Our research work has led to actual effect on quite a few industrial systems.

High-Performance Mobile Emulation through Graphics Projection

Mobile emulation is pivotal to the mobile ecosystem by facilitating app debugging, PC-based mobile gaming, market-scale malware detection, and so on. By adding a small-size graphics projection space inside the guest memory, where the critical control contexts and resource handles required by the host GPU are strategically maintained and delivered, we build a high-performance Android emulator called Trinity which exhibits excellent efficiency, compatibility, and security at the same time for the first time. It has been adopted by the Huawei DevEco Studio IDE with millions of developers.

Paper in OSDI'22

Nationwide Study on Mobile Access Bandwidth

By working with a major mobile bandwidth testing app (UUSpeedTest) to deeply analyze mobile access bandwidths of 3.54M end users in China, we reveal the root causes of the critical performance gaps between the advertised 4G/5G/WiFi access bandwidth and what is actually delivered in the wild. Based on the analysis insights, we build an ultra-fast, ultra-light bandwidth testing service (Swiftest) to dramatically reduce the test time (from 10 seconds to ~1 second) and backend cost.

Paper in SIGCOMM'22

Fast and Light Bandwidth Testing for Internet Users

✎ Internet bandwidth testing services (BTSes) measure the access bandwidth of end hosts, which are however oftentimes slow and costly. To make BTS fast and cheap while maintaining high accuracy, we develop FastBTS through a novel statistical sampling framework termed fuzzy rejection sampling. With only 30 test servers, FastBTS achieves the same level of accuracy compared to the state-of-the-art BTS ( that deploys 12,000+ servers. Most importantly, FastBTS makes bandwidth tests 5.6 faster and 10.7 more data-efficient.

Paper in NSDI'21

Nationwide Study on Cellular (Data Connection) Reliability

✎ We make the first large-scale, in-depth study on cellular reliability with over 70M Android phones across 34 different hardware models. We identify the critical factors that affect cellular reliability and clear up misleading intuitions indicated by common wisdom. More importantly, we have developed enhancements that effectively address cellular reliability issues with remarkable real-world impact -- our optimizations on Android's cellular implementations have reduced 40% cellular connection failures for 5G phones and 36% failure duration across all phones, benefiting ~28M MIUI OS users.

Best Student Paper Award in SIGCOMM'21

Why Does Android Stop Responding?

✎ Android users often experience poor responsiveness, in particular Application Not Responding (ANR) and System Not Responding (SNR) that directly disrupt user experience. We make an in-depth study of ANR/SNR at scale in the wild, uncover multifold root causes of ANR/SNR, and pinpoint the largest pathology that roots in Android's flawed implementation of Write Amplification Mitigation (WAM). We design a practical approach to eliminating this largest root cause, which has been adopted by the MIUI OS, benefiting over 20 million users.

Paper in MobiCom'20

Xiaomi MVNO

✎ Mobile virtual network operators (MVNOs) operate on top of existing cellular infrastructures of base carriers, while offering cheaper or more flexible data plans. We present a two-year measurement study towards understanding various key aspects of today's MVNO ecosystem, based on Xiaomi MVNO with 1M customers. Our measurements clarify several key concerns raised by MVNO customers. We also leverage big data analytics and machine learning to optimize an MVNO's key businesses such as data plan reselling and customer churn mitigation.

Papers in MobiSys'19 and TON'20.

Mobile Gaming on PCs with Direct Android Emulation

✎ Efficiently emulating heavy 3D Android games on Windows PCs has long been desired while highly challenging. This paper presents DAOW, a commercial game-oriented Android emulator that implements the idea of direct Android emulation, which directly executes Android app binaries on top of x86-based Windows PCs without employing virtualization techniques. It has been widely adopted by 50M+ PC users to run thousands of heavy 3D Android games, achieving almost the same level of smoothness as being played natively on Android smartphones.

Paper and Best Demo Award in MobiCom'19


✎ By examining apps' API invocations, we build APIChecker, an machine learning-based mobile malware detection system. The key to successfully developing such systems is manifold: 1) feature selection, 2) feature engineering, 3) app analysis speed, 4) developer engagement, and 5) model evolution. Failure in any of the above aspects would lead to "wooden barrel effect" of the entire system. APIChecker is adopted by Tencent Android App Store to efficiently check 10K newly submitted apps per day.

Papers in EuroSys'20 and TPDS'21


✎ As a key UI feature of Android, overlay enables one app to draw over other apps by creating an extra View layer on top of the host View. While greatly facilitating user interactions with multiple apps at the same time, it is often exploited by malicious apps (malware) to attack users. To combat this threat, we build OverlayChecker to automatically detect overlay-based malware at market scales. It is adopted by Tencent Android App Store to efficiently check 10K newly submitted apps per day.

Papers in MobiSys'19 and TMC'22.


✎ Linux-based IoT devices have emerged as one primary target of today's cyber attacks. To understand realistic attacks on such devices at scale in the wild, we deploy 4 hardware IoT honeypots and 108 specially designed software IoT honeypots across eight mainstream public clouds. The measurement study leads to multi-fold insights towards actionable defense strategies that can be adopted by IoT vendors and end users.

Paper in MobiSys'19.

UFC2: User-Friendly Collaborative Cloud

✎ Mainstream cloud storage services all support collaborative file editing, which however often leads to poor experiences. We unravel a number of their design and implementation issues as the root causes. Thereby, we reconsider their collaboration support from a novel perspective of operations without using any locks. To enable this, we design intelligent approaches to the inference and transformation of users' editing operations, as well as optimizations to the maintenance of files' historic versions. We build an open-source system UFC2 to embody our design, which can avoid most conflicts with little overhead.

Papers in FAST'20 and TPDS'22

Web-based Delta Sync for Cloud Storage Services

✎ Striving towards a practical web-based delta synchronization solution for cloud storage services (e.g., Dropbox). Leveraging a series of state-of-the-art web techniques (JavaScript, WebSocket, HTML5 File APIs, and asm.js) and cloud techniques (virtual machine, object storage, and node.js), we have developed an open-source prototype solution WebR2sync+, and a usable online system THU-CloudDisk that has integrated our solution.

Papers in FAST'18 and TOS'22.

Nationwide Census on WiFi Security Threats

✎ By deploying a crowdsourced WiFi security checking system on 14 million mobile devices, we characterize a wide variety of real-world WiFi security threats at an unprecedented scale, involving 19 million WiFi access points (APs) mostly located in China. Surprisingly, we detect attacks at around 4% of all WiFi APs, uncover that most WiFi attacks are driven by an underground economy, and provide strong evidence of web analytics platforms being the bottleneck of its monetization chain. Our system has been adopted by

Paper in MobiCom'21

FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild


✎ Yet another key component of Baidu PhoneGuard, FBS-Radar precisely identifies malicious fake base stations (FBSes) and accurately geolocates FBSes based on crowdsourced data of nearly 100 million users. It protects users from millions of spam and fraud SMS messages per day, and has helped the Ministry of Public Security of China arrest hundreds of FBS operators. Also, we have made a public website that shows the current locations of detected FBSes in real time.

Paper in NDSS'17.

Cross-App Cellular Traffic Optimization with Baidu TrafficGuard


✎ As a key component of Baidu PhoneGuard, Baidu TrafficGuard is a third-party mobile traffic proxy widely deployed for Android 4.0+ devices in China. It effectively reduces cellular traffic using a network-layer VPN that connects a client-side proxy to a centralized traffic processing cloud. Most importantly, it works transparently across heterogeneous applications, so is not constrained to any specific app.

Paper in NSDI'16.

  Cloud Download  (or says Offline Download)

Achieving high-quality content distribution (especially for unpopular videos) by using cloud utilities as a cache to guarantee the data health and enhance the data transfer rate. Please try the large-scale  Xuanfeng Cloud Download system!

Papers in ACM-MM'11 and JCST'15.

Cloud Tracker  (or says Open-P2SP content distribution)


✎ Dynamically tracking and integrating various third-party servers, contents and data transfer protocols all over the Internet into a large, open and federated P2SP (peer-to-server/peer) platform, so as to accelerate the content distribution from servers to clients and among peer swarms. It also facilitates load-balancing among the involved servers. Please try the large-scale  Xunlei or Xuanfeng system!

Papers in ACM-MM'11 and TPDS'13.