Web Analytics
S3 Lab - Software & Systems Security Laboratory
AI Vault logo

AI Vault

The AI Vault project designs and develops a new trusted execution environment (TEE) tailored to run artificial intelligence (AI) and machine learning (ML) programs on modern AI platforms (e.g., cloud and embedded devices) while providing strong data confidentiality and high efficiency.

TEE technologies, such as Intel SGX and ARM TrustZone, provide strong security guarantees against powerful attacks. However, due to the data-intensive characteristics of AI/ML programs and limitations of TEE, it is challenging to protect AI/ML programs using TEE technologies without sacrificing security and/or performance significantly. The goal of this project is to overcome these challenges to practically enable trusted AI and ML execution on AI platforms in production.

Recent News

Available Work

  • GEVisor: a small hypervisor to build a trusted GPU execution environment (paper, code)
  • T-Slices: trusted deep learning prediction with ARM TrustZone (paper, code)
  • Vessels: a deep learning framework for confidential prediction using Intel SGX (paper)

current people

Minkyung Park
Minkyung Park
Post-doctoral associate
Zelun Kong
Zelun Kong
PhD student



Building GPU TEEs using CPU Secure Enclaves with GEVisor
Xiaolong Wu, Dave (Jing) Tian, and Chung Hwan Kim
In SOCC 2023 [ pdf :: slides :: bibtex ]
Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors
Kyungtae Kim, Chung Hwan Kim, Junghwan , Xiao Yu, Haifeng Chen, Dave (Jing) Tian, and Byoungyoung Lee
In SOCC 2020 [ pdf :: slides :: bibtex ]