Contact Information
Penn State University344 IST Building
University Park, PA 16802
Email: enck at cse.psu.edu
Phone: 814-863-7745
I am a doctoral candidate in the Department of Computer Science and Engineering (CSE) at The Pennsylvania State University (PSU). Within the CSE department, I am a member of the Systems and Internet Infrastructure Security (SIIS) Laboratory, which is a part of the Networking and Security Research Center (NSRC). I began my graduate studies at Penn State in the fall of 2004 as a Masters student and continued into the PhD program in the fall of 2006 under the supervision of my advisor Dr. Patrick McDaniel.
My Masters research considered the security disconnect between the Internet and SMS-capable telecommunications networks. My co-author Patrick Traynor (now faculty at Georgia Tech) and I discovered vulnerabilities in the cellular phone network that allow a Denial of Service attack using Internet-originated SMS messages to disrupt voice service to large metropolitan areas. Along with our advisors Dr. Patrick McDaniel and Dr. Thomas La Porta, we published our initial findings at the 2005 ACM Conference on Computer and Communications Security (CCS) and was covered by The New York Times. We further investigated and characterized the problem with mathematical modeling and simulation to propose and evaluate mitigation strategies. This work was published in the 2006 ACM International Conference on Mobile Computing and Networking (MobiCom).
As a PhD candidate, I am investigating various areas of operating systems security. My focus is on mobile phone (smartphone) OS security architectures, for which I draw from past experiences in OS and network security to evaluate existing implementations. In general, I am interested in the vast spectrum of system security. I participated in the 2007 Ohio security evaluation of voting equipment (EVEREST), performing source code analysis and penetration testing. I have also designed new OS access control mechanisms, looked at forthcoming vulnerabilities as main memory switches to non-volatile technologies, and researched secure network protocols, privacy tools, and trusted computing. A more full description of my research can be found on my research page.
News
June 1, 2009
I am starting a summer internship with Intel Research Seattle.
January 13, 2009
I am co-instructing the course "CSE597a: Cellular Phone Operating Systems Security" along with my advisor Patrick McDaniel. Today is the first day of class. The course page is maintained here.
January 5, 2009
I presented an invited talk/tutorial entitled "Understanding Android's Security Framework" at Georgia Tech University.
December 10, 2008
I presented two papers at the 24th Annual Computer Security Applications Conference (ACSAC) in Anaheim, CA: "PinUP: Pinning User Files to Known Applications" and "Defending Against Attacks on Main Memory Persistence".
October 29, 2008
Professor Patrick McDaniel and I gave a tutorial entitled "Understanding Android's Security Framework" at the ACM Conference on Computer and Communications Security (CCS). Our presentation slides and the example applications (including source code) have been made publically available.