I am an Associate Professor in the Department of Computer Science at NC State University, co-director of the Secure Computing Institute (SCI), and director of the Wolfpack Security and Privacy Research (WSPR) laboratory. I earned my Ph.D. and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2011 and 2006, respectively, and my B.S. in Computer Engineering from Penn State in 2004.

My research investigates access control in emerging and complex systems such as those found in mobile platforms, Internet of Things (IoT), networks, and cloud infrastructure. These investigations include studying the need for access control through application analysis, the correctness of access control enforcement and policy, and the incorporation of new access control primitives. (Short Bio)

Quick Links

• Weir practical enforcement of information flow in Android
• ASM research at androidsecuritymodules.org
• NativeWrap privacy tool source code and app on the Google Play Store
• WHYPER natural language processing (NLP) of app descriptions
• TaintDroid research at appanalysis.org
• Android app decompliation at siis.cse.psu.edu/ded

Contact Information

Office: 3260 Engineering Building II
Phone: (919) 513-7905
Email: whenck at ncsu.edu

Office Hours (Fall 2020): Mondays, 2-3pm (Zoom - Waiting Room Enabled)

Students

Current PhD Students

• Isaac Polinsky (expected 2021)
• Iffat Anjum (expected 2023)
• Samin Yaseer Mahmud (expected 2023)
• Ben Demick (expected 2024)
• Trevor Dunlap (expected 2025) [co-advised with Dr. Brad Reaves]

Current Masters Students

• Seaver Thorn (expected 2021)

Past PhD Students

• Albert Gorski (Spring 2020) (now at Booz Allen Hamilton)
• Benjamin Andow (Summer 2019) (now at Google)
• TJ OConnor (Spring 2019) (now Assistant Professor, Florida Institute of Technology)
• Luke Deshotels (Fall 2018) (now at TikTok)
• Michael Grace (Summer 2017) [co-advised with Dr. Xuxian Jiang] (now at Samsung Research America)
• Adwait Nadkarni (Spring 2017) (now Assistant Professor, William and Mary)
• Ruowen Wang (Spring 2016) [co-advised with Dr. Peng Ning] (now at Google)
• Jason Gionta (Spring 2015) [co-advised with Dr. Peng Ning]

Recent Professional Activities

• PC co-Chair, 2018 USENIX Security Symposium
• PC co-Chair, 2016 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
• Steering Committee, 2019-present USENIX Security Symposium
• Steering Committee, 2016-present ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
• Associate Editor, 2015-present ACM Transactions on Internet Technology (TOIT)
• Department Editor, 2016-present IEEE Security and Privacy Magazine
• Program Committee, 2021 ISOC Network and Distributed System Security Symposium (NDSS)
• Program Committee, 2020 USENIX Security Symposium
• Program Committee, 2021 USENIX Security Symposium
• Program Committee, 2020 ACM Symposium on Access Control Models and Technology (SACMAT)
• Program Committee, 2020 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)
• Program Committee, 2020 Annual Computer Security Applications Conference (ACSAC)
• Program Committee, 2021 CoronaDef Workshop
• Program Committee, 2021 Financial Cryptography and Data Security (FC)
• Program Committee, 2021 ACM ASIA Conference on Computer and Communications Security (ASIACCS)

News

June 11, 2020: I gave a keynote titled Analysis of Access Control Enforcement in Android at ACM SACMAT 2020.

February 21, 2020: Our paper, Cardpliance: PCI DSS Compliance of Android Applications has been accepted for publication at the 2020 USENIX Security Symposium.

December 12, 2019: Our ONR grant for $1,033,306 titled Defining Security Policy in Distributed Environments using Network Views was awarded.

November 30, 2019: Our paper, n-m-Variant Systems: Adversarial-Resistant Software Rejuvenation for Cloud-Based Web Applications, has been accepted for publication at the 2020 ACM Conference on Data and Application Security and Privacy (CODASPY).

November 27, 2019: Our paper, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, has been accepted for publication at the 2020 USENIX Security Symposium.

(more news)

Professional Highlights

• I am an Associate Professor in the department of Computer Science at the North Carolina State University
• I am the director of the Wolfpack Security and Privacy Research (WSPR) laboratory.
• I am a National Science Foundation CAREER Award winner (CNS-1253346).
• My work has appeared in many major technical venues, including USENIX Security, ACM CCS, USENIX OSDI, USENIX ATC, ACM MobiCom, and NDSS.
• I am a co-founder of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)
• My research has been covered by The New York Times and CNET among other international press venues. I was also interviewed by FOX News (video). More recently, my research has been covered by PBS News Hour.
• I received my Ph.D. from the Computer Science and Engineering department at the Pennsylvania State University in May of 2011.
• I am a recipient of the Penn State University Alumni Association Dissertation Award for 2010-2011.
• I am a founding member and former lead graduate student of the Systems and Internet Infrastructure Security Laboratory.
• I worked as a research intern at AT&T Research and Intel Labs.
• I was a member of 2007 EVEREST academic study [pdf] of voting equipment sponsored by the Ohio Secretary of State.
• My Erdös number is 3 (Paul Erdös--Fan Chung--William Aiello--Me).