Xi Tan
Assistant Professor (xtan4 AT uccs.edu)
University of Colorado Colorado Springs, Colorado Springs, CO, USA
Secure and Reliable System Research Lab
Office: Cybersecurity Building A-120J
I am an assistant professor in the Department of Computer Science at University of Colorado Colorado Springs (UCCS). I lead the SecUre aNd RelIable System rEsearch Lab (SUNRISE). The lab aims to enhance the security and reliability of systems through novel solutions at the compiler, OS, and communication layers. We target systems that include microcontroller- and microprocessor-based platforms. We explore various types of cybersecurity challenges, including but not limited to control-flow integrity, side-channel attacks, and usability issues.
I completed my Ph.D. in Computer Science and Engineering in 2024 under the supervision of Prof. Ziming Zhao at the Department of Computer Science & Engineering, University at Buffalo. During my phd, I worked on the security of embedded systems, focusing on the ARM Cortex-M architecture. I have published papers in top-tier security conferences, including ACM CCS, IEEE RTAS, and DAC.
In addition, I received my M.S. degree from the Institute of Information Engineering, Chinese Academy of Sciences, and my B.S. degree from Jilin University, China. My master's thesis focused on virtual machine introspection and its application in malware detection. My undergraduate thesis examined data steganography.
I am looking for self-motivated students who are interested in working with me. Please check details here.
Research interests (CV):
News
[Teaching] Xi serves as the instructor of CS 2160 Comp Org & Assembly Language and CS 4910 Intro to Computer Security.
[Service] Xi serves as a reviewer of TCPS 2025.
[Teaching] Xi serves as the instructor of CS 5220 Computer Communication.
[Service] Xi serves as a committee member of the UCCS PhD Cybersecurity program.
[Job] Xi joined the University of Colorado Colorado Springs as an Assistant Professor!
[Paper] New paper entitled "SoK: Where's the “up”?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems" will appear in USENIX WOOT '24! Check out the open-source repo [here]!
[Award] Xi won the 2nd place of Russell L. Agrusa CSE Student Innovation Competition!
[Paper] New paper entitled "Is the Canary Dead? On the Effectiveness of Stack Canaries on Microcontroller Systems" will appear in SAC'24!
[Paper] New paper entitled "SHERLOC: Secure and Holistic Control-Flow Violation Detection on Embedded Systems" will appear in CCS'23! Check out the open-source repo [here]!
[CTF] Team Cacti (Zheyuan Ma, Gaoxiang Liu, Xi Tan, Md Armanuzzaman, Trevor Schupbach, Safayat Bin Hakim, Sagar Mohan, and Hiu Laam Chau) advised by Dr. Zhao and Dr. Hu placed 4th in MITRE eCTF 2023! Check out our open-source repo [here]!
[Paper] New paper entitled "Return-to-Non-Secure Vulnerabilities on ARM Cortex-M TrustZone: Attack and Defense" will appear in DAC'23! Check out our open-source repo [here]!
Selected Publications
-
SoK: Where's the ``up''?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems
USENIX WOOT Conference on Offensive Technologies, 2024