Bio

PhD, Carnegie Mellon University

My research interests involve security and privacy and its interactions with system, networking, machine learning, and human-computer interaction. My current research focuses on developing new technologies for protecting user privacy, particularly in the areas of mobile systems and Internet of Things. My previous work about mobile and web security and privacy have been adopted by Google (Chrome HTML5 privacy), Facebook (flaw analysis for web services, authentication protection), Microsoft (login protection), Samsung (mobile app security), Evernote (OAuth security), Dropbox (OAuth security), and others.

Research Interests

  • Security and Privacy
  • Cyber-Physical System
  • Machine Learning
  • Human-Computer Interaction

Selected Publications

  • SmartAuth: User-Centered Authorization for the Internet of Things 26th USENIX Security Symposium (USENIX Security), 2017
  • IVD: Automatic Learning and Enforcement of Authorization Rules in Online Social Networks 38th IEEE Symposium on Security and Privacy (Oakland), 2017
  • All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API 35th IEEE Symposium on Security and Privacy (Oakland), 2014
  • OAuth Demystified for Mobile Application Developers 21st ACM Conference on Computer and Communications Security (CCS), 2014