoo 360 with Prof. Xuxian Jiang. Bob also worked in National University of Singapore as a research assistant with Prof. Richard T.B. Ma and Prof. Zhenkai Liang. He is the Apache Teaclave (incubating) committer and Podling PMC member. Mingshen also leads, maintains and actively contributes to several open source projects.


System Security, Mobile/IoT Security, Trusted Execution Environment (TEE), and Memory-Safe Programming Language



  1. Zhuohua Li, Jincheng Wang, Mingshen Sun, John C.S. Lui. MirChecker: Detecting Bugs in Rust Programs via Static Analysis. To appear at the 28th ACM Conference on Computer and Communications Security. CCS '21, Virtual Conference, November, 2021.
  2. Jincheng Wang, Zhuohua Li, Mingshen Sun, John C.S. Lui. Topology-Theoretic Approach To Address Attribute Linkage Attacks In Differential Privacy. In Proceedings of IEEE INFOCOM WKSHPS: BigSecurity 2021: International Workshop on Security and Privacy in Big Data. Virtual Conference, May, 2021.
  3. Shengye Wan, Mingshen Sun, Kun Sun, Ning Zhang, and Xu He. RusTEE: Developing Memory-Safe ARM TrustZone Applications. In Proceedings of the 35th Annual Computer Security Applications Conference. ACSAC '20, Austin, Texas, USA, December 2020.
  4. Hui Xu, Zhuangbin Chen, Mingshen Sun, Yangfan Zhou and Michael Lyu. Memory-Safety Challenge Considered Solved? An In-Depth Study with All Rust CVEs. arXiv preprint. arXiv:2003.03296, 2020.
  5. Pei Wang, Yu Ding, Mingshen Sun, Huibo Wang, Tongxin Li, Rundong Zhou, Zhaofeng Chen, and Yiming Jing. Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave Development. In Proceedings of the 42nd International Conference on Software Engineering, the Software Engineering In Practice Track. ICSE-SEIP '20, Seoul, South Korea, May, 2020.
  6. Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, and Zhiqiang Lin. Towards Memory Safety for Enclave Programs with Rust-SGX. In Proceedings of the 26th ACM Conference on Computer and Communications Security. CCS '19, London, UK, November, 2019.
  7. Zhuohua Li, Jincheng Wang, Mingshen Sun, and John C.S. Lui. Securing the Device Drivers of Your Embedded Systems: Framework and Prototype. In Proceedings of the 3rd International Workshop on Security and Forensics of IoT (in conjunction with ARES 2019). IoT-SECFOR '19, Canterbury, UK, August 2019.
  8. Mingshen Sun, Tao Wei, and John C.S. Lui. TaintART: A Practical Multi-level Information-Flow Tracking System for Android RunTime. In Proceedings of the 23rd ACM Conference on Computer and Communications Security. CCS '16, Vienna, Austria, October 2016. (AR: 137/831 = 16.5%)
  9. Mingshen Sun, John C.S. Lui, and Yajin Zhou. Blender: Self-randomizing Address Space Layout for Android Apps. In Proceedings of the 19th International Symposium on Research in Attacks, Intrusions and Defenses. RAID '16, Evry, France, September 2016. (AR: 21/84 = 25%)
  10. Mingshen Sun, Mengmeng Li, and John C.S. Lui. DroidEagle: Seamless Detection of Visually Similar Android Apps. In Proceedings of the 8th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec '15, New York City, USA, June 2015. (AR: 16/83 = 19.2%)
  11. Mingshen Sun, Min Zheng, John C.S. Lui, and Xuxian Jiang. Design and Implementation of an Android Host-based Intrusion Prevention System. In Proceedings of the 30th Annual Computer Security Applications Conference. ACSAC '14, New Orleans, USA, December 2014. (AR: 47/236 = 19.9%)
  12. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidTrace: A Ptrace Based Android Dynamic Analysis System with Forward Execution Capability. In Proceedings of the 10th International Wireless Communications and Mobile Computing Conference. IWCMC '14, Nicosia, Cyprus, August 2014.
  13. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidRay: A Security Evaluation System for Customized Android Firmwares. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ASIACCS '14, Kyoto, Japan, June 2014.
  14. Min Zheng, Mingshen Sun, and John C.S. Lui. DroidAnalytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware. In Proceedings of the 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. TrustCom '13, Melbourne, Australia, July 2013.


  1. Yang Hu, Mingshen Sun, John C.S. Lui. Exploiting Non-Uniform Program Execution Time to Evade Record/Replay Forensic Analysis. Computers & Security. 0167-4048, 2019
  2. Mingshen Sun, Xiaolei Li, John C.S. Lui, Richard T.B. Ma, and Zhenkai Liang. Monet: A User-oriented Behavior-based Malware Variants Detection System for Android. IEEE Transactions on Information Forensics and Security. TIFS, 12(5), 1103-1112, 2017.


  • Apache Teaclave (incubating): an open source universal secure computing platform, making computation on privacy-sensitive data safe and simple.
  • MesaPy: a fast and safe Python implementation based on PyPy with SGX support.
  • Rust OP-TEE TrustZone SDK: enabling safe, functional, and ergonomic development of trustlets.
  • MesaLock Linux: a memory-safe Linux distribution.
  • MesaBox: a collection of core system utilities written in Rust for Unix-like systems.
  • RPython by Example: a collection of runnable examples that illustrate various RPython concepts and libraries.
  • Pass for iOS: a password manager for iOS (compatible with Password Store).
  • More…



  • Research Assistant, National University of Singapore, June - September 2014
  • Research Internship, Wireless Research Lab, Qihoo 360, June - September 2013

Teaching Assistant

  • CMSC5726 Computer and Network Security, Spring 2014
  • CMSC5702 Parallel and Distributed Systems, Spring 2015
  • CSCI4430 Data Communication and Computer Networks, Spring 2013/2014/2015
  • CSCI3310 Mobile Computing and Application Development, Fall 2012
  • CSCI3150 Introduction to Operating Systems, Fall 2013/2014/2015 & Spring 2016

Selected Awards

  • Student Travel Grant for ACSAC 2014, WiSec 2015, and CCS 2016.
  • The 35th ACM-ICPC Asia Regional Contest, Excellent Award, Harbin, 2010
  • NAPROCK International Programming Contest (Final), International Special Prize, Japan, 2010

Seminars & Talks

Professional Services