Fan Yao - University of Central Florida

I am an Assistant professor in the Department of Electrical and Computer Engineering at University of Central Florida. I am leading the Computer Architecture and Systems Research (CASR) lab. My research interests are in the areas of computer architecture, security, machine learning, and energy efficient computing.

For students: We have multiple PhD positions available. If you are interested in working with me, please contact me via fan.yao@ucf.edu. For more information, please visit our research group page

News

Our work D-Shield is accepted in HPCA’23. Congrats Chowdhuryy! (July 2021)
We released the PoC source for DeepSteal system exploit in Github (June 2022).
Our work DeepSteal is accepted in IEEE S&P ’22 (Oakland). (March 2022)
One paper is accepted in IEEE HOST ’22. (February 2022)
LockedDown is accepted in IEEE EuroS&P ’22. (February 2022)
Our collaborative work on far-field GPU EM side channels is accepted in IEEE S&P ’22 (Oakland). (November 2021)
Fan is invited to serve in following committees: ISCA’22 (ERC) and DAC’22 (TPC). (October 2021)
Our work BranchSpectre is accepted in IEEE Transactions on Computers. (October 2021)
Two papers are accepted in SEED’21. (August 2021)
Our work LADDER is accepted in MICRO’21. Congrats Chowdhuryy! (July 2021)
Fan will serve in the External Review Committee (ERC) of MICRO’21.
Fan is invited to serve in the PC of the Inaugural IEEE SEED’21 conference.
Fan will serve in the program committees of NAS’21, ICCD’21, IISWC’21, and SPSL@ISCA’21.
One paper is accepted in DAC ’21 as work-in-progress (Feb. 2021).
Our collaborative work on analysis of RAPL-based information leakage is accepted in AsiaCCS’21 (Oct. 2020).
We released the PoC source for BranchSpec in Github (Oct. 2020).
One recent work is accepted in ICCD ’20 (August 2020).
We recieved an award from NSF CNS to explore side channel attacks and defenses in NVM-integrated
computing systems (August 2020).
We recieved an award from NSF SaTC to investigate ML security issues due to hardware-based
model tampering (August 2020).
Our work DeepHammer will appear in USENIX Security ’20 (March 2020).
Fan will serve in the PC of ICCD ’20 (Feb. 2020).
One paper accepted in SAC'20 (Dec. 2019).
Fan will serve as a Program Committee member in HPCA’20 (Sept. 2019).
COTSKnight will appear in IEEE Micro (June 2019).
One paper is accepted in HPDC'19 (June 2019).
Our paper (COTSKnight) is accepted in HOST'19 (Feb. 2019).
Our research group got awarded with one Amazon AWS research grant, thanks Amazon! (Jan. 2019).
Fan will serve as a Program Committee member in ICCD’19 (Nov. 2018).
Fan attended the NSF CSR PI meeting at Seattle, WA (Sept. 2018).

Publications

Md Hafizul Islam Chowdhuryy, Myoungsoo Jung, Fan Yao, Amro Awad, D-Shield: Enabling Processor-side Encryption and Integrity Verification for Secure NVMe Drives, In IEEE International Symposium on High-Performance Computer Architecture, 2023 (HPCA'23).
Adnan Siraj Rakin⁺, Md Hafizul Islam Chowdhuryy⁺, Fan Yao and Deliang Fan (⁺Co-first authors), DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories, In IEEE Symposium on Security and Privacy, 2022 (S&P'22). [PDF]
Zihao Zhan, Zhenkai Zhang, Sisheng Liang, Fan Yao, Xenofon Koutsoukos, Graphics Peeping Unit: Exploiting EM Side-Channel Information of GPUs to Eavesdrop on Your Neighbors, In IEEE Symposium on Security and Privacy, 2022 (S&P'22). [PDF]
Mert Side, Fan Yao and Zhenkai Zhang, LockedDown: Exploiting Contention on Host-GPU PCIe Bus for Fun and Profit, In IEEE European Symposium on Security and Privacy (EuroS&P'22).
M. Rashed, F. Yao, SK Jha, and R. Ewetz, Hybrid Digial-Digital In-Memory Computing, In Design Automation and Test in Europe Conference, 2022 (DATE'22).
M. Rashed, S. Thijssen, F. Yao, SK Jha, and R. Ewetz, STREAM: Towards READ-based In-Memory Computing for Streaming based Data Processing, In Asia and South Pacific Design Automation Conference, 2022 (ASP-DAC'22).
Md Hafizul Islam Chowdhuryy, Muhammad R. Haq Rashed, Amro Awad, Rickard Ewetz and Fan Yao, LADDER: Architecting Content and Location-aware Writes for Crossbar Resistive Memories, In IEEE/ACM International Symposium on Microarchitecture, 2021 (MICRO'21). [PDF]
Md Hafizul Islam Chowdhuryy and Fan Yao, Leaking Secrets through Modern Branch Predictor in the Speculative World, In IEEE Transactions on Computers, 2021 (TC'21). [PDF] [Code]
Adnan Siraj Rakin, Zhezhi He, Jingtao Li, Fan Yao, Chaitali Chakrabarti and Deliang Fan, T-BFA: Targeted Bit-Flip Adversarial Weight Attack, In IEEE Transactions on Pattern Analysis and Machine Intelligence, 2021 (TPAMI'21). [PDF]
Kunbei Cai, Md Hafizul Islam Chowdhuryy, Zhenkai Zhang and Fan Yao, NMT-Stroke: Diverting Neural Machine Translation through Hardware-based Faults, In IEEE International Symposium on Secure and Private Execution Environment Design, 2021 (SEED'21). [PDF]
Md Hafizul Islam Chowdhuryy, Rickard Ewetz, Amro Awad and Fan Yao, R-SAW: New Side Channels Exploiting Read Asymmetry in MLC Phase Change Memories, In IEEE International Symposium on Secure and Private Execution Environment Design, 2021 (SEED'21). [PDF]
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, Milos Doroslovacki and Guru Venkataramani, Defeating Cache Timing Channels with Hardware Prefetchers, In IEEE Design and Test, 2021 (HES Top Picks Special Issue).
Zhenkai Zhang, Sisheng Liang, Fan Yao and Xing Gao, Red Alert for Power Leakage: Exploiting Intel RAPL-Induced Side Channels, In ACM Asia Conference on Computer and Communications Security, 2021 (AsiaCCS'21). [PDF]
Md Hafizul Islam Chowdhuryy, Hang Liu and Fan Yao, BranchSpec: Information Leakage Attacks Exploiting Speculative Branch Instruction Executions, In IEEE International Conference on Computer Design, 2020 (ICCD'20). [PDF] [TR] [Video] [Code]
Fan Yao, Adnan Siraj Rakin and Deliang Fan, DeepHammer: Depleting the Intelligence of Deep Neural Networks through Targeted Chain of Bit Flips, In USENIX Security, 2020 (SEC'20). [PDF] [Slides] [Talk]
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, Milos Doroslovacki and Guru Venkataramani, Cache-Zoomer: On-demand High-resolution Cache Monitoring for Security, In Journal of Hardware and Systems Security, 2020 (HaSS'20).
Zhishan Guo, Kecheng Yang, Fan Yao and Amro Awad, Inter-Task Cache Interference Aware Partitioned Real-Time Scheduling, In ACM/SIGAPP Symposium On Applied Computing, 2020 (SAC'20).
Vamsee Reddy Kommareddy, Baogang Zhang, Fan Yao, Rickard Ewetz, and Amro Awad, Are Crossbar Memories Secure? New Security Vulnerabilities in Crossbar Memories, In IEEE Computer Architecture Letters, 2019 (CAL'19). [PDF]
Sai Santhosh Dayapule, Fan Yao, Guru Venkataramani, PowerStar: Improving Power Efficiency in Heterogenous Processors for Bursty Workloads with Approximate Computing, In IEEE Cloudcom, 2019 (CloudCom'19). [PDF]
Fan Yao, Hongyu Fang, Milos Doroslovacki and Guru Venkataramani, HolDCSim: A Holistic Simulator for Data Centers, In IEEE International Symposium on Workload Characterization, 2019 (IISWC'19). [PDF] [Extended Version]
Fan Yao, Hongyu Fang, Milos Doroslovacki and Guru Venkataramani, Leveraging Cache Management Hardware for Practical Defense against Cache Timing Channel Attacks, In IEEE Micro, 2019. [PDF]
Anil Gaihre, Zhenlin Wu, Fan Yao and Hang Liu, XBFS: eXploring Runtime Optimizations for Breadth-First Search on GPUs, In ACM International Symposium on High-Performance Parallel and Distributed Computing, 2019 (HPDC'19).
Fan Yao, Hongyu Fang, Milos Doroslovacki and Guru Venkataramani, COTSknight: Practical Defense against Cache Timing Channel Attacks using Cache Monitoring and Partitioning Technologies, In IEEE International Symposium on Hardware Oriented Security and Trust 2019 (HOST'19). [PDF] [Talk]
Hongyu Fang, Fan Yao, Milos Doroslovacki and Guru Venkataramani, Negative Correlation, Non-linear Filtering, and Discovering of Repetitiveness for Cache Timing Channel Detection, In IEEE International Conference on Acoustics, Speech, and Signal Processing, 2019 (ICASSP'19). [PDF]
Fan Yao, Milos Doroslovacki, Guru Venkataramani, Covert Timing Channels Exploiting Cache Coherence Hardware: Characterization and Defense, In Springer International Journal on Parallel Programming (IJPP'18). [PDF]
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, Milos Doroslovacki, Guru Venkataramani, PrODACT: Prefetch-Obfuscator to Defend Against Cache Timing Channels, In Springer International Journal on Parallel Programming (IJPP'2018).
Fan Yao, Hongyu Fang, Milos Doroslovacki and Guru Venkataramani, WiP: Towards a Stronger Indicator for Detecting Cache Timing Channel, In Annual Workshop on Hardware and Architectural Support for Security and Privacy held in conjunction with ISCA 2018 (HASP'18).
Fan Yao, Milos Doroslovacki and Guru Venkataramani, Are Coherence Protocol States vulnerable to Information Leakage?, In IEEE International Symposium on High-Performance Computer Architecture, 2018 (HPCA'18). [PDF][Talk]
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, Milos Doroslovacki, Guru Venkataramani, A Noise-resilient Detection Method against Advanced Cache Timing Channel Attacks, In IEEE Asilomar Conference on Signals, Systems and Computers, 2018 (ACSSC'18).
Fan Yao, Jingxin Wu, Guru Venkataramani and Suresh Subramaniam, TS-BatPro: Improving Energy Efficiency in Data Centers by Leveraging Temporal-spatial Batching, In IEEE Transactions on Green Communications and Networking (IEEE TGCN'18). [PDF]
Bingqian Lu, Sai Santosh Dayapule, Fan Yao, Jingxin Wu, Guru Venkataramani, Suresh Subramaniam, PopCorns: Power Optimization using a Cooperative Network-Server approach for Data Centers, In IEEE International Conference on Computer Communications and Networks (ICCCN'18). [PDF]
Hongyu Fang, Sai Santosh Dayapule, Fan Yao, Milos Doroslovacki and Guru Venkataramani, Prefetch-guard: Leveraging Hardware Prefetchers to Defend against Cache Timing Channels (short paper), In IEEE International Symposium on Hardware Oriented Security and Trust, 2018 (HOST'18). [PDF] (Top Picks in Hardware and Embedded Security)
Fan Yao, Yongbo Li, Yurong Chen, Hongfa Xue, Tian Lan and Guru Venkataramani, StatSym: Vulnerable Path Discovery through Statistics-guided Symbolic Execution, In IEEE/IFIP International Conference on Dependable Systems and Networks, 2017 (accepted 49 out of 220 submissions) (DSN'17). [PDF] [Demo]
Fan Yao, Guru Venkataramani and Milos Doroslovacki, Covert Timing Channels Exploiting Non-Uniform Memory Access based Architectures, In the ACM Great Lakes Symposium on VLSI, 2017. (accepted 48 out of 197 submissions) (GLSVLSI'17). [PDF]
Fan Yao, Jingxin Wu, Guru Venkataramani and Suresh Subramaniam, TS-Bat: Leveraging temporal-spatial batching for data center energy optimization, In IEEE GLOBECOM, 2017 (GLOBECOM'17). [PDF]
Fan Yao, Jingxin Wu, Suresh Subramaniam and Guru Venkataramani, WASP: Workload Adaptive Energy-Latency Optimization in Server Farms using Server Low-Power States, In IEEE International Conference on Cloud Computing, 2017 (IEEE CLOUD'17). [PDF]
Hongfa Xue, Yurong Chen, Fan Yao, Yongbo Li, Tian Lan and Guru Venkataramani. SIMBER: Eliminating Redundant Memory Bound Checks via Statistical Inference, In IFIP Conference on ICT Systems Security and Privacy Protection, 2017 (IFIP-SEC'17). [PDF]
Yongbo Li, Fan Yao, Tian Lan and Guru Venkataramani. SARRE: Semantics-Aware Rule Recommendation and Enforcement for Event Paths on Android, In IEEE Transaction on Information Forensics and Security, 2016 (TIFS'16). [PDF]
Yongbo Li, Fan Yao, Tian Lan and Guru Venkataramani. Semantics-Aware Rule Recommendation and Enforcement for Event Paths on Android, In EAI SecureComm (Poster), 2015 (SecureComm'15). [PDF]
Fan Yao, Jingxin Wu, Guru Venkataramani and Suresh Subramaniam, A Dual Delay Timer Strategy for Optimizing Server Farm Energy, In IEEE CloudCom, 2015 (CloudCom'15). [PDF]
Fan Yao, Jingxin Wu, Guru Venkataramani and Suresh Subramaniam, A Comparative Analysis of Data Center Network Architectures, In IEEE International Conference on Communications, 2014 (ICC'14). [PDF]
Fan Yao, Jie Chen and Guru Venkataramani, JOP-alarm: Detecting Jump-oriented Programming-based anomalies in applications (short paper), In IEEE International Conference on Computer Design (ICCD'13). [PDF]
Jie Chen, Fan Yao and Guru Venkataramani, Watts-inside: A Hardware-Software Cooperative Approach for Multicore Power Debugging, In IEEE International Conference on Computer Design (ICCD'13). [PDF]

Adnan Siraj Rakin*, Md Hafizul Islam Chowdhuryy*, Fan Yao and Deliang Fan, DeepSteal: Advanced Model Extractions Leveraging Efficient Weight Stealing in Memories, ArXiv:2111.04625 [cs.CR], 2021 (*Joint co-first authors with equal contributions). [PDF]