Zhejiang University and Ant Group Joint Paper Wins ACM CCS 2021 Best Paper Award

ACM CCS 2021, one of the four top conferences in global network security, announced its annual Best Paper Award, which was won by a joint paper from Zhejiang University and Ant Group, marking the second time a Chinese team with a first‑author has received this honor since the conference’s inception.

The conference historically has a low acceptance rate of 17.6%, and only a handful of papers receive the Best Paper Award; in the past decade, only three papers with first authors from Chinese research institutions have earned this distinction.

The award‑winning paper, titled V‑SHUTTLE: Scalable and Semantics‑Aware Hypervisor Virtual Device Fuzzing , was authored by first‑author Pan Gaoning and second‑author Lin Xingwei, both now working at Ant Group’s Ant Security Light Year Lab; Pan is a Ph.D. candidate at Zhejiang University focusing on cloud security.

Ant Security Light Year Lab, established at the end of 2016, conducts foundational software and device security research, achieving world‑leading exploit capabilities and providing security guarantees for Ant Group and related financial‑grade infrastructure, with numerous top‑ranked competition wins and vendor acknowledgments.

The paper highlights severe vulnerabilities in hypervisor devices used by major cloud providers, which could lead to massive data leaks if exploited; the team developed the automated tool V‑SHUTTLE to discover such flaws, uncovering 35 vulnerabilities in small‑scale experiments, 17 of which have been assigned CVE identifiers and earned official acknowledgments from major vendors.

The V‑SHUTTLE source code has been publicly released on GitHub to help improve the overall security posture of cloud platforms and protect internet users’ data worldwide.