William Harold Enck

Professor • Department of Computer Science • North Carolina State University
Director, Wolfpack Security and Privacy Research (WSPR) Laboratory
co-Director, Secure Computing Institute (SCI)
Email: whenck@ncsu.edu • Homepage: https://enck.org

Education

Pennsylvania State University, University Park, PA

Ph.D., Computer Science and Engineering, May 2011
Thesis: Analysis Techniques for Mobile Operating System Security
Advisor: Dr. Patrick McDaniel

Pennsylvania State University, University Park, PA

M.S., Computer Science and Engineering, May 2006
Thesis: Analysis of Open-Functionality in SMS-Capable Cellular Networks
Advisor: Dr. Patrick McDaniel

Pennsylvania State University, University Park, PA

B.S., Computer Engineering, May 2004
Thesis: Study of Adaptive Routing Algorithms for NoC Architectures
Advisor: Dr. Chita R. Das

Academic and Research Appointments

2021-present	Professor
	Department of Computer Science, North Carolina State University
2019-present	co-Director
	Secure Computing Institute, North Carolina State University
2016-2021	Associate Professor
	Department of Computer Science, North Carolina State University
2011-2016	Assistant Professor
	Department of Computer Science, North Carolina State University
2005-2011	Research Assistant
	Computer Science and Engineering, Pennsylvania State University
Jan 2009 - Aug 2010	Lead Graduate Student
	Systems and Internet Infrastructure Security (SIIS) Laboratory, Pennsylvania State University
Spring 2009	co-Instructor, CSC597a: Mobile Phone Security
	Computer Science and Engineering, Pennsylvania State University
Summer 2007	Instructor, EE/CSE458: Communications Networks
	Computer Science and Engineering, Pennsylvania State University
Spring 2005	Teaching Assistant, CSE473: Microcomputer Laboratory
	Computer Science and Engineering, Pennsylvania State University

Industrial Experience

Summer 2009	Research Intern
	Intel Labs, Seattle, WA
Summer 2006	Research Intern
	AT&T Research, Florham Park, NJ
Summer 2003	Summer Intern
	IBM Corp., Poughkeepsie, NY
Summers 2000-2002, 2004	Systems Administrator
	Lebanon MobileFone Inc., Lebanon, PA

Selected Publications

Luke Deshotels, Costin Carabas, Jordan Beichler, Razvan Deaconescu, and William Enck, Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS, in Proceedings of the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, 2020, pp. 1056–1070.
[PDF] (acceptance rate=12.3%)
Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, in Proceedings of the USENIX Security Symposium, Santa Clara, CA, 2019, pp. 585–602.
[PDF] (acceptance rate=16%)
Luke Deshotels, Razvan Deaconescu, Mihai Chiroiu, Lucas Davi, William Enck, and Ahmad-Reza Sadeghi, SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, 2016.
[PDF] (acceptance rate=16.5%)
Adwait Nadkarni, Benjamin Andow, William Enck, and Somesh Jha, Practical DIFC Enforcement on Android, in Proceedings of the USENIX Security Symposium, Austin, TX, 2016.
[PDF] (acceptance rate=15.6%)
Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed Azab, EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning, in Proceedings of the USENIX Security Symposium, Washington, DC, 2015.
[PDF] (acceptance rate=15.7%)
Stephan Heuser, Adwait Nadkarni, William Enck, and Ahmad-Reza Sadeghi, ASM: A Programmable Interface for Extending Android Security, in Proceedings of the USENIX Security Symposium, San Diego, CA, 2014.
[PDF] (acceptance rate=19.1%) (supercedes TUD-CS-2014-0063)
Adwait Nadkarni and William Enck, Preventing Accidental Data Disclosure in Modern Operating Systems, in Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, 2013.
[PDF] (acceptance rate=19.8%)
Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie, WHYPER: Towards Automating Risk Assessment of Mobile Applications, in Proceedings of the USENIX Security Symposium, Washington, D.C., 2013.
[PDF] (acceptance rate=16.2%)
William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri, A Study of Android Application Security, in Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, 2011.
[PDF] (acceptance rate=17.2%) (supercedes NAS-0144)
William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, in Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Vancouver, BC, 2010.
[PDF] (acceptance rate=16.1%) (supercedes NAS-0120)

Student Advising

Current PhD Students	Seaver Thorn (expected 2026) K. Virgil English (expected 2027) Elizabeth Lin (expected 2027) Greg Tystahl (expected 2027) [co-advised with Dr. Alexandros Kapravelos] Jonah Ghebremichael (expected 2028) [co-advised with Dr. Alexandros Kapravelos] James Pangia (expected 2028) [co-advised with Dr. Alexandros Kapravelos]
Current PhD Committees	Sathvik Prasad [advised by Dr. Brad Reaves] Shaown Sarker [advised by Dr. Alexandros Kapravelos] Nikolaos Pantelaios [advised by Dr. Alexandros Kapravelos]
Past PhD Students	Trevor Dunlap (Summer 2024) [co-advised with Dr. Brad Reaves] (now at Chainguard) Samin Yaseer Mahmud (Fall 2023) (now at Meta) Iffat Anjum (Fall 2023) (now Teaching Assistant Professor at University of Denver) Isaac Polinsky (Summer 2023) (now at Google) Albert Gorski (Spring 2020) (now at Booz Allen Hamilton) Benjamin Andow (Summer 2019) (now at Google) TJ OConnor (Spring 2019) (now Assistant Professor, Florida Institute of Technology) Luke Deshotels (Fall 2018) (now at TikTok) Michael Grace (Summer 2017) [co-advised with Dr. Xuxian Jiang] (now at Samsung Research America) Adwait Nadkarni (Spring 2017) (now Assistant Professor, William and Mary) Ruowen Wang (Spring 2016) [co-advised with Dr. Peng Ning] (now at Google) Jason Gionta (Spring 2015) [co-advised with Dr. Peng Ning]
Past Masters Students	K. Virgil English (Summer 2022) Seaver Thorn (Fall 2020) Sanket Goutam (Spring 2019) [co-advised with Dr. Brad Reaves] Akash Verma (Fall 2016) Tsung-Hsuan (Anson) Ho (Fall 2013) [co-advised with Dr. Xiaohui (Helen) Gu] Vasant Tendulkar (Summer 2013) Andrew Branscomb (Spring 2013) [co-advised with Dr. Ting Yu] Adwait Nadkarni (Fall 2012)
Past PhD Committees	Sarah Elder [advised by Dr. Laurie Williams] Yunsen Lie (Worcester Polytechnic Institute) [advised by Dr. Craig Shu] Mu Zhu [advised by Dr. Munindar Singh] Igibek Koishybayev [advised by Dr. Alexandros Kapravelos] Pubali Datta (University of Illinois, Urbana-Champaign) [advised by Dr. Adam Bates] Shaohu Zhang [advised by Dr. Anupam Das] Nasif Imtiaz [advised by Dr. Laurie Williams] Abida Haque [advised by Dr. Alessandra Scafuro] Alex Freij (ECE Department) [advised by Dr. Huiyang Zhou] William Brockelsby [advised by Dr. Rudra Dutta] Jordan Jueckstock [advised by Dr. Alexandros Kapravelos] Jie Duan (ECE Department) [advised by Dr. Mo-Yuen Chow] Quan Chen [advised by Dr. Alexandros Kapravelos] Hans Liljestrand (Aalto University) [advised by Dr. N. Asokan] Xueqing Liu (University of Illinois, Urbana-Champaign) [advised by Dr. Tao Xie] Justin Smith [advised by Dr. Emerson Murphy-Hill] Karthik Sheshadri [advised by Dr. Munindar Singh] Salahuddin Khan (Royal Holloway, University of London) [advised by Dr. Lorenzo Cavallaro] Nirav Ajmeri [advised by Dr. Munindar Singh] Micah Bushouse [advised by Dr. Douglas Reeves] Christopher Theisen [advised by Dr. Laurie Williams] Luka Malisa (ETH Zurich) [advised by Dr. Srdjan Capkun] Kimberly Tam (Royal Holloway, University of London) [advised by Dr. Lorenzo Cavallaro] Kamal K.C. [advised by Dr. Vincent Freeh] Daniel Dean [advised by Dr. Xiaohui (Helen) Gu] Rahul Pandita [advised by Dr. Laurie Williams] Chiachih Wu [advised by Dr. Xuxian Jiang] Xi Gi [advised by Dr. Emerson Murphy-Hill] Hiep Nguyen [advised by Dr. Xiaohui (Helen) Gu] Wu Zhou [advised by Dr. Xuxian Jiang] Wei Wei [advised by Dr. Ting Yu] Yongmin Tan [advised by Dr. Xiaohui (Helen) Gu]
Past Masters Committees	Gurkirat Singh [advised by Dr. Munindar Singh] Aishwarya Seth [advised by Dr. Laurie Williams] Sen Qiao [advised by Dr. Kemafor Anyanwu Ogan] Yoonchul Ro [advised by Dr. Christopher Healey] Gregor Haas [advised by Dr. Aydin Aysu] Monica Metro [advised by Dr. Laurie Williams] Anoosha Vangaveeti [advised by Dr. Mladen Vouk] Roopak Venkatakrishnan [advised by Dr. Mladen Vouk] Ajay Saini [advised by Dr. Frank Mueller] Nishanth Balasubramanian [advised by Dr. Frank Mueller] Onkar Patil [advised by Dr. Frank Mueller] Shrinivas Panchamukhi [advised by Dr. Frank Mueller] Sandeep Kandula [advised by Dr. Frank Mueller]

Honors

Best Paper, 2024 ACM Conference on Data and Application Security and Privacy (CODASPY), with co-authors K. Virgil English, Nathaniel Bennett, Seaver Thorn, Kevin Butler, and Patrick Traynor, June 2024.
Distinguished Paper, 2024 ISOC Network and Distributed Systems Security Symposium (NDSS), with co-authors Elizabeth Lin, Igibek Koishybayev, Trevor Dunlap, and Alexandros Kapravelos, February 2024.
Best Paper, 2022 Best Paper Award from IEEE Security & Privacy Magazine by the IEEE Computer Society Publications Board, with co-author Laurie Williams
Carla Savage Award for Professors, October 2022, Department of Computer Science, NC State University
Best Student Paper, 2022 ACM Symposium on Access Control Models and Technologies (SACMAT), with co-authors Iffat Anjum, Daniel Kostecki, Ethan Leba, Jessica Sokal, Rajit Bharambe, Cristina Nita-Rotaru, and Bradley Reaves, June 2022.
SIGOPS Hall of Fame Award, with co-authors Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth, November 2020.
Carla Savage Award for Associate Professors, October 2020, Department of Computer Science, NC State University
Best Paper, 12th ACM Conference on Security and Privacy in Wireless and Mobile Networks, with co-authors TJ OConnor and Brad Reaves, May 2019.
Distinguished Paper, ACM Asia Conference on Computer and Communications Security (ASIACCS), with Ruowen Wang, Ahmed M. Azab, Ninghui Li, Peng Ning, Xun Chen, Wenbo Shen, and Yueqiang Cheng, April 2017.
Most Receptive Graduate Professor Outside of the Classroom Award, Department of Computer Science, North Carolina State University, 2016
Best Paper, 6th ACM Conference on Security and Privacy in Wireless and Mobile Networks, with co-authors Saurabh Chakradeo, Brad Reaves, and Patrick Traynor, April 2013.
National Science Foundation Faculty Early Career Development Award (CAREER), 2013.
CGS/ProQuest Distinguished Dissertation Award Nominee, 2012.
Alumni Association Dissertation Award, Pennsylvania State University, 2010-2011.
Graduate Research Assistant Award, Department of Computer Science and Engineering, The Pennsylvania State University, April 2010.
Best Paper, 25th Annual Computer Security Applications Conference, with co-authors Machigar Ongtang, Stephen McLaughlin, and Patrick McDaniel, December 2009.
Google Security and Product Safety Acknowledgement, in recognition of efforts in improving the security of the Google Android cellular phone operating system.
USENIX Student Travel Awards, USENIX Security, 2007; USENIX Security, 2008; USENIX OSDI, 2010.
ACM Student Travel Award, ACM CCS, 2009.
National Science Foundation Graduate Research Fellowship, Honorable Mention, 2006.
H. Thomas and Dorothy Willits Hallowell Scholarship, Pennsylvania State University, 2003.
Chris Mader Scholarship, Pennsylvania State University, 2002.
Lockheed Martin Engineering Scholars Award, Pennsylvania State University, 2002.
Richard A. McQuade Memorial Scholarship, Pennsylvania State University, 2001.

Affiliations

The Association for Computing Machinery (ACM)
The Institute of Electrical and Electronics Engineers (IEEE)
USENIX Advanced Computing Systems Association (USENIX)
Information Systems Security Association (ISSA)

Professional Activities

University Service

NCSU Institutional Review Board (IRB) Full Board Member: 2018-2020, 2020-2023
Chair faculty search (sub-)committee for security: 2014, 2015, 2016, 2017, 2018, 2022, 2023
Focus group lead for NCSU CSC security courses: 2018-present
Chair of NCSU CSC Departmental BPC Plan task force: 2021-2022
Point of Contact (PoC), NSA Center of Academic Excellence in Research (CAE-R): 2014-present

Professional Societies

Vice President, USENIX Association Board of Directors: 2024-2026
Secretary, USENIX Association Board of Directors: 2022-2024
Director at Large, USENIX Association Board of Directors: 2020-2022
Board Member (USENIX Representative), Computer Research Association (CRA) Board of Directors: 2024-present

Journal Editorial Positions

Associate Editor: ACM Transactions on Privacy and Security (TOPS), 2020-2024.
Associate Editor: ACM Transactions on Internet Technology (TOIT), 2015-2020.
Department Editor: IEEE Security and Privacy Magazine, 2016-2023.
Guest Editor: Special issue on the 2018 USENIX Security Symposium, IEEE Security and Privacy Magazine, 2019.
Guest Editor: Special issue on Security and Privacy in Mobile Platforms, IEEE Transactions on Dependable and Secure Computing (TDSC), 2013.

Conference and Workshop Organization

Steering Committee: USENIX Security Symposium, 2019-present.
Steering Committee: ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2016-2021.
Steering Committee: ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2014-2016.
PC co-Chair: IEEE Symposium on Security and Privacy (S&P), 2024, 2025.
Program co-Chair: CAE-R CoP Research Symposium, 2023.
Program co-Chair: NSF Secure and Trustworthy Cyberspace Principal Investigators' Meeting (SaTC PI Meeting), 2022.
PC co-Chair: USENIX Security Symposium, 2018.
PC co-Chair: ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2011, 2012.
PC co-Chair: ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2016.
PC co-Chair: USENIX Workshop on Offensive Technologies (WOOT), 2017.
Student PC Chair: IEEE Symposium on Security and Privacy (S&P), 2017.
Shadow PC co-Chair: ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2017.
General Chair: ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2013.
Poster Session Chair: USENIX Security Symposium, 2013.
Poster PC Member: ACM Conference on Computer and Communications Security (CCS), 2011, 2013.

Technical Program Committees (total = 118)

ACM Conference on Computer and Communications Security (CCS): 2014, 2015, 2016.
IEEE Symposium on Security and Privacy (S&P): 2012, 2013, 2014, 2023.
ISOC Network and Distributed System Security Symposium (NDSS): 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021.
USENIX Security Symposium: 2011, 2012, 2013, 2015, 2017, 2019, 2020, 2021, 2022, 2023.
ACM CCS Workshop on IoT Security and Privacy: 2017.
ACM ASIA Conference on Computer and Communications Security (ASIACCS): 2017, 2021, 2022.
ACM Conference on Data and Application Security and Privacy (CODASPY): 2013, 2014, 2015, 2016.
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec): 2013, 2015, 2017, 2019, 2020, 2021, 2022, 2023.
ACM CCS Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED): 2022, 2023.
ACM Symposium on Access Control Models and Technology (SACMAT): 2020, 2021, 2022.
Annual Computer Security Applications Conference (ACSAC): 2013, 2014, 2015, 2019, 2020.
CoronaDef Workshop: 2021.
AsiaCCS Workshop on Security in Embedded Systems and Smartphones (SESP): 2013.
DFRWS Annual Digital Forensics Conference: 2012, 2013, 2014, 2015.
Financial Cryptography and Data Security (FC): 2013, 2014, 2015, 2019, 2020, 2021.
ICDE Workshop on Secure Data Management on Smartphones and Mobiles: 2012.
IEEE LCN Workshop on Security in Communications Networks (SICK): 2012.
Information Security Conference (ISC): 2009.
Innovations in Mobile Privacy and Security (IMPS): 2016, 2017.
International Conference on Information Security and Assurance (ISA): 2009.
International Conference on Information Systems Security (ICISS): 2007, 2012, 2013, 2014, 2015.
International Conference on Information Technology (ICIT): 2009.
International Conference on Internet Monitoring and Protection (ICIMP): 2009, 2010, 2011, 2012, 2013.
International Conference on Mobile Systems, Applications, and Services (MobiSys): 2014.
International Conference on Parallel and Distributed Systems (ICPADS): 2013.
International Conference on Privacy and Security in Mobile Systems (PRISMS): 2013.
International Conference on Trust and Trustworthy Computing (TRUST): 2013.
International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec): 2012.
International Symposium on Engineering Secure Software and Systems (ESSoS): 2017.
International Symposium on Research in Attacks, Intrusions and Defenses (RAID): 2015, 2016.
International Workshop on Ethics in Computer Security (EthiCS): 2022.
International Workshop on Secure Internet of Things (SIoT): 2016, 2017, 2019.
International Workshop on Security (IWSEC): 2010, 2011.
International Workshop on Trustworthy Embedded Devices (TrustED): 2011, 2012, 2013.
International World Wide Web Conference (WWW): 2012, 2016, 2019.
Mobile Security Technologies Workshop (MoST): 2014, 2015.
New Security Paradigms Workshop (NSPW): 2012, 2013.
Privacy Enhancing Technologies Symposium (PETS): 2015, 2016.
Symposium and Bootcamp on the Science of Security (HotSoS): 2014, 2015, 2017, 2019, 2023.
Symposium on Usable Privacy and Security (SOUPS): 2015.
USENIX Workshop on Hot Topics in Security (HotSec): 2012.
USENIX Workshop on Offensive Technologies (WOOT): 2016, 2018.
Workshop on Cyber Security Experimentation and Test (CSET): 2016, 2019.

Reviewer

Reviewer (Journal and Book): ACM Computing Surveys, 2009, 2011, 2015; ACM Transactions on Information and System Security (TISSEC), 2008, 2011, 2015; ACM Transactions on Computer Systems (TOCS), 2019; ACM Transactions on Internet Technology (TOIT), 2006, 2009, 2010; ACM Transactions on Mobile Computing (TMC), 2012, 2013, 2017; ACM Transactions on Privacy and Security (TOPS), 2016, 2019, 2020, 2022; Handbook of Computer Networks, 2006; IBM Journal of Research and Development, 2013; IEEE Communications Letters, 2008, 2009; Elsevier Computers & Security (COSE), ; IEEE Intenet Computing, 2016; IEEE Security and Privacy Magazine, 2010, 2013, 2014; IEEE Transactions on Computers (TC), 2009; IEEE Transactions on Paralllel and Distributed Systems (TPDS), 2012, 2013; IEEE Transactions on Information Forensics and Security (TIFS), 2012, 2015, 2017; IEEE Transactions on Paralllel and Distributed Systems (TPDS), 2014; ACM Transactions on Sensor Networks (TOSN), 2019; IEEE Transactions on Software Engineering (TSE), 2007, 2010, 2017, 2018; International Journal of Information Security, 2013; Journal of Autonomic and Trusted Computing (JoATC), 2006; Security and Communication Networks (SCN), 2011, 2014; Software: Practice and Experience (SPE), 2013; Transactions on Computational Science (Springer-Verlag), 2010;

Public Speaking

Invited Talks

Enhancing Vulnerability Information Using Automated Analysis, East Carolina University (ECU), Greenville, NC (virtual), March, 2023.
Keynote - Reflections on a Decade of Mobile Security Research, ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), San Antonio, TX, May, 2022.
Analysis of Access Control Enforcement in Android, The Ohio State University, Columbus, OH (virtual), November, 2020.
Keynote - Analysis of Access Control Enforcement in Android, ACM Symposium on Access Control Models and Technologies (SACMAT), Barcelona, Spain (virtual), June, 2020.
Identifying File Re-Delegation in Android System Services, Google ASPIRE Summit, Mountain View, CA, February, 2020.
Analysis of Access Control Enforcement in Android, Triangle Area Privacy and Security Day (TAPS), Durham, NC, October, 2019.
Risks Emerging as Innovation Moves Towards Greater use of 'Smart' Devices, Looking Around the Corner: Emerging Risks and ERM Practices, Raleigh, NC, October, 2019.
Analysis of Access Control Enforcement in Android, College of William and Mary, Williamsburg, VA, September, 2019.
Cybersecurity in an Academic Environment, North Carolina Cyber Executive Summit, Raleigh, NC, September, 2019.
Analysis of iOS Access Control Policy, King's College London (KCL), London, UK, March, 2019.
Analysis of iOS Access Control Policy, CyberSecurity@KAIST International Workshop, Daejeon, Korea, June, 2018.
Using Text Analytics to Enhance Security Analysis of Mobile Applications, ACM ASIACCS 2018, Incheon, Korea, June, 2018.
Using Text Analytics to Enhance Security Analysis of Mobile Applications, University of North Carolina Charlotte (UNCC), Charlotte, NC, January, 2018.
HONEYSCOPE: IoT Device Protection with Deceptive Network Views, ARO Workshop on HoneyThings: Autonomous and Resilient Cyber Deception, Charlotte, NC, January, 2018.
Analysis of iOS Access Control Policy, BSides Raleigh, Raleigh, NC, October, 2017.
Mobile Security, Umicore USA Inc., Raleigh, NC, September, 2017.
Using Text Analytics to Enhance Security Analysis of Mobile Applications, ETH Zurich, Zurich, Switzerland, July, 2017.
Towards Practical Information Flow Control in Modern Operating Systems, University of Florida, Gainesville, FL, June, 2016.
Towards Practical Information Flow Control in Modern Operating Systems, Royal Holloway, University of London, Egham, Surrey, UK, April, 2016.
Android Security Modules, Qualcomm Mobile Security Summit, San Diego, CA, April, 2015.
Access Control in Modern Operating Systems, TU Darmstadt, Darmstadt, Germany, November, 2013.
WHYPER: Towards Automating Risk Assessment of Mobile Applications, IBM, Research Triangle Park, NC, October, 2013.
Smartphone Security, Qualcomm, Santa Clara, CA, May, 2013.
Smartphone Security: Concerns and Defenses, The US Department of Justice and US Department of State West African Cybersecurity and Cybercrime Workshop, Accra, Ghana, January, 2013.
Smartphone Security: Concerns and Defenses, Black Data Processing Associates (BDPA), Triangle Chapter, RTP, NC, November, 2012.
Defending Users Against Smartphone Apps: Techniques and Future Directions, University of North Carolina, Chapel Hill, Chapel Hill, NC, November, 2012.
Defending Users Against Smartphone Apps: Techniques and Future Directions, Purdue University, West Lafayette, IN, September, 2012.
Smartphone Security: Concerns and Defenses, The US Department of Justice and US Department of State West African Cybersecurity and Cybercrime Workshop, Dakar, Senegal, September, 2012.
Analysis Techniques for Mobile Operating System Security, State of North Carolina OITS Security Liaisons Meeting, Raleigh, NC, June, 2012.
Defending Users Against Smartphone Apps: Techniques and Future Directions, University of Washington, Seattle, WA, April, 2012.
Analysis Techniques for Mobile Operating System Security, Raleigh ISSA Chapter, Raleigh, NC, April, 2012.
Defending Users Against Smartphone Apps: Techniques and Future Directions, Keynote - International Conference on Information Systems Security (ICISS), Kolkata, India, December, 2012.
Analysis Techniques for Mobile Operating System Security, Georgetown University, Washington, DC, March, 2011.
Analysis Techniques for Mobile Operating System Security, University of Southern California, Los Angeles, CA, February, 2011.
Analysis Techniques for Mobile Operating System Security, University of Maryland, College Park, MD, February, 2011.
Analysis Techniques for Mobile Operating System Security, Naval Postgraduate School, Monterey, CA, February, 2011.
Analysis Techniques for Mobile Operating System Security, Polytechnic Institute of New York University, New York, NY, January, 2011.
Analysis Techniques for Mobile Operating System Security, Carleton University, Ottawa, ON, Canada, January, 2011.
Analysis Techniques for Mobile Operating System Security, North Carolina State University, Raleigh, NC, November, 2010.
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, University of Pennsylvania, Philadelphia, PA, October, 2010.
Enhanced Security Policy Frameworks for Android, Carleton University, Ottawa, ON, CA, March, 2010.
On Lightweight Mobile Phone Certification, University of Delaware, Newark, DE, March, 2010.
On Lightweight Mobile Phone Certification, University of Notre Dame, South Bend, IN, October, 2009.
Understanding Android's Security Framework, University of Washington, Seattle, WA, July, 2009.
Understanding Android's Security Framework, Georgia Institute of Technology, Atlanta, GA, January, 2009.

Presentations

Expectation Context, Google Security Research Summit, Mountain View, CA, March, 2015.
Enhancing the Security and Access Control of Modern Operating Systems, NSF SaTC PI Meeting, Arlington, VA, January, 2015.
A Study of Android Application Security, 20th USENIX Security Symposium, San Francisco, CA, August, 2011.
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Vancouver, BC, Canada, October, 2010.
On Lightweight Mobile Phone Certification, 16th ACM Conference on Computer and Communications Security (CCS), Chicago, IL, November, 2009.
Lightweight Information Tracking for Mobile Phones, 18th USENIX Security Symposium, Works in Progress Session, Montreal, QC, CA, August, 2009.
Defending Against Attacks on Main Memory Persistence, 24th Annual Computer Security Applications Conference (ACSAC), Anaheim, CA, December, 2008.
PinUP: Pinning User Files to Known Applications, 24th Annual Computer Security Applications Conference (ACSAC), Anaheim, CA, December, 2008.
PinUP: Pinning User Files to Known Applications, 17th USENIX Security Symposium, Poster Session, San Jose, CA, August, 2008.
Systematic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST, USENIX/ACCURATE Electronic Voting Technology Workshop, San Jose, CA, July, 2008.
Protecting User Files by Reducing Application Access, 16th USENIX Security Symposium, Works in Progress Session, Boston, MA, August, 2007.
PRESTO: A tool for Configuration Management at a Massive Scale, USENIX Annual Technical Conference, Santa Clara, CA, June, 2007.
PRESTO: A tool for Configuration Management at a Massive Scale, Workshop on Programmable Routers for the Extensible Services of TOmorrow (PRESTO), Princeton, NJ, May, 2007.
Mitigating DoS Through Basic TPM Operations, 14th USENIX Security Symposium, Works in Progress Session, Baltimore, MD, August, 2005.

Tutorials

Intro to Securing Android Applications, Raleigh Chapter of ISSA, Raleigh, NC, December, 2014.
Text Analysis for Security, ACM Conference on Computer and Communications Security (CCS), Scottsdale, AZ, November, 2014.
Intro to Developing Android Applications, Raleigh Chapter of ISSA, Raleigh, NC, October, 2014.
Understanding Android's Security Framework, 15th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October, 2008.

Panels

CSAM 2020: Google Security Panel, NC State University, Raleigh, NC, October, 2020.
A Conversation on Cybersecurity, PNC Thought Leadership Series, Raleigh, NC, April, 2019.
Cyber Security Challenges, Trends and Research & Development Focus Areas, Southeast Region Cyber Security & Technology Symposium, Chapel Hill, NC, August, 2017.
Why-oT: What are the real security challenges in IoT? (Moderator), ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), Boston, MA, July, 2017.
Experimental Testbeds for Mobile Devices and Large-scale Testing on Mobile Devices, Workshop on Cyber Security Experimentation and Test (CSET), co-located with the USENIX Security Symposium, Washington, DC, August, 2015.
Building Security into Modern Mobile Platforms, Federal Trade Commission (FTC) public forum on Mobile Security: Potential Threats and Solutions, Washington D.C., June, 2013 (link).
Mobile Security Issues, The US Department of Justice and US Department of State West African Cybersecurity and Cybercrime Workshop, Accra, Ghana, January, 2013.
Mobile Security Issues, The US Department of Justice and US Department of State West African Cybersecurity and Cybercrime Workshop, Dakar Senegal, September, 2012.