I am very happy to share my slides of public talks, here is a list of my recent talks.

Some of my previous talks are uploaded to Speaker Deck. If you are interested, please take a look.


Here are some open source projects I created/maintained on GitHub.

  • Pass for iOS: an iOS app compatible with Password Store command line tool. Pass for iOS is a password manager using GPG for encryption and Git for version control. The app is written in Swift.
  • Android Apps Crawler: an extensible crawler for downloading Android applications in third-party markets.
  • Android Markets List: a list of Android apps markets including official and third-party from China, Russia, etc.
  • The MesaLock Linux Project: a memory-safe Linux distribution.
  • MesaPy, a memory-safe Python implementation based on PyPy with SGX support.
  • RPython by Example: a collection of runnable examples that illustrate various RPython concepts and libraries
  • MesaBox: A collection of core system utilities written in Rust for Unix-like systems (and now Windows).
  • State of Rust: Automatically summarize various stable/unstable features of Rust including compiler features and library features.
  • YogCrypt: A fast, general purpose crypto library in pure Rust. YogCrypt currently provides three cryptographic algorithms in Chinese National Standard, namely the SM2 cryptographic asymmetric algorithm, the SM3 cryptographic hash algorithm, and the SM4 block cipher algorithm.
  • Rust OP-TEE TrustZone SDK: Rust OP-TEE TrustZone SDK provides abilities to build safe TrustZone applications in Rust. The SDK is based on the OP-TEE project which follows GlobalPlatform TEE specifications and provides ergonomic APIs. In addition, it enables capability to write TrustZone applications with Rust's standard library and many third-party libraries (i.e., crates).
  • Apache Teaclave (incubating): Apache Teaclave (incubating) is an open source universal secure computing platform.

Public Datasets

Here are some public datasets used in my research. The apps and malware samples were crawled and downloaded from official and third-party markets in different time. If you are interested, please drop me an email for the link.

  • Malware Samples in Third-Party Markets
    • Apr 2013, 2.31 GB, SHA1: aab65568afe36920df2c0f62cb3f99e397d9e39d
  • Repackaged Apps in Third-Party Markets
    • 2015, 1.05 GB, SHA1: 97cd9c911ff27c6f390605c9e87f8bd667cf8d2a
  • Top Free Apps (~500) in Google Play's "Top Charts"
    • Jun 2015, 12 GB, SHA1: 98aefc0f04f2608257a725e2dabefee15562abb5
    • Feb 2016, 11 GB, SHA1: 5132f8ed294937d95c0e4f9b9cdf06ace225d6e6
    • Apr 2016, 7.4 GB, SHA1: 9da330652a8759bad5c888c0d995dd5756104dc9