Department of Electrical Engineering and Computer Science
Syracuse University

Wenliang (Kevin) Du

Professor (CV)
Ph.D. Purdue University, 2001
Research: Computer Security

Department of Electrical Engineering and Computer Science
Syracuse University
4-206 Center for Science and Technology
Syracuse, NY 13244-4100

Phone: (315) 443-9180
Office: 4-285 Sci-Tech Building

  • Recent Papers and News (Full List)

    • Carter Yagemann and Wenliang Du. Intentio Ex Machina: Android Intent Access Control via an Extensible Application Hook. To appear in Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS'16). Heraklion, Crete, Greece. September 26-30, 2016.
    • Xiao Zhang, Yousra Aafer, Kailiang Ying and Wenliang Du. Hey, You, Get Off of My Image: Detecting Data Residue in Android Images To appear in Proceedings of the 21st European Symposium on Research in Computer Security (ESORICS'16). Heraklion, Crete, Greece. September 26-30, 2016.
    • Yousra Aafer, Xiao Zhang, and Wenliang Du. Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis In Proceedings of the 25th USENIX Security Symposium (USENIX Security'16), Austin, Texas, USA. August 10-12, 2016.
    • Xiao Zhang, Kailiang Ying, Yousra Aafer, Zhenshen Qiu, and Wenliang Du. Life after App Uninstallation: Are the Data Still Alive? Data Residue Attacks on Android. In Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, California, USA. February 21-24, 2016.
    • [Yousra Aafer, Nan Zhang] co-first author, Zhongwen Zhang, Xiao Zhang, Kai Chen, XiaoFeng Wang, Xiaoyong Zhou, Wenliang Du, and Michael Grace. Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References. In Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), Denver, Colorado, USA. October 12-16, 2015.

  • Grants and Awards

    • Our paper, published in CCS'03, won the prestigious ACM CCS Test-of-Time Award in October 2013.
    • Spreading SEEDs: Large-Scale Dissemination of Hands-on Labs for Security Education. (NSF, $845,385, 09/2014 - 08/2018, PI. Award No. 1303306).
    • Develop Fine-Grained Access Control for Third-Party Components in Mobile Systems. (NSF SaTC, $521,562, 08/2013 - 07/2017, PI. Award No. 1318814).
    • Collaborative: Bolstering Security Education through Transiting Research on Browser Security. (NSF SaTC, $89,878, 09/2013 - 09/2016, PI. Award No. 1318883).
    • 2014 Deans's Award for Excellence in Engineering Education, May 2014.
    • 2013 Faculty Excellence Award from L.C.Smith College of Engineering and Computer Science (including a $20,000 research fund).
    • Security-Enhanced WebView for Android System (Google Research Award, $49,387, 01/2012 - 12/2012, PI). This project is primarily based on my Ph.D. student Tongbo Luo's work.
    • To Configure or to Implement, that is the Access Control Question for Web Applications (NSF Trustworthy Computing, $506,470, 09/2010 - 08/2013, PI. Award No. 1017771).
    • SEED: Developing Instructional Laboratories for Computer SEcurity EDucation (NSF-CCLI, Type 2, $451,682, 01/2007-12/2011, PI. Award No. 0618680).
    • Applied Research - Identity Management (JPMorgan Chase, $96,084, 1/08 - 8/08).
    • Efficient and Resilient Key Management for Wireless Sensor Networks (ARO, $360,000, 5/05-4/08, PI).
    • Collaborative Research: Trustworthy and Resilient Location Discovery in Wireless Sensor Networks (NSF CyberTrust, $150,000, 9/04-8/07, PI).
    • Collaborative Research: ITR: Distributed Data Mining to Protect Information Privacy (NSF-ITR, $140,418, 8/03-7/06, PI).
    • Private Prediction using Selective Models (NSF-ITR, $220,000, 9/02-8/05, PI).
    • Designing Laboratory Materials for Computer System Security Courses Using Minix Instructional Operating System (NSF-CCLI, Type 1, $74,984, 01/03-12/04, PI).
    • VINE: Using VIrtual Network Environment for Computer and Network Security Courses (University Vision Fund, $5000, 01/03-12/03, PI).

  • Recent Invited Talks (Full List)

    • Smartphone Security.
      • Korea Internet & Security Agency (Korea, 6/22/2016)
      • KAIST: Korea Advanced Institute of Science and Technology (Korea, 6/21/2016)
      • National Security Research Institute (Korea, 6/21/2016)
      • Jinan University (China, 10/29/2015)
      • Palo Alto Networks (10/6/2015)
      • Samsung Research America (10/5/2015)
      • Forum on Frontiers of Science and Technology: Software and Network Security (Beijing, 11/13/2014)
      • Indiana University-Purdue University Indianapolis (10/10/2014)
      • University of Michigan-Dearborn (10/3/2014)
      • Temple University (9/26/2014)
      • Virginia Tech (9/5/2014)

  • Recent Program Committees

    • CCS (2007-2009, 2013-2014): The ACM Conference on Computer and Communication Security.
    • ESORICS (2009 - 2014): European Symposium on Research in Computer Security.
    • NDSS (2013): Annual Network & Distributed System Security Symposium.
    • ICDCS (2008 - 2012): The Internationl Conference on Distributed Computing Systems (Privacy & Security track).
    • ASIACCS (2006, 2013): ACM Symposium on InformAtion, Computer and Communications Security.