Research articles

Notes:

• In the context of the graded assignments, each project group will study a distinct reseach article, among the ones listed below.

• The list below is sorted by chronological order. It is NOT sorted by topic or level of difficulty.

• Har’El et al. Efficient and Scalable Paravirtual I/O System. USENIX ATC 2013. [pdf]

• Amit et al. VSWAPPER: A Memory Swapper for Virtualized Environments. ASPLOS 2014. [pdf]

• Dall et al. KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor. ASPLOS 2014. [pdf]

• Malka et al. rIOMMU: Efficient IOMMU for I/O Devices that Employ Ring Buffers. ASPLOS 2015. [pdf]

• Li et al. Reducing World Switches in Virtualized Environment with Flexible Cross-world Calls. ISCA 2015. [pdf]

• Dall et al. ARM Virtualization: Performance and Architectural Implications. ISCA 2016. [pdf]

• Shi et al. Deconstructing Xen. NDSS 2017. [pdf]

• Lim et al. NEVE: Nested Virtualization Extensions for ARM. SOSP 2017. [pdf]

• Hua et al. EPTI: Efficient Defense against Meltdown Attack for Unpatched VMs. USENIX ATC 2018. [pdf]

• Amit et al. The Design and Implementation of Hyperupcalls. USENIX ATC 2018. [pdf]

• Talheim et al. Cntr: Lightweight OS Containers. USENIX ATC 2018. [pdf]

• Shen et al. X-Containers: Breaking Down Barriers to Improve Performance and Isolation of Cloud-Native Containers. ASPLOS 2019. [pdf]

• Anjali et al. Blending Containers and Virtual Machines: A Study of Firecracker and gVisor. VEE 2020. [pdf]

• Lim et al. Optimizing Nested Virtualization Performance Using Direct Virtual Hardware. ASPLOS 2020. [pdf]

• Mi et al. (Mostly) Exitless VM Protection from Untrusted Hypervisor through Disaggregated Nested Virtualization. USENIX Security 2020. [pdf]

• Li et al. A Secure and Formally Verified Linux KVM Hypervisor. IEEE Security & Privacy 2021. [pdf]

• Wanninger et al. Isolating Functions at the Hardware Limit with Virtines. EuroSys 2022. [pdf]

• Thalheim et al. VMSH: hypervisor-agnostic guest overlays for VMs. EuroSys 2022. [pdf]

• Holmes et al. KASLR in the age of MicroVMs. EuroSys 2022. [pdf]

• Li et al. Design and Verification of the Arm Confidential Compute Architecture. OSDI 2022. [pdf]

• Van’t Hof et al. BlackBox: A Container Security Monitor for Protecting Containers on Untrusted Operating Systems. OSDI 2022. [pdf]

• Li et al. RunD: A Lightweight Secure Container Runtime for High-density Deployment and High-concurrency Startup in Serverless Computing. USENIX ATC 2022. [pdf]

• Yasukata et al. Exit-Less, Isolated, and Shared Access for Virtual Machines. ASPLOS 2023. [pdf]

• Lupu et al. Nephele: Extending Virtualization Environments for Cloning Unikernel-based VMs. EuroSys 2023. [pdf]

• Chen et al. Security and Performance in the Delegated User-level Virtualization. OSDI 2023. [pdf]

• Zhou et al. Core slicing: closing the gap between leaky confidential VMs and bare-metal cloud. OSDI 2023. [pdf]

• Li et al. Bifrost: Analysis and Optimization of Network I/O Tax in Confidential Virtual Machines. USENIX ATC 2023. [pdf]

• Bergman et al. Translation Pass-Through for Near-Native Paging Performance in VMs. USENIX ATC 2023. [pdf]

• Wang et al. Efficient Memory Overcommitment for I/O Passthrough Enabled VMs via Fine-grained Page Meta-data Management. USENIX ATC 2023. [pdf]

• Zhang et al. HD-IOV: SW-HW Co-designed I/O Virtualization with Scalability and Flexibility for Hyper-Density Cloud. EuroSys 2024. [pdf]

• Chen at al. CPC: Flexible, Secure, and Efficient CVM Maintenance with Confidential Procedure Calls. USENIX ATC 2024 [pdf]

• Misono et al. Confidential VMs Explained: An Empirical Analysis of AMD SEV-SNP and Intel TDX. SIGMETRICS 2025. [pdf]

• Liu et al. FastIOV: Fast Startup of Passthrough Network I/O Virtualization for Secure Containers. EuroSys 2025. [pdf]

• Wrenger et al. HyperAlloc: Efficient VM Memory De/Inflation via Hypervisor-Shared Page-Frame Allocators. EuroSys 2025. [pdf]

• Wang et al. To PRI or Not To PRI, That’s the question.. OSDI 2025. [pdf]

• Manakkal et al. LITESHIELD: Secure Containers via Lightweight, Composable Userspace μKernel Services. USENIX ATC 2025. [pdf]

• Ben Zur et al. Accelerating Nested Virtualization with HyperTurtle. USENIX ATC 2025. [pdf]]

• Memarian et al. Ghost in the Android Shell: Pragmatic Test-oracle Specification of a Production Hypervisor. SOSP 2025. [pdf]

• Castes et al. The Design and Implementation of a Virtual Firmware Monitor. SOSP 2025 [pdf]