I am a fourth-year PhD. student at McGill University. I am interested in mobile software systems, including detecting new program bugs, checking security policies and generating autofix. I am also interested in storage systems and big data stacks, mainly the Spark and Hadoop stacks. I received my bachelor degree from Shanghai Jiao Tong University.

Controlling Mobile Devices with Gestures in Vehicles Mobile system

The small screen and touchscreen interactions of mobile devices could be uncomfortable for users in a moving vehicle. To overcome this limitation, we propose a rich set of gestures for performing fine-grained interacting with mobile device in a vehicle environment. Our system carefully picks gestures to allow easy control of vehicle applications (such as navigation, audio playback and phone call). Our algorithms overcome various road conditions that affect gesture recognition accuracy. This is an on-going project and we have a simple demo here:

A Tale of Two Erasure Codes in HDFS Storage system Big data

Enterprises continue to invest more and more disks to store growing data. Now petabyte-scale data poses a great challenge on the maintenance cost (for replacing dead disks), which largely confines the scalability of big data systems. Erasure coding is the technique that can store the same amount of data with 50% fewer disks, but at the cost of greater costs to recover unavailable data. In this paper, we explore novel erasure coding inventions and system techniques to tame the challenging recovery cost. Please refer to our FAST'15 paper for more details.

AppAudit: Detecting Data-leaking Mobile Apps Software security Mobile software

We design AppAudit, a program analysis tool that checks if an Android application leaks sensitive personal data. AppAudit is designed to help mobile users to avoid installing such apps, assist app store operators to filter out zero-day privacy threats and prevent app developers from accidentally using data-leaking libraries. AppAudit will appear at IEEE Symposium on Security and Privacy (S&P) 2015.

The overall precision for detecting malware compared with mainstream antivirus and research projects
The precision breakdown per malware family

AppBox: Sandboxing Apps Software security Mobile software

Ever tried the privacy browsing mode of web browers? Now AppBox extends this to all Android apps. AppBox is a universal sandbox for Android apps. Apps that enter AppBox appear like newly installed and have limited accesses to system resources and user data. When app exits from the AppBox, all traces and data produced are scrubed, like it never happened.

MonkeyHelper: Record, Replay and Understand User Interactions for Android Mobile systems

We provide a tool-chain written in Python to capture, replay, manipulate and analyze the live user interactions with a smartphone. Our record-and-replay capability is universal for all Android boxes. The manipulation and analyses can be highly customized with Python code. See a video showing record-and-replay AngryBirds.

SLIM: An STL-like library for mobile-cloud programming Mobile-cloud

Programming a mobile-cloud application is hard considering the efforts of synchronizing data, managing different views, consistency and performance. We provide SLIM, a library that provide STL-like interfaces while distributing data across the device and the cloud. SLIM reduces the programming efforts by providing interfaces familiar to developers along with various pre-defined policies that address common trade-offs. This project is an intern project with Microsoft Research Asia and has been published on Asia-Pacific System Symposium 2011. The below code snippet shows an example RSS reader that fetches and displays feed

// a SLIM vector of feed items
// persistency policy: stored in memory, flash and cloud
// read/write policy: writes come from cloud to device
// update policy: invoke callback when the vector has one dirty (new) item
typedef SLIMVector< FeedItem, Memory_Flash_Cloud, Cloud_To_Device, OnDirtyBound<1> > UpdateVector;
UpdateVector feeds("rss://..");
// set update callback function
feeds.onUpdate([] (FeedItem newFeeds[]) {
// iterate through all newfeeds and display
    foreach (feed in newFeeds)

CuteStrike: a cute multi-player 2D CounterStrike-like shooting game

CounterStrike is a classic first-person shooting game. We made it cute! You will see cute buns moving around in a 2D dust2 map! CuteStrike allows you to challenge AIs we design or play with real people over network.

dumpvb6: A practical VB6 decompiler

This is a geeky toy I made when I was 14. You give me a VB6 program and I give you the source code. VB6 stands for Microsoft's Visual Basic 6, a language that produces GUI programs in minutes! VB6 is straightforward and easy to learn and was once the most popular and successful language for GUI programs. Dumpvb6 did a hacky job by present the source code of a compiled VB6 program, which exposes all its secrets. Due to potential copyright concern, this project is only for academic purpose and not intended to be released.
Code snippet of VB6
  1. Program analysis Mingyuan Xia, Lu Gong, Yuanhao Lv, Zhengwei Qi, Xue Liu: Effective Real-time Android Application Auditing. The 36th IEEE Symposium on Security and Privacy (IEEE S&P'15)
  2. Cloud Storage System Mingyuan Xia, Mohit Saxena, Mario Blaum, David A. Pease: A Tale of Two Erasure Codes in HDFS. The 13th USENIX Conference on File and Storage Technologies (FAST '15)
  3. Virtualization Mingyuan Xia, Pin Zhou, David Pease, Xue Liu: Taming IO Spikes in Enterprise and Campus VM Deployment. The 7th ACM International Systems and Storage Conference (SYSTOR'14)
  4. Mobile software reliability Mingyuan Xia, Wenbo He, Xue Liu, Jie Liu: Why Application Errors Drain Battery Easily? A Study of Memory Leaks in Smartphone Apps. The 5th Workshop on Power-Aware Computing and Systems (HotPower'13)
  5. Sensor networks Linghe Kong, Mingyuan Xia, Min-you Wu, Xue Liu: Environment Reconstruction for Massive Data Loss in Wireless Sensor Networks. The 32nd IEEE International Conference on Computer Communications (INFOCOM'13)
  6. Sensor networks Linghe Kong, Mingyuan Xia, Xiao-Yang Liu, Guangshuo Chen, Yu Gu, Min-You Wu, Xue Liu: Data Loss and Reconstruction in Wireless Sensor Networks, IEEE Transactions on Parallel and Distributed Systems (TPDS'13)
  7. Scheduling Mingyuan Xia, Nan Zhu, Yuxiong He, Sameh Elnikety, Xue Liu: Performance Inconsistency in Large Scale Data Processing Clusters. The 10th International Conference on Autonomic Computing (ICAC'13)
  8. Mobile-cloud systems Jinghao Shi, Mingyuan Xia, Ming Wu, Lintao Zhang, Zheng Zhang: SLIM: Mmap from the cloud to device, and back. The 2nd ACM SIGOPS Asia-Pacific Workshop on Systems (APSys'11)
  9. Virtualization Jun Nakajima, Qian Lin, Sheng Yang, Min Zhu, Shang Gao, Mingyuan Xia, Peijie Yu, Yaozu Dong, Zhengwei Qi, Kai Chen, Haibing Guan: Optimizing virtual machines using hybrid virtualization. The 26th Symposium On Applied Computing (SAC'11)
  10. Virtualization Qian Lin, Mingyuan Xia, Miao Yu, Peijie Yu, Min Zhu, Shang Gao, Zhengwei Qi, Kai Chen, Haibing Guan: SPAD: software protection through anti-debugging using hardware virtualization. The 26th Symposium On Applied Computing (SAC'11)
  11. Virtualization Min Zhu, Miao Yu, Mingyuan Xia, Bingyu Li, Peijie Yu, Shang Gao, Zhengwei Qi, Liang Liu, Ying Chen, Haibing Guan: VASP: virtualization assisted security monitor for cross-platform protection. The 26th Symposium On Applied Computing (SAC'11)
  12. Virtualization Software security Mingyuan Xia, Miao Yu, Qian Lin, Zhengwei Qi, Haibing Guan: Enhanced Privilege Separation for Commodity Software on Virtualized Platform. The 16th International Conference on Parallel and Distributed Systems (ICPADS'10)
  13. Virtualization Peijie Yu, Mingyuan Xia, Qian Lin, Min Zhu, Shang Gao, Zhengwei Qi, Kai Chen, Haibing Guan: Real-time Enhancement for Xen Hypervisor. The 8th International Conference on Embedded and Ubiquitous Computing (EUC'10)

I was born in Shanghai, the economy center of China. In 1843, the Treaty of Nanking opens this port to the world, which once comprises the distinct areas of settlement for British, French, American and European. As a treaty port, it survives the great destruction of WW2. Thus Shanghai develops and maintains a unique fusion of cultures from traditional China and various European countries. The city as well as I value peace, diversity and quality of life.

After twenty-two years in this city, I moved to Montréal for my doctoral degree. The English-French city has indeed impressed me with its wonderful French maisons and unbelievable cold winter as well as accidental fall of snow flake from the roof, kidding. Ironically, I grow awareness of Chinese traditions and value systems that are being replaced by aggressive modernization, by looking at Montreal.

I have interests in many things, and am willing to waste time on them. Occasionally, just occasionally, I would sneak out of my office to for a late night movie, a decent meal, a lazy afternoon with sunshine and Kindle, an afternoon tea, cuisine research, a spa, a visit to antique and art design stores or an obsessed afternoon of browsing Swiss watch catalog.

Here are some great works and people that inspired me, and some quotes I would like to share:
The Old Lighthouse on the Bund, Shanghai

The simulacrum is never that which conceals the truth — it is the truth which conceals that there is none. The simulacrum is true.

Ecclesiastes, as quoted in Simulacra and Simulation


北岛, 真的

Did you ever know an officer to handcuff a prisoner to his right hand?

O. Henry, Hearts and Hands

Gordon: I'm sorry, Harvey. For everything. But, please. Please don't hurt him.

Gary Oldman, cast in The Dark Knight

Where is the boundary between human and machine when the differences between the two become more philosophical than physical?

押井 守, Ghost in the shell

I’ve found the light of your voice; it has always been with me