The full text contains 1177 words, and reading it will take approximately 4 minutes.
Recently, the 62nd DAC (Design Automation Conference) announced the acceptance results of submitted papers. The research team from the National Cybersecurity Institute of Wuhan University submitted a paper titled “Zion: A Practical Confidential Virtual Machine Architecture on Commodity RISC-V Processors” which has been successfully accepted.This conference will be held in July 2025 in San Francisco, USA.The paper was co-authored by Wang Jie, Professor Wang Juan, and Professor Zhang Yinqian from the National Cybersecurity Institute of Wuhan University, with Wang Jie being the first author and Professor Wang Juan as the corresponding author.
With the rapid development of cloud computing and the Internet of Things, data privacy and security have become critical challenges. Existing confidential virtual machine architectures on RISC-V platforms often rely on custom hardware, leading to issues such as poor compatibility and insufficient scalability. Zion proposes, for the first time, a confidential virtual machine architecture based on commercial RISC-V processors that achieves efficient and secure isolation without hardware extensions. Its core innovations include: *Short-path CVM Mode: By optimizing the context-switching path, it reduces the overhead of privilege level transitions and improves the performance of CVM entry/exit; *Secure vCPU Management: Through a secure vCPU structure and shared vCPU mechanism, it ensures the security of CVM vCPU states while optimizing state update efficiency; *Flexible and Scalable Memory Isolation: Combining Physical Memory Protection (PMP) with paging mechanisms, it achieves efficient CVM memory management, supports dynamic expansion, and reduces fragmentation issues; *Split Page Table-based Secure Memory Sharing: Based on a split design of page tables, it enables secure memory sharing between virtual machines and the host, reducing the overhead of shared memory management and improving performance. The research team built a Zion prototype on the Genesys2 FPGA platform and conducted multiple benchmark tests (including RV8, CoreMark, Redis, IOZone). Experimental results show that Zion incurs less than 5% overhead in most real application scenarios, demonstrating its efficiency and practicality, providing a feasible solution for confidential computing on RISC-V platforms.
The DAC is a top conference in the field of computer systems and chip design, with an acceptance rate of 23% this year, accepting a total of 420 papers.
Another research work was completed by Li Zi’ang, a doctoral student of the 2024 class at the National Cybersecurity Institute, titled “From Head to Tail: Efficient Black-box Model Inversion Attack via Long-tailed Learning”. This work was completed under the guidance of Professor Wang Juan (corresponding author), with contributions from Zhang Hongguang, Yi Wenzhe, Xu Xiaoyang, Yang Mengda, and Ma Chenjun.
Model Inversion Attacks (MIAs) aim to reconstruct model training data, leading to privacy breaches, especially in facial recognition systems. Existing research has significantly improved the effectiveness of white-box MIAs, but there has been little focus on enhancing attack efficiency and utility under limited attacker capabilities. Current black-box MIAs rely on a large number of queries, resulting in substantial overhead. To address this, we analyze the limitations of existing MIAs and propose a Surrogate Model-based Inversion with Long-tailed Enhancement (SMILE) black-box attack method aimed at high resolution and query efficiency. First, we analyze the initialization process of MIAs from the perspective of data distribution and propose a long-tail surrogate model training method to obtain high-quality initial points; then we utilize a gradient-free black-box optimization algorithm selected by NGOpt to further enhance the attack effectiveness. Experiments show that SMILE significantly outperforms existing black-box MIAs with only about 5% query overhead.
CVPR is a top conference in the field of computer vision and artificial intelligence research, and it is also classified as an A-level conference recommended by the China Computer Federation (CCF).
—Recommended Reading—
College News | The Second Family-School Forum of the College Concluded Successfully
College News | The College’s Health and Fitness Program is Here!
END
Source: Wuhan University News Network
Editor | Liao Yifan
Review | Liu Jiamei