Recent Papers and News
Yousra Aafer, Xiao Zhang, and Wenliang Du.
Harvesting Inconsistent Security Configurations in Custom
Android ROMs via Differential Analysis
To appear in the 25th USENIX Security Symposium (USENIX Security'16),
Austin, Texas, USA. August 10-12, 2016.
Xiao Zhang, Kailiang Ying, Yousra Aafer, Zhenshen Qiu, and Wenliang Du.
Life after App Uninstallation: Are the Data Still Alive? Data
Residue Attacks on Android.
In Proceedings of the Network and Distributed System Security
Symposium (NDSS), San Diego, California, USA. February 21-24, 2016.
[Yousra Aafer, Nan Zhang] co-first author, Zhongwen Zhang, Xiao Zhang,
Kai Chen, XiaoFeng Wang, Xiaoyong Zhou, Wenliang Du, and Michael Grace.
Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References.
In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS),
Denver, Colorado, USA. October 12-16, 2015.
Paul Ratazzi, Ashok Bommisetti, Nian Ji, and Wenliang Du.
PINPOINT: Efficient and Effective Resource Isolation for Mobile Security and Privacy.
In Proceedings of the Mobile Security Technologies (MoST) workshop, May 21, 2015.
Grants and Awards
published in CCS'03, won the prestigious
ACM CCS Test-of-Time Award in
Spreading SEEDs: Large-Scale Dissemination of Hands-on Labs for Security Education.
$827,385, 09/2014 - 08/2018, PI.
Award No. 1303306).
Develop Fine-Grained Access Control for Third-Party Components in Mobile Systems.
$521,562, 08/2013 - 07/2016, PI.
Award No. 1318814).
Collaborative: Bolstering Security Education through Transiting Research on Browser Security.
$89,878, 09/2013 - 09/2015, PI.
Award No. 1318883).
2014 Deans's Award for Excellence in Engineering Education, May 2014.
- 2013 Faculty Excellence Award from L.C.Smith College of Engineering
and Computer Science (including a $20,000 research fund).
- Security-Enhanced WebView for Android System
(Google Research Award,
$49,387, 01/2012 - 12/2012, PI). This project is primarily based on
my Ph.D. student Tongbo Luo's work.
- To Configure or to Implement, that is the Access Control Question for
Web Applications (NSF Trustworthy Computing,
$506,470, 09/2010 - 08/2013, PI.
Award No. 1017771).
SEED: Developing Instructional Laboratories for Computer
(NSF-CCLI, Type 2, $451,682, 01/2007-12/2011, PI.
Award No. 0618680).
- Applied Research - Identity Management
(JPMorgan Chase, $96,084, 1/08 - 8/08).
- Efficient and Resilient Key Management for
Wireless Sensor Networks (ARO, $360,000, 5/05-4/08, PI).
- Collaborative Research: Trustworthy and Resilient Location Discovery
in Wireless Sensor Networks
(NSF CyberTrust, $150,000, 9/04-8/07, PI).
- Collaborative Research: ITR: Distributed Data Mining to Protect
(NSF-ITR, $140,418, 8/03-7/06, PI).
- Private Prediction using Selective Models
(NSF-ITR, $220,000, 9/02-8/05, PI).
- Designing Laboratory Materials for Computer System Security Courses
Using Minix Instructional Operating System
(NSF-CCLI, Type 1, $74,984, 01/03-12/04, PI).
- VINE: Using VIrtual Network Environment
for Computer and Network Security Courses
(University Vision Fund, $5000, 01/03-12/03, PI).