Publications can also be viewed by type, with superceded, or all publications.

2010

  1. Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel, malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points. Journal of Security and Communication Networks, 3(2):102--113, March, 2010.
  2. William Enck, Peter Gilbert, Byung-gon Chun, Landon P. Cox , Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), October 2010. Vancouver, BC.
    (acceptance rate=16.1%)
Technical Reports
  • William Enck and Patrick McDaniel, Federated Information Flow Control for Mobile Phones. Technical Report NAS-TR-0136-2010, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, July 2010.

2009

  1. William Enck, Machigar Ongtang, and Patrick McDaniel, Understanding Android Security. IEEE Security & Privacy Magazine, 7(1):50--57, January/February, 2009.
  2. William Enck, Thomas Moyer, Patrick McDaniel, Subhabrata Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Yu-Wei Eric Sung, Sanjay Rao, and William Aiello, Configuration Management at Massive Scale: System Design and Experience. IEEE Journal on Selected Areas in Communications (JSAC), 27(3):323--335, April, 2009.
    (extends ems+07)
  3. Patrick Traynor, William Enck, Patrick McDaniel, and Tom La Porta, Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks. IEEE/ACM Transactions on Networking (TON), 17(1), Februrary, 2009.
    (extends teml06)
  4. Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, and Thomas F. La Porta, ASR: Anonymous and Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks. Wireless Networks (WINET), ACM/Kluwer, 15(4):525--539, May, 2009. (Published online October 2007).
    (extends ces+05) [pdf]
  5. Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), December 2009. Honolulu, HI. (best paper).
    (acceptance rate=19.0%) [pdf]
  6. William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), November 2009. Chicago, IL.
    (acceptance rate=18.4%) [pdf]
Technical Reports
  • Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel, Semantically Rich Application-Centric Security in Android. Technical Report NAS-TR-0116-2009, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, June 2009.
  • William Enck, Machigar Ongtang, and Patrick McDaniel, On Lightweight Mobile Phone App Certification. Technical Report NAS-TR-0113-2009, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2009.

2008

  1. K. Butler, William Enck, Patrick Traynor, Jennifer Plasterr, and Patrick McDaniel. Privacy Preserving Web-Based Email. Algorithms, Architectures and Information Systems Security, Statistical Science and Interdisciplinary Research, World Scientific Computing. November 2008. Editor: Bhargab Bhattacharya, Susmita Sur-Kolay, Subhas Nandy and Aditya Bagchi.
    (extends iciss06b)
  2. Patrick Traynor, William Enck, Patrick McDaniel, and Tom La Porta, Exploiting Open Functionality in SMS-Capable Cellular Networks. Journal of Computer Security, 16(6), December, 2008.
    (extends etml05)
  3. William Enck, Patrick McDaniel, and Trent Jaeger. PinUP: Pinning User Files to Known Applications. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), December 2008. Anaheim, CA.
    (acceptance rate=24.3%) [pdf]
  4. William Enck, Kevin R. B. Butler, Thomas Richardson, Patrick McDaniel, and Adam Smith. Defending Against Attacks on Main Memory Persistence. Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), December 2008. Anaheim, CA.
    (acceptance rate=24.3%) [pdf]
  5. Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel. Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems. Proceedings of the 15th Annual Network & Distributed System Security Symposium, February 2008. San Diego, CA.
    (acceptance rate=17.7%)
  6. Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel. Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST. Proceedings of the USENIX/ACCURATE Electronic Voting Technology (EVT) Workshop, July 2008.
    (acceptance rate=44.1%) [pdf]
Technical Reports
  • William Enck, Machigar Ongtang, and Patrick McDaniel, Mitigating Android Software Misuse Before It Happens. Technical Report NAS-TR-0094-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, September 2008. Updated November 2008. [pdf]
  • Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel, Systemic Issues in the and Hart InterCivic Voting System: Reflections Following Project EVEREST. Technical Report NAS-TR-0088-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2008.
  • Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel, Systemic Issues in the and Premier Voting System: Reflections Following Project EVEREST. Technical Report NAS-TR-0087-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, April 2008.

2007

  1. Wesam Lootah, William Enck, and Patrick McDaniel, TARP: Ticket-based Address Resolution Protocol. Computer Networks, Elsevier, 51(15):4322--4337, October, 2007.
    (extends lem05) [pdf]
  2. William Enck, Patrick McDaniel, Shubho Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Sanjay Rao, and William Aiello. Configuration Management at Massive Scale: System Design and Experience. Proceedings of the USENIX Annual Technical Conference, June 2007. Santa Clara, CA.
    (acceptance rate=23.8%) [pdf]
  3. Hosam Rowihy, William Enck, Patrick McDaniel, and Thomas La Porta. Limiting Sybil Attacks in Structured P2P Networks. Proceedings of the IEEE INFOCOM'07 Minisymposium, May 2007. Anchorage, Alaska.
    (acceptance rate=25%) [pdf]
  4. William Enck, Sandra Rueda, Yogesh Sreenivasan, Joshua Schiffman, Luke St. Clair, Trent Jaeger, and Patrick McDaniel. Protecting Users from "Themselves". Proceedings of the 1st ACM Computer Security Architectures Workshop, November 2007. Alexandria, VA.
    (acceptance rate=30%) [pdf]
Technical Reports
  • William Enck, Sandra Rueda, Joshua Schiffman, Yogesh Sreenivasan, Luke St. Clair, Trent Jaeger, and Patrick McDaniel, Protecting Users From ``Themselves''. Technical Report NAS-TR-0073-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, June 2007.
  • Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel, Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems. Technical Report NAS-TR-0070-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, May 2007.
  • William Enck, Patrick McDaniel, and Trent Jaeger, PinUP: Pinning User Files to Known Applications . Technical Report NAS-TR-0063-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, February 2007. Updated August 2008.
  • Lisa Johansen, Kevin Butler, William Enck, Patrick Traynor, and Patrick McDaniel, Grains of SANs: Building Storage Area Networks from Memory Spots. Technical Report NAS-TR-0060-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, January 2007.

2006

  1. Kevin Butler, William Enck, Jennifer Plasterr, Patrick Traynor, and Patrick McDaniel. Privacy-Preserving Web-Based Email. Proceedings of 2nd International Conference on Information Systems Security (ICISS), December 2006. Kolkata, India.
    (acceptance rate=30.4%) [pdf]
  2. Luke St. Clair, Lisa Johansen, William Enck, Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Trent Jaeger. Password Exhaustion: Predicting the End of Password Usefulness. Proceedings of 2nd International Conference on Information Systems Security (ICISS), December 2006. Kolkata, India. (Invited). [pdf]
  3. Patrick Traynor, William Enck, Patrick McDaniel, and Tom La Porta. Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks. Proceedings of the Twelfth Annual International Conference on Mobile Computing and Networking (MobiCom), September 2006. Los Angeles, CA.
    (acceptance rate=11.7%) [pdf]
Technical Reports
  • Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta, Mitigating Attacks on Open Functionality in SMS-Capable Networks. Technical Report NAS-TR-0051-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, October 2006.
  • Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel, malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points. Technical Report NAS-TR-0048-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, September 2006.
  • Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, and Tom LaPorta, ASR: Anonymous and Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks. Technical Report NAS-TR-0034-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, March 2006.
  • William Enck, Kevin Butler, Thomas Richardson, and Patrick McDaniel, Securing Non-Volatile Main Memory. Technical Report NAS-TR-0029-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, February 2006.
  • Luke St. Clair, Lisa Johansen, William Enck, Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Trent Jaeger, Password Exhaustion: Predicting the End of Password Usefulness. Technical Report NAS-TR-0030-2006, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, February 2006.

2005

  1. Wesam Lootah, William Enck, and Patrick McDaniel. TARP: Ticket-Based Address Resolution Protocol. 21st Annual Computer Security Applications Conference (ACSAC), pages 95--103, December 2005. Tuscon, AZ.
    (acceptance rate=19.2%) [pdf]
  2. William Enck, Patrick Traynor, Patrick McDaniel, and Tom La Porta. Exploiting Open Functionality in SMS-Capable Cellular Networks. Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), pages 393--404, November 2005. Alexandria, VA.
    (acceptance rate=15.0%) [pdf]
  3. Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, and Thomas F. La Porta. Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks. MobiQuitous 2005, July 2005. San Diego, CA.
    (acceptance rate=35%) [pdf]
Technical Reports
  • Hosam Rowaihy, William Enck, Patrick McDaniel, and Thomas La Porta, Limiting Sybil Attacks in Structured Peer-to-Peer Networks. Technical Report NAS-TR-0017-2005, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, July 2005.
  • Wesam Lootah, William Enck, and Patrick McDaniel, TARP: Ticket-Based Address Resolution Protocol. Technical Report NAS-TR-0010-2005, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, June 2005.
  • Patrick Traynor, Kevin Butler, William Enck, Jennifer Plasterr, Scott Weaver, John van Bramer, and Patrick McDaniel, Privacy-Preserving Web-Based Email. Technical Report NAS-TR-0009-2005, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, June 2005.
  • William Enck, Patrick Traynor, Patrick McDaniel, and Tom La Porta, Exploiting Open Functionality in SMS-Capable Cellular Networks. Technical Report NAS-TR-0007-2005, Network and Security Center, Department of Computer Science, Pennsylvania State University, May 2005.

0

Technical Reports
  • William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. Technical Report NAS-TR-0120-2010, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, February.