Department of Electrical Engineering and Computer Science
Syracuse University

Wenliang (Kevin) Du

Professor (CV)
Ph.D. Purdue University, 2001
Research: Computer Security

Department of Electrical Engineering and Computer Science
Syracuse University
4-206 Center for Science and Technology
Syracuse, NY 13244-4100
   Purdue | CERIAS | USTC | 8800
Email: wedu@syr.edu
Phone: (315) 443-9180
Office: 4-285 Sci-Tech Building


  • Recent Papers and News (Full List)

    • Yousra Aafer, Nan Zhang, Zhongwen Zhang, Xiao Zhang, Kai Chen, XiaoFeng Wang, Xiaoyong Zhou, Wenliang Du, and Michael Grace. Hare Hunting in the Wild Android: A Study on the Threat of Hanging Attribute References. To appear in the 22nd ACM Conference on Computer and Communications Security (CCS), Denver, Colorado, USA. October 12-16, 2015.
    • Paul Ratazzi, Ashok Bommisetti, Nian Ji, and Wenliang Du. PINPOINT: Efficient and Effective Resource Isolation for Mobile Security and Privacy. In Proceedings of the Mobile Security Technologies (MoST) workshop, May 21, 2015.
    • Xing Jin, Xunchao Hu, Kailiang Ying, Wenliang Du, Heng Yin and Gautam Nagesh Peri. Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation. To appear in Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS), Scottsdale, Arizona, USA. November 3 - 7, 2014.
    • We have discovered a new type of attacks that can be launched against HTML5-based mobile apps. This attack can be launched from a variety of channels. See details from this web site and our paper: Code Injection Attacks on HTML5-based Mobile Apps. A shortened version of this paper appears in Proceedings of the Mobile Security Technologies (MoST) workshop, May 16, 2014.
    • Our paper, published in CCS'03, won the prestigious ACM CCS Test-of-Time Award in October 2013.

  • Grants and Awards

    • Spreading SEEDs: Large-Scale Dissemination of Hands-on Labs for Security Education. (NSF, $827,385, 09/2014 - 08/2018, PI. Award No. 1303306).
    • Develop Fine-Grained Access Control for Third-Party Components in Mobile Systems. (NSF SaTC, $521,562, 08/2013 - 07/2016, PI. Award No. 1318814).
    • Collaborative: Bolstering Security Education through Transiting Research on Browser Security. (NSF SaTC, $89,878, 09/2013 - 09/2015, PI. Award No. 1318883).
    • 2014 Deans's Award for Excellence in Engineering Education, May 2014.
    • 2013 Faculty Excellence Award from L.C.Smith College of Engineering and Computer Science (including a $20,000 research fund).
    • Security-Enhanced WebView for Android System (Google Research Award, $49,387, 01/2012 - 12/2012, PI). This project is primarily based on my Ph.D. student Tongbo Luo's work.
    • To Configure or to Implement, that is the Access Control Question for Web Applications (NSF Trustworthy Computing, $506,470, 09/2010 - 08/2013, PI. Award No. 1017771).
    • SEED: Developing Instructional Laboratories for Computer SEcurity EDucation (NSF-CCLI, Type 2, $451,682, 01/2007-12/2011, PI. Award No. 0618680).
    • Applied Research - Identity Management (JPMorgan Chase, $96,084, 1/08 - 8/08).
    • Efficient and Resilient Key Management for Wireless Sensor Networks (ARO, $360,000, 5/05-4/08, PI).
    • Collaborative Research: Trustworthy and Resilient Location Discovery in Wireless Sensor Networks (NSF CyberTrust, $150,000, 9/04-8/07, PI).
    • Collaborative Research: ITR: Distributed Data Mining to Protect Information Privacy (NSF-ITR, $140,418, 8/03-7/06, PI).
    • Private Prediction using Selective Models (NSF-ITR, $220,000, 9/02-8/05, PI).
    • Designing Laboratory Materials for Computer System Security Courses Using Minix Instructional Operating System (NSF-CCLI, Type 1, $74,984, 01/03-12/04, PI).
    • VINE: Using VIrtual Network Environment for Computer and Network Security Courses (University Vision Fund, $5000, 01/03-12/03, PI).


  • Recent Program Committees

    • CCS (2007-2009, 2013-2014): The ACM Conference on Computer and Communication Security.
    • ESORICS (2009 - 2014): European Symposium on Research in Computer Security.
    • NDSS (2013): Annual Network & Distributed System Security Symposium.
    • ICDCS (2008 - 2012): The Internationl Conference on Distributed Computing Systems (Privacy & Security track).
    • ASIACCS (2006, 2013): ACM Symposium on InformAtion, Computer and Communications Security.