Contact Information
Penn State University344 IST Building
University Park, PA 16802
Email: enck at cse.psu.edu
Phone: 814-863-7745
I am a doctoral candidate in the Department of Computer Science and Engineering (CSE) at The Pennsylvania State University (PSU). Within the CSE department, I am a member of the Systems and Internet Infrastructure Security (SIIS) Laboratory, which is a part of the Networking and Security Research Center (NSRC). I began my graduate studies at Penn State in the fall of 2004 as a Masters student and continued into the PhD program in the fall of 2006 under the supervision of my advisor Dr. Patrick McDaniel.
My Masters research considered the security disconnect between the Internet and SMS-capable telecommunications networks. My co-author Patrick Traynor (now faculty at Georgia Tech) and I discovered vulnerabilities in the cellular phone network that allow a Denial of Service attack using Internet-originated SMS messages to disrupt voice service to large metropolitan areas. Along with our advisors Dr. Patrick McDaniel and Dr. Thomas La Porta, we published our initial findings at the 2005 ACM Conference on Computer and Communications Security (CCS) and was covered by The New York Times. We further investigated and characterized the problem with mathematical modeling and simulation to propose and evaluate mitigation strategies. This work was published in the 2006 ACM International Conference on Mobile Computing and Networking (MobiCom).
As a PhD candidate, I am investigating various areas of operating systems security. My focus is on mobile phone (smartphone) OS security architectures, for which I draw from past experiences in OS and network security to evaluate existing implementations. In general, I am interested in the vast spectrum of system security. I participated in the 2007 Ohio security evaluation of voting equipment (EVEREST), performing source code analysis and penetration testing. I have also designed new OS access control mechanisms, looked at forthcoming vulnerabilities as main memory switches to non-volatile technologies, and researched secure network protocols, privacy tools, and trusted computing. A more full description of my research can be found on my research page.
News
December 10, 2009
We were awarded best paper at ACSAC 2009 for our paper "Semantically Rich Application-Centric Security in Android".
November 11, 2009
I presented my paper, "On Lightweight Mobile Phone Application Certification" at this year's ACM CCS 2009.
October 27, 2009
I gave a CSE seminar talk at Notre Dame on my work, "On Lightweight Mobile Phone Application Certification".
October 14, 2009
I was awarded a student travel grant for ACM CCS 2009.
August 26, 2009
Our paper, "Semantically Rich Application-Centric Security in Android" has been accepted to the 2009 Annual Computer Security Applications Conference (ACSAC).