Please visit my new homepage https://web.njit.edu/~zy8/. This webpage has not been maintained since June 2023.

📌 I will be an Assistant Professor at New Jersey Institute of Technology starting Fall 2023. I am looking for self-motivated Ph.D., Master's, and undergrad students. If you are interested in building systems, please contact me at my e-mail address. USE THIS FLOWCHART TO SEE IF YOU ARE A GOOD FIT.

📣 6/21/2023: Received Best Artifact Award from MobiSys'23.

📣 2/27/2023: Our work on Split-Trust hardware and OctopOS is accepted to MobiSys'23 (acceptance rate: 20%).

Minimizing a Smartphone's TCB for Security-Critical Programs with Exclusively-Used, Physically-Isolated, Statically-Partitioned Hardware
Zhihao Yao, Seyed Mohammadjavad Seyed Talebi, Mingyi Chen, Ardalan Amiri Sani, Thomas Anderson in Proc. ACM MobiSys, June 2023. (acceptance rate: 20%=41/198)
(paper) (artifact archive) (OctopOS) (Split-Trust hardware) (TRM)

GLeeFuzz: Fuzzing WebGL Through Error Message Guided Mutation
Hui Peng, Zhihao Yao, Ardalan Amiri Sani, Dave (Jing) Tian, Mathias Payer
accepted to USENIX Security, August 2023.
(paper) (source code)

Undo Workarounds for Kernel Bugs
Seyed Mohammadjavad Seyed Talebi, Zhihao Yao, Ardalan Amiri Sani, Zhiyun Qian, Daniel Austin
in Proc. USENIX Security, August 2021.
(acceptance rate: 19%=246/1295)
(paper) ( slides ) (source code)

Milkomeda: Safeguarding the Mobile GPU Interface Using WebGL Security Checks
Zhihao Yao, Saeed Mirzamohammadi, Ardalan Amiri Sani, Mathias Payer
in Proc. ACM Conference on Computer and Communications Security (CCS), October 2018.
(acceptance rate: 16%=134/809)
(paper) (talk) (source code) (blog)

Sugar: Secure GPU Acceleration in Web Browsers
Zhihao Yao, Zongheng Ma, Yingtong Liu, Ardalan Amiri Sani, Aparna Chandramowlishwaran
in Proc. ACM Int. Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS), March 2018.
(acceptance rate 17%= 56/319)
(paper) (slides) (source code) (WebGL bugs study)

Sep 2017 - Jun 2023, University of California, Irvine, Research Assistant

Jun 2018 - Mar 2019, Microsoft Research, Research Intern & Remote collaboration

Aug 2016 - Sep 2016, Compacta International Ltd., Engineering Intern

Jun 2014 - Mar 2017, California Plug Load Research Center at UC Irvine, Undergraduate Research Assistant

International Science and Engineering Fair (ISEF) 2023, Grand Award Judge

ACM HotMobile 2023, Organizing Committee Member

ACM EuroSys 2022, Artifact Evaluation Committee Member

International Science and Engineering Fair (ISEF) 2022, Grand Award Judge

ACM SOSP 2021, Artifact Evaluation Committee Member

ACM MobiSys 2021, Virtual Arrangements & Student Session Co-Chair

International Science and Engineering Fair (ISEF) 2021, Grand Award Judge

International Science and Engineering Fair (ISEF) 2014, Translator

Responsible Vulnerability Disclosures
CVE-2019-10520, CVSSv3 Medium, Memory bug in multiple Snapdragon device drivers (Acknowledgment).
CVE-2019-10547, CVSSv3 High, Memory bug in the kernel-mode Ion driver (Acknowledgment).

Hobby Aug 14, 2021. Accelerate WebGL with IPFS (won Third Place at Browsers 3000)

System Feb 29, 2020. Kernel code reading notes: timer tick handling

System Jan 7, 2020. Kernel code reading notes: softirq implementation

System Nov 23, 2019. Kernel code reading notes: exit syscall

System Nov 10, 2019. Kernel code reading notes: fork/clone syscall

System Mar 7, 2018. WebGL Bugs Study (research artifact of our ASPLOS'18 paper)

Tools Feb 15, 2018, Diffbot (a repository clean up tool)