I am the Goodnight Distinguished Professor in Security Sciences in the Department of Computer Science at NC State University, co-director of the Secure Computing Institute, director of the Wolfpack Security and Privacy Research (WSPR) laboratory, and a member of the Secure Software Supply Chain Center (S3C2). I earned my Ph.D. and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2011 and 2006, respectively, and my B.S. in Computer Engineering from Penn State in 2004.
My research studies the security of a wide range of systems, including the software supply chain, 5G and cloud infrastructure, mobile platforms, Internet of Things (IoT), and networks. I commonly apply a range of systems design, program analysis, and empirical studies to demonstrate how novel techniques and tools can improve the security of our computing systems. (Short Bio)
Contact Information
Office: 2240M Engineering Building II
Phone: (919) 513-7905
Email: whenck at ncsu.edu
|
Postal Mail
Department of Computer Science |
Deliveries
3320 Engineering Building II |
Current PhD Students
- Seaver Thorn (expected 2026)
- K. Virgil English (expected 2027)
- Elizabeth Lin (expected 2027)
- Greg Tystahl (expected 2027) [co-advised with Dr. Alexandros Kapravelos]
- Jonah Ghebremichael (expected 2028) [co-advised with Dr. Alexandros Kapravelos]
- James Pangia (expected 2028) [co-advised with Dr. Alexandros Kapravelos]
(all current and past students)
Recent Professional Activities
- Vice President, July 2024- USENIX Association Board of Directors
- Secretary, 2022-2024 USENIX Association Board of Directors
- Steering Committee, 2019-present USENIX Security Symposium
- Program Co-Chair, 2025 IEEE Symposium on Security and Privacy (S&P)
- Program Co-Chair, 2024 IEEE Symposium on Security and Privacy (S&P)
News
June 6, 2025: Our paper, Context Matters: Qualitative Insights into Developers' Approaches and Challenges with Software Composition Analysis has been accepted for publication at the 2025 USENIX Security Symposium.
May 8, 2025: I have been named the Goodnight Distinguished Professor in Security Sciences in the Department of Computer Science at NC State University.
May 2, 2025: Our paper, ProfessorX: Detecting Silent Vulnerabilities in Policy Engine Implementations has been accepted for publication at the 2025 ACM Symposium on Access Control Models and Technologies (SACMAT).
December 12, 2024: We won the ACSAC 2024 Test of Time Award for our 2009 ACSAC paper titled Semantically Rich Application-Centric Security in Android.
October 31, 2024: Our paper, An Empirical Study on Reproducible Packaging in Open-Source Ecosystems has been accepted for publication at the 2025 IEEE/ACM International Conference on Software Engineering (ICSE).