I am a fourth-year PhD. student at McGill University. I am currently working on improving the security and quality of mobile applications with the help of program analysis. I am also interested in cloud storage systems and big data systems.

AppAudit: Find Apps That Leak Personal Data Software security Mobile apps

We design AppAudit, a program analysis tool that analyzes Android apps to find data-leaking evidence. AppAudit aims to be useful to end users as well as professionalists. For end users, AppAudit helps to identify dangerous apps at installation time. For professional use, AppAudit can quickly filter out zero-day data-leaking apps and report data-leaking code paths. For the details about AppAudit's scalable analysis tecniques and online scanning service, please refer to the project page.

The overall precision for detecting malware compared with mainstream antivirus and research projects The precision breakdown per malware family

AppBox: Sandboxing Apps Software security Mobile apps

Ever tried the privacy browsing mode of web browers? Now AppBox extends this to all Android apps. AppBox is a universal sandbox for Android apps. Apps that enter AppBox appear like newly installed and have limited accesses to system resources and user data. When app exits from the AppBox, all traces and data produced are scrubed, like it never happened.

MonkeyHelper: Record, Replay and Understand User Interactions for Android Mobile systems

We provide a toolchian written in Python to capture, replay, manipulate and analyze the live user interations with a smartphone. Our record-and-replay capability is universal for all Android boxes. The manipulation and analyses can be highly customized with Python code. See a video showing record-and-replay AngryBirds.

SLIM: An STL-like library for mobile-cloud programming Mobile-cloud

Programming a mobile-cloud application is hard considering the efforts of synchronizing data, managing different views, consistency and performance. We provide SLIM, a library that provide STL-like interfaces while distributing data across the device and the cloud. SLIM reduces the programming efforts by providing interfaces familar to developers along with various pre-designed policies that address common tradeoffs. This project is an intern project with Microsoft Research Asia and has been published on Asia-Pacific System Symposium 2011. The below code snippet shows an example RSS reader that fetches and displays feed

// a SLIM vector of feed items
// persistency policy: stored in memory, flash and cloud
// read/write policy: writes come from cloud to device
// update policy: invoke callback when the vector has one dirty (new) item
typedef SLIMVector< FeedItem, Memory_Flash_Cloud, Cloud_To_Device, OnDirtyBound<1> > UpdateVector;
UpdateVector feeds("rss://..");
// set update callback function
feeds.onUpdate([] (FeedItem newFeeds[]) {
// iterate through all newfeeds and display
    foreach (feed in newFeeds)

CuteStrike: a cute multi-player 2D CounterStrike-like shooting game

CounterStrike is a classic first-person shooting game. We made it cute! You will see cute buns moving around in a 2D dust2 map! CuteStrike allows you to challenge AIs we design or play with real people over network.

dumpvb6: A practical VB6 decompiler

This is a geeky toy I made when I was 14. You give me a VB6 program and I give you the source code. VB6 stands for Microsoft's Visual Basic 6, a language that produces GUI programs in minutes! VB6 is straightforward and easy to learn and was once the most popular and successful language for GUI programs. Dumpvb6 did a hacky job by present the source code of a compiled VB6 program, which exposes all its secrets. Due to potential copyright concern, this project is only for academic purpose and not intended to be released.
Code snippet of VB6
I am still working hard on this.
  1. Virtualization Mingyuan Xia, Pin Zhou, David Pease, Xue Liu: Taming IO Spikes in Enterprise and Campus VM Deployment. The 7th ACM International Systems and Storage Conference (SYSTOR'14)
  2. Mobile software reliability Mingyuan Xia, Wenbo He, Xue Liu, Jie Liu: Why Application Errors Drain Battery Easily? A Study of Memory Leaks in Smartphone Apps. The 5th Workshop on Power-Aware Computing and Systems (HotPower'13)
  3. Sensor networks Linghe Kong, Mingyuan Xia, Min-you Wu, Xue Liu: Environment Reconstruction for Massive Data Loss in Wireless Sensor Networks. The 32nd IEEE International Conference on Computer Communications (INFOCOM'13)
  4. Sensor networks Linghe Kong, Mingyuan Xia, Xiao-Yang Liu, Guangshuo Chen, Yu Gu, Min-You Wu, Xue Liu: Data Loss and Reconstruction in Wireless Sensor Networks, IEEE Transactions on Parallel and Distributed Systems (TPDS'13)
  5. Scheduling Mingyuan Xia, Nan Zhu, Yuxiong He, Sameh Elnikety, Xue Liu: Performance Inconsistency in Large Scale Data Processing Clusters. The 10th International Conference on Autonomic Computing (ICAC'13)
  6. Mobile-cloud systems Jinghao Shi, Mingyuan Xia, Ming Wu, Lintao Zhang, Zheng Zhang: SLIM: Mmap from the cloud to device, and back. The 2nd ACM SIGOPS Asia-Pacific Workshop on Systems (APSys'11)
  7. Virtualization Jun Nakajima, Qian Lin, Sheng Yang, Min Zhu, Shang Gao, Mingyuan Xia, Peijie Yu, Yaozu Dong, Zhengwei Qi, Kai Chen, Haibing Guan: Optimizing virtual machines using hybrid virtualization. The 26th Symposium On Applied Computing (SAC'11)
  8. Virtualization Qian Lin, Mingyuan Xia, Miao Yu, Peijie Yu, Min Zhu, Shang Gao, Zhengwei Qi, Kai Chen, Haibing Guan: SPAD: software protection through anti-debugging using hardware virtualization. The 26th Symposium On Applied Computing (SAC'11)
  9. Virtualization Min Zhu, Miao Yu, Mingyuan Xia, Bingyu Li, Peijie Yu, Shang Gao, Zhengwei Qi, Liang Liu, Ying Chen, Haibing Guan: VASP: virtualization assisted security monitor for cross-platform protection. The 26th Symposium On Applied Computing (SAC'11)
  10. Virtualization Software security Mingyuan Xia, Miao Yu, Qian Lin, Zhengwei Qi, Haibing Guan: Enhanced Privilege Separation for Commodity Software on Virtualized Platform. The 16th International Conference on Parallel and Distributed Systems (ICPADS'10)
  11. Virtualization Peijie Yu, Mingyuan Xia, Qian Lin, Min Zhu, Shang Gao, Zhengwei Qi, Kai Chen, Haibing Guan: Real-time Enhancement for Xen Hypervisor. The 8th International Conference on Embedded and Ubiquitous Computing (EUC'10)
I am not confident of writing a good biography of myself, as a non-profession. I was born in Shanghai, the economy center of China. In 1843, the Treaty of Nanking opens Shanghai to the world, which once comprises the distinct areas of settlement for British, French, America and Europeans. Thus Shanghai develops a unique fusion of native Chinese culture and the cultures from all over the world. The idea of diversity is rooted in this multi-cultured city as well as in me. After my university life at Shanghai Jiao Tong University, I moved to Montreal for my PhD. The English-French city has indeed impressed me with its wonderful French maisons and unbelievable cold winter as well as accidental fall of snow flake from the roof, kidding. Ironically, I am getting awareness of the old traditions and value systems that are being replaced by aggressive modernization of my hometown, by looking at Montreal.
I have interests in many things, and am willing to waste time on them. Occasionally, just occasionally, I would sneak out of my office to for a late night movie, a decent meal, an afternoon with Kindle in some random cafe, an afternoon tea, cusine research, a spa, a visit to antique and art design stores or an obsessed afternoon of browsing Swiss watch catalog. Personally, I feel that my leisure life might appear as boring as still water to most people.
Here are some of my favorite works, people, and quotes:

The simulacrum is never that which conceals the truth — it is the truth which conceals that there is none. The simulacrum is true.

Ecclesiastes, as quoted in Simulacra and Simulation


北岛, 真的

Did you ever know an officer to handcuff a prisoner to his right hand?

O. Henry, Hearts and Hands

Gordon: I'm sorry, Harvey. For everything. But, please. Please don't hurt him.

Gary Oldman, cast in The Dark Knight

Where is the boundary between human and machine when the differences between the two become more philosophical than physical?

押井 守, Ghost in the shell

I’ve found the light of your voice; it has always been with me