Kailun Qin
Currently, I work at Intel in Shanghai, China, with a focus on software infrastructure for current- and next-gen Intel Trusted Execution Environments (TEEs). In particular, I am one of the maintainers of the Gramine project – a lightweight Library OS/unikernel (with SGX and TDX backends) for confidential computing.
Meanwhile, I am earning my DEng degree part-time at Shanghai Jiao Tong University (SJTU), as part of the Lab of Cryptology and Computer Security (LoCCS), under the supervision of Prof. Dawu Gu. My research centers on confidential computing, while my interests also extend to system software, system security, and cloud security.
From 2019 to 2020, I worked at Ant Group, and from 2017 to 2019, I was with Intel. Prior to joining Intel as a Recent College Graduate (RCG) in 2017, I interned at NXP Semiconductors (2015-2016) and STMicroelectronics (Le Mans, France, 2015) during my master’s studies at IMT Atlantique (Nantes, France) and Nanjing University of Science and Technology (China).
Email / Github
Research
Trusted Execution Environment
- MVMonT: Securing Confidential Deployments with Attestable Multi-Variant Monitoring.
Kailun Qin and Dawu Gu.
@SRDS 2025
- MVTEE: Multi-Variant Trusted Execution for Secure Model Inference.
Kailun Qin and Dawu Gu.
@Middleware 2025
- To Share or Hide: Confidential Model Compilation as a Service with Privacy-Preserving Transparency.
Kailun Qin and Dawu Gu.
@SRDS 2024
- One System Call Hook to Rule All TEE OSes in the Cloud.
Kailun Qin and Dawu Gu.
@CLOUD 2024
- Gramine-TDX: A Lightweight OS Kernel for Confidential VMs.
Dmitrii Kuvaiskii, Dimitrios Stavrakakis, Kailun Qin, Cedric Xing, Pramod Bhatotia, Mona Vij.
@ACM CCS 2024
- Securing Nested Attestation of Confidential Serverless Computing without Intra-Enclave Isolation.
Atsuki Momose, Kailun Qin, Ao Sakurai, Mona Vij.
@Preprint
- Teamwork Makes TEE Work: Open and Resilient Remote Attestation on Decentralized Trust.
Xiaolin Zhang, Kailun Qin, Shipei Qu, Tengfei Wang, Chi Zhang, Dawu Gu.
@Preprint
- Rapid Deployment of Confidential Cloud Applications with Gramine.
(In alphabetical order) Michał Kowalczyk, Dmitri Kuvaiskii, Paweł Marczewski, Borys Popławski, Wojtek Porczyk, Donald Porter, Kailun Qin, Chia-Che Tsai, Mona Vij, Isaku Yamahata.
Cybersecurity Artifacts Impact Award @ACSAC 2024
- Confidential VM Extension (CoVE) for Confidential Computing, RISC-V Non-ISA Specification (in Freeze).
(In alphabetical order) Andrew Bresticker, Andy Dellow, Atish Patra, Atul Khare, Beeman Strong, Christian Bolis, Dingji Li, Dong Du, Dylan Reid, Eckhard Delfs, Fabrice Marinet, Guerney Hunt, Jiewen Yao, Kailun Qin, Manuel Offenberg, Nicholas Wood, Nick Kossifidis, Osman Koyuncu, Qing Li, Rajnesh Kanwal, Ravi Sahita, Rob Bradford, Samuel Ortiz, Steven Bellock, Vedvyas Shanbhogue, Wojciech Ozga, Yann Loisel.
Others
- Secure and Scalable TLB Partitioning Against Timing Side-Channel Attacks.
Tianyi Huang, Xiaolin Zhang, Kailun Qin, Boshi Yuan, Chenghao Chen, Yipeng Shi, Chi Zhang, Dawu Gu.
@ICICS 2025
- Now Let’s Make It Physical! Enabling Trusted Certificate Issuance in PKI via Physical Bindings for CAs.
Xiaolin Zhang, Chenghao Chen, Kailun Qin, Yuxuan Wang, Shipei Qu, Tengfei Wang, Chi Zhang, Dawu Gu.
@SecureComm 2025
- RISecure-PUF: Multipurpose PUF-Driven Security Extensions with Lookaside Buffer in RISC-V.
Chenghao Chen, Xiaolin Zhang, Kailun Qin, Tengfei Wang, Yipeng Shi, Tianyi Huang, Chi Zhang, Dawu Gu.
@Preprint
Talks