February 21, 2020: Our paper, Cardpliance: PCI DSS Compliance of Android Applications has been accepted for publication at the 2020 USENIX Security Symposium.

November 30, 2019: Our paper, n-m-Variant Systems: Adversarial-Resistant Software Rejuvenation for Cloud-Based Web Applications, has been accepted for publication at the 2020 ACM Conference on Data and Application Security and Privacy (CODASPY).

November 27, 2019: Our paper, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, has been accepted for publication at the 2020 USENIX Security Symposium.

September 2, 2019: Our paper, Thou Shalt Discuss Security: Quantifying the Impacts of Instructions to RFC Authors, has been accepted for publication at the 2019 Conference on Security Standards Research (SSR).

May 24, 2019: Our paper, PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play, has been accepted for publication at the 2019 USENIX Security Symposium.

May 16, 2019: We were awarded Best Paper at ACM WiSec 2019 for our paper, Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things.

April 30, 2019: Our paper, Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS, has been accepted for publication at the 2020 IEEE Symposium on Security and Privacy (S&P).

March 5, 2019: Our paper, HomeSnitch: Behavior Transparency and Control for Smart Home IoT Devices, has been accepted for publication at the 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

March 5, 2019: Our paper, ARF: Identifying Re-Delegation Vulnerabilities in Android System Services, has been accepted for publication at the 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

March 5, 2019: Our paper, Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things, has been accepted for publication at the 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

March 5, 2019: Our short paper, Hestia: Simple Least Privilege Network Policies for Smart Homes, has been accepted for publication at the 2019 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

November 27, 2018: Our paper, ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware, has been accepted for publication at the 2019 ACM Conference on Data and Application Security and Privacy (CODASPY).

March 2, 2018: Our paper, iOracle: Automated Evaluation of Access Control Policies in iOS, has been accepted for publication at the 2018 ACM Asia Conference on Computer and Communications Security (ASIACCS).

January 18, 2018: Our paper, PivotWall: SDN-Based Information Flow Control, has been accepted for publication at the 2018 ACM Symposium on SDN Research (SOSR).

August 19, 2017: Our paper, Analysis of SEAndroid Policies: Combining MAC and DAC in Android, has been accepted for publication at the 2017 Annual Computer Security Applications Conference (ACSAC).

May 2, 2017: Our paper, UiRef: Analysis of Sensitive User Inputs in Android Applications, has been accepted for publication at the 2017 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

April 4, 2017: We received a Distinguished Paper Award for our paper, SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android at ASIACCS 2017.

February 15, 2017: Congratulations to PhD student, Adwait Nadkarni, for passing his final disseratation defense.

February 6, 2017: Our paper, Sublinear Zero-Knowledge Arguments for RAM Programs, has been accepted for publication in the 36th Annual Eurocrypt Conference (Eurocrypt 2017) .

January 25, 2017: Our paper, SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android, has been accepted for publication at the 2017 ACM Asia Conference on Computer and Communications Security (ASIACCS).

December 12, 2016: Our paper, A Study of Security Vulnerabilties on Docker Hub, has been accepted for publication at the 2017 ACM Conference on Data and Application Security and Privacy (CODASPY).

November 17, 2016: Congratulations to Masters student, Akash Verma, for passing his masters defense.

October 22, 2016: Our paper, TumbleBit: An Untrusted Tumbler for Bitcoin-Compatible Anonymous Payments, has been accepted for publication in the Network and Distributed System Security Symposium (NDSS) 2017 .

August 24, 2016: Our paper, *droid: Assessment and Evaluation of Android Application Analysis Tools, has been accepted for publication in ACM Computing Surveys (CSUR).

August 19, 2016: Our paper, Phonion: Practical Protection of Metadata in Telephony Networks, has been accepted for publication in Proceedings on Privacy Enhancing Technologies (PoPETS).

August 16, 2016: Our paper, NIZKs with an Untrusted CRS: Security in the Face of Parameter Subversion, has been accepted for publication in ASIACRYPT 2016.

August 10, 2016: Our paper, A Study of Security Isolation Techniques, has been accepted for publication in ACM Computing Surveys (CSUR).

July 24, 2016: Our paper, SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles, has been accepted for publication at the 2016 ACM Conference on Computer and Communications Security (CCS).

July 1, 2016: Our paper, Preventing Kernel Code-Reuse Attacks Through Disclosure Resistant Code Diversification, has been accepted for publication at the 2016 IEEE Conference on Communications and Network Security (CNS).

May 16, 2016: Our paper, Practical DIFC Enforcement on Android, has been accepted for publication at the 2016 USENIX Security Symposium.

March 22, 2016: Congratulations to PhD student, Ruowen Wang, for passing his final disseratation defense.

March 10, 2016: Our paper, Code-Stop: Code-Reuse Prevention By Context-Aware Traffic Proxying, has been accepted for publication at the 2016 International Conference on Internet Monitoring and Protection (ICIMP).

March 7, 2016: Our paper, A Study of Grayware on Google Play, has been accepted for publication at the 2016 IEEE Mobile Security Technologies workshot (MoST).

January 26, 2016: Congratulations to PhD student, Adwait Nadkarni, for passing his oral preliminary exam.

December 1, 2015: Congratulations to PhD student, Russell Meredith, for passing his written qualifier.

September 28, 2015: Congratulations to PhD student, T.J. O'Connor, for passing his written qualifier.

September 21, 2015: Congratulations to PhD student, Sigmund Gorski, for passing his written qualifier.

August 31, 2015: Dr. William Enck's NSF SaTC grant, TWC: Medium: Collaborative: Improving Mobile-Application Security via Text Analytics, has been awarded. The grant is in collaboration with Tao Xie, Carl Gunter, and ChengXiang Zhai at UIUC.

May 12, 2015: Our paper, EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning, has been accepted for publication at the 2015 USENIX Security Symposium.

April 14, 2015: Our paper, Automatic Server Hang Bug Diagnosis: Feasible Reality or Pipe Dream?, has been accepted for publication at the IEEE International Conference on Autonomic Computing (ICAC).

March 20, 2015: Congratulations to PhD student, Jason Gionta, for successfully defending his dissertation. Jason is co-advised by Dr. William Enck and Dr. Peng Ning.

December 18, 2014: Our paper, AppContext: Differentiating Malicious and Benign Mobile App Behavior Under Contexts, has been accepted for publication at the 2015 International Conference on Software Engineering (ICSE).

December 4, 2014: Dr. William Enck gave a tutorial entitled "Intro to Securing Android Applications" to the Raleigh Chapter of ISSA.

November 25, 2014: Our paper, HideM: Protecting the Contents of Userspace Memory in the Face of Disclosure Vulnerabilities, has been accepted for publication at the 2015 ACM Conference on Data and Application Security and Privacy (CODASPY).

November 5, 2014: Dr. William Enck gave a tutorial entitled "Text Analytics for Security" along with Tao Xie at ACM CCS 2014.

October 2, 2014: Dr. William Enck gave a tutorial entitled "Intro to Developing Android Applications" to the Raleigh Chapter of ISSA.

August 25th, 2014: Dr. William Enck was awarded $49,726 by ARO for my proposal entitled "Refining Security for Smartphone Applications."

August 22, 2014: Stephan Heuser presented our ASM paper at USENIX Security'14. Check out the press release and the ASM website.

August 15, 2014: Our paper, SEER: Practical Memory Virus Scanning as a Service, has been accepted for publication at the 2014 Annual Computer Security Applications Conference (ACSAC).

July 23, 2014: Dr. William Enck presented our NativeWrap work at WiSec'14. Go download the app now!
Update: Ars Technica has written a story on NativeWrap.

May 7, 2014: Our paper, ASM: A Programmable Interface for Extending Android Security, has been accepted for publication at the 2014 USENIX Security Symposium.

May 7, 2014: Our paper, NativeWrap: Ad Hoc Smartphone Application Creation for End Users, has been accepted for publication at the 2014 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).

April 4, 2014: Our paper, An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities, has been accepted for publication at the 2014 IEEE Mobile Security Technologies workshop (MoST).

July 19, 2013: Our paper, Preventing Accidental Data Disclosure in Modern Operating Systems, has been accepted for publication at the 2013 ACM Conference on Computer and Communications Security (CCS).

June 4, 2013: Dr. William Enck will be an invited speaker at the Federal Trade Commission's (FTC) panel entitled "Mobile Security: Potential Threats and Solutions". Come join us in Washington D.C., or tune in via the webcast!

April 27, 2013: Our paper, WHYPER: Towards Automating Risk Assessment of Mobile Applications, has been accepted for publication at the 2013 USENIX Security Symposium.

April 17, 2013: Our paper, MAST: Triage for Market-scale Mobile Malware Analysis, received the Best Paper Award at the 2013 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), which is being held in Budapest, Hungary.

February 19, 2013: Dr. Enck received a National Science Foundation CAREER Award for my proposal "Secure OS Views for Modern Computing Platforms". The CAREER Award is the NSF's most prestigious award for junior faculty.

January 22, 2013: Our paper, MAST: Triage for Market-scale Mobile Malware Analysis, which discusses efficient methods for finding malware in massive-scale mobile applications markets, has been accepted to the 2013 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) in Budapest, Hungary.

August 16, 2012: Our paper, Abusing Cloud-based Browsers for Fun and Profit, has been accepted for publication at the 2013 USENIX Security Symposium.