PDF Version

William Harold Enck

Associate Professor • Department of Computer Science • North Carolina State University
Director, Wolfpack Security and Privacy Research (WSPR) Laboratory
co-Director, Secure Computing Institute (SCI)
Email: whenck@ncsu.edu • Homepage: https://enck.org

Education

Pennsylvania State University, University Park, PA
Ph.D., Computer Science and Engineering, May 2011
Thesis: Analysis Techniques for Mobile Operating System Security
Advisor: Dr. Patrick McDaniel

Pennsylvania State University, University Park, PA
M.S., Computer Science and Engineering, May 2006
Thesis: Analysis of Open-Functionality in SMS-Capable Cellular Networks
Advisor: Dr. Patrick McDaniel

Pennsylvania State University, University Park, PA
B.S., Computer Engineering, May 2004
Thesis: Study of Adaptive Routing Algorithms for NoC Architectures
Advisor: Dr. Chita R. Das

Academic and Research Appointments

2016-presentAssociate Professor
Department of Computer Science, North Carolina State University
2019-presentco-Director
Secure Computing Institute, North Carolina State University
2011-2016Assistant Professor
Department of Computer Science, North Carolina State University
2005-2011Research Assistant
Computer Science and Engineering, Pennsylvania State University
Jan 2009 - Aug 2010Lead Graduate Student
Systems and Internet Infrastructure Security (SIIS) Laboratory, Pennsylvania State University
Spring 2009co-Instructor, CSC597a: Mobile Phone Security
Computer Science and Engineering, Pennsylvania State University
Summer 2007Instructor, EE/CSE458: Communications Networks
Computer Science and Engineering, Pennsylvania State University
Spring 2005Teaching Assistant, CSE473: Microcomputer Laboratory
Computer Science and Engineering, Pennsylvania State University

Industrial Experience

Summer 2009Research Intern
Intel Labs, Seattle, WA
Summer 2006Research Intern
AT&T Research, Florham Park, NJ
Summer 2003Summer Intern
IBM Corp., Poughkeepsie, NY
Summers 2000-2002, 2004Systems Administrator
Lebanon MobileFone Inc., Lebanon, PA

Selected Publications

  1. Luke Deshotels, Costin Carabas, Jordan Beichler, Razvan Deaconescu, and William Enck, Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS, in Proceedings of the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, 2020, pp. 1056–1070.
    [PDF] (acceptance rate=12.3%)
  2. Benjamin Andow, Samin Yaseer Mahmud, Wenyu Wang, Justin Whitaker, William Enck, Bradley Reaves, Kapil Singh, and Tao Xie, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, in Proceedings of the USENIX Security Symposium, Santa Clara, CA, 2019, pp. 585–602.
    [PDF] (acceptance rate=16%)
  3. Luke Deshotels, Razvan Deaconescu, Mihai Chiroiu, Lucas Davi, William Enck, and Ahmad-Reza Sadeghi, SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles, in Proceedings of the ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, 2016.
    [PDF] (acceptance rate=16.5%)
  4. Adwait Nadkarni, Benjamin Andow, William Enck, and Somesh Jha, Practical DIFC Enforcement on Android, in Proceedings of the USENIX Security Symposium, Austin, TX, 2016.
    [PDF] (acceptance rate=15.6%)
  5. Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed Azab, EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning, in Proceedings of the USENIX Security Symposium, Washington, DC, 2015.
    [PDF] (acceptance rate=15.7%)
  6. Stephan Heuser, Adwait Nadkarni, William Enck, and Ahmad-Reza Sadeghi, ASM: A Programmable Interface for Extending Android Security, in Proceedings of the USENIX Security Symposium, San Diego, CA, 2014.
    [PDF] (acceptance rate=19.1%) (supercedes TUD-CS-2014-0063)
  7. Adwait Nadkarni and William Enck, Preventing Accidental Data Disclosure in Modern Operating Systems, in Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, 2013.
    [PDF] (acceptance rate=19.8%)
  8. Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie, WHYPER: Towards Automating Risk Assessment of Mobile Applications, in Proceedings of the USENIX Security Symposium, Washington, D.C., 2013.
    [PDF] (acceptance rate=16.2%)
  9. William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri, A Study of Android Application Security, in Proceedings of the 20th USENIX Security Symposium, San Francisco, CA, 2011.
    [PDF] (acceptance rate=17.2%) (supercedes NAS-0144)
  10. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, in Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Vancouver, BC, 2010.
    [PDF] (acceptance rate=16.1%) (supercedes NAS-0120)

Student Advising

Current PhD Students
Current PhD Committees
Current Masters Committees
Past PhD Students
Past Masters Students
Past PhD Committees
Past Masters Committees

Honors

Affiliations

Professional Activities

University Service

Professional Societies

Journal Editorial Positions

Conference and Workshop Organization

Technical Program Committees (total = 107)

Reviewer

Reviewer (Journal and Book): ACM Computing Surveys, 2009, 2011, 2015; ACM Transactions on Information and System Security (TISSEC), 2008, 2011, 2015; ACM Transactions on Computer Systems (TOCS), 2019; ACM Transactions on Internet Technology (TOIT), 2006, 2009, 2010; ACM Transactions on Mobile Computing (TMC), 2012, 2013, 2017; ACM Transactions on Privacy and Security (TOPS), 2016, 2019, 2020; Handbook of Computer Networks, 2006; IBM Journal of Research and Development, 2013; IEEE Communications Letters, 2008, 2009; Elsevier Computers & Security (COSE), ; IEEE Intenet Computing, 2016; IEEE Security and Privacy Magazine, 2010, 2013, 2014; IEEE Transactions on Computers (TC), 2009; IEEE Transactions on Paralllel and Distributed Systems (TPDS), 2012, 2013; IEEE Transactions on Information Forensics and Security (TIFS), 2012, 2015, 2017; IEEE Transactions on Paralllel and Distributed Systems (TPDS), 2014; ACM Transactions on Sensor Networks (TOSN), 2019; IEEE Transactions on Software Engineering (TSE), 2007, 2010, 2017, 2018; International Journal of Information Security, 2013; Journal of Autonomic and Trusted Computing (JoATC), 2006; Security and Communication Networks (SCN), 2011, 2014; Software: Practice and Experience (SPE), 2013; Transactions on Computational Science (Springer-Verlag), 2010;

Reviewer (Conference and Workshop): ACM Conference on Computer and Communications Security (CCS), 2008, 2010, 2011, 2012, 2013; IEEE Symposium on Security and Privacy (Oakland), 2007, 2008, 2011; ISOC Network and Distributed System Security Symposium (NDSS), 2007, 2009; USENIX Security Symposium, 2006, 2007, 2008, 2009; ACM Computer Security Architecture Workshop (CSAW), 2008; ACM Symposium on Access Control Models and Technology (SACMAT), 2006, 2008, 2009; Annual Computer Security Applications Conference (ACSAC), 2005, 2006, 2007, 2009, 2010, 2012; European Symposium on Research in Computer Security (ESORICS), 2005; Financial Cryptography and Data Security (FC), 2007; IEEE Computer Security Foundations Symposium (CSF), 2011; IEEE Conference on Computer Communications (Infocom), 2007; International Conference on Availability, Reliability and Security (ARES), 2009; International Conference on Distributed Computing Systems (ICDCS), 2008; International Conference on Emerging Trends in Information and Communications Security (ETRICS), 2006; International Conference on Information Systems Security (ICISS), 2006, 2008; International Conference on Mobile Computing and Networking (MobiCom), 2011, 2014; International Conference on Mobile Systems, Applications, and Services (MobiSys), 2012; International ICST Conference on Security and Privacy in Communication Networks (SecureComm), 2011; International Workshop on Security (IWSEC), 2006, 2007; International World Wide Web Conference (WWW), 2010; USENIX Annual Technical Conference, 2010; USENIX Workshop on Hot Topics in Security (HotSec), 2008, 2010; Workshop on Virtual Machine Security (VMSec), 2008;

Public Speaking

Invited Talks

Presentations

Tutorials

Panels