I am an Associate Professor in the Department of Computer Science at NC State University and director of the Wolfpack Security and Privacy Research (WSPR) laboratory. I earned my Ph.D. and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2011 and 2006, respectively, and my B.S. in Computer Engineering from Penn State in 2004.

My research investigates access control in emerging and complex systems such as those found in mobile platforms, Internet of Things (IoT), networks, and cloud infrastructure. These investigations include studying the need for access control through application analysis, the correctness of access control enforcement and policy, and the incorporation of new access control primitives. (Short Bio)

Quick Links

• Weir practical enforcement of information flow in Android
• ASM research at androidsecuritymodules.org
• NativeWrap privacy tool source code and app on the Google Play Store
• WHYPER natural language processing (NLP) of app descriptions
• TaintDroid research at appanalysis.org
• Android app decompliation at siis.cse.psu.edu/ded

Contact Information

Office: 3260 Engineering Building II
Phone: (919) 513-7905
Email: whenck at ncsu.edu

Postal Mail Department of Computer Science EB2, Rm 3260, Box 8206 North Carolina State University Raleigh, NC 27695-8206, USA

Deliveries 3320 Engineering Building II 890 Oval Dr. Raleigh, NC 27695-8206, USA

Office Hours (Spring 2019): Tuesdays, 1:30-2:30pm

Students

Current PhD Students

• Albert Gorski (expected 2019)
• Isaac Polinsky (expected 2020)
• Iffat Anjum (expected 2023)
• Samin Yaseer Mahmud (expected 2023)

Past PhD Students

• Benjamin Andow (Summer 2019) (now at IBM TJ Watson Research Center)
• TJ OConnor (Spring 2019) (now Assistant Professor, Florida Institute of Technology)
• Luke Deshotels (Fall 2018) (now at Samsung Research America)
• Michael Grace (Summer 2017) [co-advised with Dr. Xuxian Jiang] (now at Samsung Research America)
• Adwait Nadkarni (Spring 2017) (now Assistant Professor, William and Mary)
• Ruowen Wang (Spring 2016) [co-advised with Dr. Peng Ning] (now at Google)
• Jason Gionta (Spring 2015) [co-advised with Dr. Peng Ning]

Recent Professional Activities

• PC co-Chair, 2018 USENIX Security Symposium
• Associate Editor, 2015-present ACM Transactions on Internet Technology (TOIT)
• Department Editor, 2016-present IEEE Security and Privacy Magazine
• PC co-Chair, 2017 USENIX Workshop on Offensive Technologies (WOOT)
• Student PC co-Chair, 2017 IEEE Symposium on Security and Privacy (Oakland)
• Shadow PC co-Chair, 2017 ACM Symposium on Information, Computer and Communications Security (ASIACCS)
• PC co-Chair, 2016 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
• Program Committee, 2020 ISOC Network and Distributed System Security Symposium (NDSS)
• Program Committee, 2020 USENIX Security Symposium
• Program Committee, 2020 Financial Cryptography and Data Security (FC)
• Program Committee, 2020 ACM Symposium on Access Control Models and Technology (SACMAT)
• Program Committee, 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
• Program Committee, 2019 Annual Computer Security Applications Conference (ACSAC)

News

May 24, 2019: Our paper, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, has been accepted for publication at the 2019 USENIX Security Symposium.

May 16, 2019: We were awarded Best Paper at ACM WiSec 2019 for our paper, Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things.

April 30, 2019: Our paper, Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS, has been accepted for publication at the 2020 IEEE Symposium on Security and Privacy (S&P).

March 12, 2019: I presented an invited talk titled Analysis of iOS Access Control Policy at King's College London (KCL).

March 5, 2019: Our paper, HomeSnitch: Behavior Transparency and Control for Smart Home IoT Devices, has been accepted for publication at the 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

(more news)

Professional Highlights

• I am an Associate Professor in the department of Computer Science at the North Carolina State University
• I am the director of the Wolfpack Security and Privacy Research (WSPR) laboratory.
• I am a National Science Foundation CAREER Award winner (CNS-1253346).
• My work has appeared in many major technical venues, including USENIX Security, ACM CCS, USENIX OSDI, USENIX ATC, ACM MobiCom, and NDSS.
• I am a co-founder of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)
• My research has been covered by The New York Times and CNET among other international press venues. I was also interviewed by FOX News (video).
• I received my Ph.D. from the Computer Science and Engineering department at the Pennsylvania State University in May of 2011.
• I am a recipient of the Penn State University Alumni Association Dissertation Award for 2010-2011.
• I am a founding member and former lead graduate student of the Systems and Internet Infrastructure Security Laboratory.
• I worked as a research intern at AT&T Research and Intel Labs.
• I was a member of 2007 EVEREST academic study [pdf] of voting equipment sponsored by the Ohio Secretary of State.
• My Erdös number is 3 (Paul Erdös--Fan Chung--William Aiello--Me).