View [ by type | by year | all (with superceded) ]

Book Chapters

  1. William Enck. Android's Security Framework-Understanding the Security of Mobile Phone Platforms, Encyclopedia of Cryptography and Security, Springer, Editor: Henk C. A. Tilborg and Sushil Jajodia, 2011.
  2. William Enck. ARP Spoofing, Encyclopedia of Cryptography and Security, Springer, Editor: Henk C. A. Tilborg and Sushil Jajodia, 2011.
  3. Kevin Butler, William Enck, Patrick Traynor, Jennifer Plaster, and Patrick McDaniel. Privacy Preserving Web-Based Email, Algorithms, Architectures and Information Systems Security, Statistical Science and Interdisciplinary Research, World Scientific Computing, Editor: Bhargab Bhattacharya, Susmita Sur-Kolay, Subhas Nandy and Aditya Bagchi, November, 2008.
    (extends iciss06b)

Journal Publications

  1. William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, ACM Transactions on Computer Systems (TOCS), 2014. (to appear)
    (extends egc+10)
  2. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Communications of the ACM, 57(3), March, 2014. (Research Highlight)
  3. Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android, Journal of Security and Communication Networks, 5(6):658-673, June, 2012.
    (extends omem09)
  4. Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel. malnets: Large-Scale Malicious Networks via Compromised Wireless Access Points, Journal of Security and Communication Networks, 3(2):102--113, March, 2010.
    (supercedes NAS-0048)
  5. William Enck, Machigar Ongtang, and Patrick McDaniel. Understanding Android Security, IEEE Security and Privacy Magazine, 7(1):50--57, January/February, 2009.
  6. William Enck, Thomas Moyer, Patrick McDaniel, Subhabrata Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Yu-Wei Eric Sung, Sanjay Rao, and William Aiello. Configuration Management at Massive Scale: System Design and Experience, IEEE Journal on Selected Areas in Communications (JSAC), 27(3):323--335, April, 2009.
    (extends ems+07)
  7. Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks, IEEE/ACM Transactions on Networking (TON), 17(1), Februrary, 2009.
    (extends teml06)
  8. Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Exploiting Open Functionality in SMS-Capable Cellular Networks, Journal of Computer Security, 16(6), December, 2008.
    (extends etml05)
  9. Wesam Lootah, William Enck, and Patrick McDaniel. TARP: Ticket-based Address Resolution Protocol, Computer Networks, 51(15):4322--4337, Elsevier, October, 2007.
    (extends lem05)
  10. Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, and Thomas La Porta. ASR: Anonymous and Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks, Wireless Networks (WINET), 15(4):525--539, ACM/Kluwer, May, 2009. (Published online October 2007)
    (extends ces+05) (supercedes NAS-0034)

Conference Publications

  1. Stephan Heuser, Adwait Nadkarni, William Enck, and Ahmad-Reza Sadeghi. ASM: A Programmable Interface for Extending Android Security, Proceedings of the USENIX Security Symposium, August, 2014. San Diego, CA.
    (acceptance rate=19.1%) (supercedes TUD-CS-2014-0063)
  2. Adwait Nadkarni, Vasant Tendulkar, and William Enck. NativeWrap: Ad Hoc Smartphone Application Creation for End Users, Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), July, 2014. Oxford, United Kingdom.
    (acceptance rate=26.0%)
  3. Tsung-Hsuan Ho, Daniel Dean, Xiaohui Gu, and William Enck. PREC: Practical Root Exploit Containment for Android Devices, Proceedings of the Fourth ACM Conference on Data and Application Security and Privacy (CODASPY), March, 2014. San Antonio, TX.
    (acceptance rate=16.0%) (supercedes TR-2012-12)
  4. Adwait Nadkarni, and William Enck. Preventing Accidental Data Disclosure in Modern Operating Systems, Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS), November, 2013. Berlin, Germany.
    (acceptance rate=19.8%)
  5. Rahul Pandita, Xusheng Xiao, Wei Yang, William Enck, and Tao Xie. WHYPER: Towards Automating Risk Assessment of Mobile Applications, Proceedings of the USENIX Security Symposium, August, 2013. Washington, D.C..
    (acceptance rate=16.2%)
  6. Saurabh Chakradeo, Brad Reaves, Patrick Traynor, and William Enck. MAST: Triage for Market-scale Mobile Malware Analysis, Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), April, 2013. Budapest, Hungary. (best paper)
    (acceptance rate=15.1%)
  7. Vaibhav Rastogi, Yan Chen, and William Enck. AppsPlayground: Automatic Large-scale Dynamic Analysis of Android Applications, Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy (CODASPY), February, 2013. San Antonio, TX.
    (acceptance rate=23.1%)
  8. Vasant Tendulkar, Joe Pletcher, Ashwin Shashidharan, Ryan Snyder, Kevin Butler, and William Enck. Abusing Cloud-based Browsers for Fun and Profit, Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC), December, 2012. Orlando, FL.
    (acceptance rate=19.0%)
  9. William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. A Study of Android Application Security, Proceedings of the 20th USENIX Security Symposium, August, 2011. San Francisco, CA.
    (acceptance rate=17.2%) (supercedes NAS-0144)
  10. William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), October, 2010. Vancouver, BC.
    (acceptance rate=16.1%) (supercedes NAS-0120)
  11. Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android, Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC), December, 2009. Honolulu, HI. (best paper)
    (acceptance rate=19.0%) (supercedes NAS-00116)
  12. William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification, Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), November, 2009. Chicago, IL.
    (acceptance rate=18.4%) (supercedes NAS-00113)
  13. William Enck, Patrick McDaniel, and Trent Jaeger. PinUP: Pinning User Files to Known Applications, Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), December, 2008. Anaheim, CA.
    (acceptance rate=24.3%) (supercedes NAS-0063)
  14. William Enck, Kevin Butler, Thomas Richardson, Patrick McDaniel, and Adam Smith. Defending Against Attacks on Main Memory Persistence, Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC), December, 2008. Anaheim, CA.
    (acceptance rate=24.3%) (supercedes NAS-0029)
  15. Patrick Traynor, Kevin Butler, William Enck, and Patrick McDaniel. Realizing Massive-Scale Conditional Access Systems Through Attribute-Based Cryptosystems, Proceedings of the 15th Annual Network and Distributed System Security Symposium, February, 2008. San Diego, CA.
    (acceptance rate=17.7%) (supercedes NAS-0070)
  16. William Enck, Patrick McDaniel, Subhabrata Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Sanjay Rao, and William Aiello. Configuration Management at Massive Scale: System Design and Experience, Proceedings of the USENIX Annual Technical Conference, June, 2007. Santa Clara, CA.
    (acceptance rate=23.8%)
  17. Hosam Rowihy, William Enck, Patrick McDaniel, and Thomas La Porta. Limiting Sybil Attacks in Structured P2P Networks, Proceedings of the IEEE INFOCOM'07 Minisymposium, May, 2007.
    (acceptance rate=25%) (supercedes NAS-0017)
  18. Kevin Butler, William Enck, Jennifer Plasterr, Patrick Traynor, and Patrick McDaniel. Privacy-Preserving Web-Based Email, Proceedings of 2nd International Conference on Information Systems Security (ICISS), December, 2006. Kolkata, India.
    (acceptance rate=30.4%) (supercedes NAS-0009)
  19. Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks, Proceedings of the Twelfth Annual International Conference on Mobile Computing and Networking (MobiCom), September, 2006. Los Angeles, CA.
    (acceptance rate=11.7%) (supercedes NAS-0051)
  20. Wesam Lootah, William Enck, and Patrick McDaniel. TARP: Ticket-Based Address Resolution Protocol, 21st Annual Computer Security Applications Conference (ACSAC), 95--103, December, 2005. Tuscon, AZ.
    (acceptance rate=19.2%) (supercedes NAS-0010)
  21. William Enck, Patrick Traynor, Patrick McDaniel, and Thomas La Porta. Exploiting Open Functionality in SMS-Capable Cellular Networks, Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), 393--404, November, 2005. Alexandria, VA.
    (acceptance rate=15.0%) (supercedes NAS-0007)
  22. Heesook Choi, William Enck, Jaesheung Shin, Patrick McDaniel, and Thomas La Porta. Secure Reporting of Traffic Forwarding Activity in Mobile Ad Hoc Networks, MobiQuitous 2005, July, 2005. San Diego, CA.
    (acceptance rate=35%)

Workshop Publications

  1. Jason Gionta, Ahmed Azab, William Enck, Peng Ning, and Xiaolan Zhang. DACSA: A Decoupled Architecture for Cloud Security Analysis, Proceedings of the 7th Workshop on Cyber Security Experimentation and Test (CSET), August, 2014.
    (acceptance rate=40.0%)
  2. Vasant Tendulkar, and William Enck. An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities, Proceedings of the IEEE Mobile Security Technologies workshop (MoST), May, 2014.
    (acceptance rate=36.7%)
  3. David Barrera, William Enck, and Paul C. van Oorschot. Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems, Proceedings of the IEEE Mobile Security Technologies workshop (MoST), May, 2012.
    (acceptance rate=39.3%) (supercedes TR-11-06)
  4. Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, and Patrick McDaniel. Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST, Proceedings of the USENIX/ACCURATE Electronic Voting Technology (EVT) Workshop, July, 2008.
    (acceptance rate=44.1%) (supercedes NAS-0087,NAS-0088)
  5. William Enck, Sandra Rueda, Yogesh Sreenivasan, Joshua Schiffman, Luke St. Clair, Trent Jaeger, and Patrick McDaniel. Protecting Users from "Themselves", Proceedings of the 1st ACM Computer Security Architectures Workshop, November, 2007. Alexandria, VA.
    (acceptance rate=30%) (supercedes NAS-0073)

Invited Papers

  1. William Enck. Defending Users Against Smartphone Apps: Techniques and Future Directions, Proceedings of 7th International Conference on Information Systems Security (ICISS), December, 2011. Kolkata, India. (Invited)
  2. Luke St. Clair, Lisa Johansen, William Enck, Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Trent Jaeger. Password Exhaustion: Predicting the End of Password Usefulness, Proceedings of 2nd International Conference on Information Systems Security (ICISS), December, 2006. Kolkata, India. (Invited)
    (supercedes NAS-0030)

Columns

  1. Patrick McDaniel, and William Enck. Not So Great Expectations: Why Application Markets Haven't Failed Security, IEEE Security and Privacy Magazine, 8(5):76--78, September/October, 2010. (Secure Systems issue column)

Poster Abstracts

  1. Wei Yang, Xusheng Xiao, Rahul Pandita, William Enck, and Tao Xie. Improving Mobile Application Security via Bridging User Expectations and Application Behaviors, Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS) Poster Session, April, 2014.
  2. Agnes Davis, Ashwin Shashidharan, Qian Liu, William Enck, Anne Mclaughlin, and Benjamin Watson. Insecure Behaviors on Mobile Devices under Stress, Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS) Poster Session, April, 2014.
  3. Qian Liu, Juhee Bae, Benjamin Watson, and William Enck. Modeling and Sensing Risky User Behavior based on Mobile Devices, Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS) Poster Session, April, 2014.

Tech Reports

  1. Adwait Nadkarni, Anmol Sheth, Udi Weinsberg, Nina Taft, and William Enck. GraphAudit: Privacy Auditing for Massive Graph Mining, Technical Report TR-2014-10, North Carolina State University, Department of Computer Science, Raleigh, NC. August, 2014.
  2. William Enck, and Patrick McDaniel. Federated Information Flow Control for Mobile Phones, Technical Report NAS-TR-0136-2010, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA. July, 2010.
  3. William Enck, Machigar Ongtang, and Patrick McDaniel. Mitigating Android Software Misuse Before It Happens, Technical Report NAS-TR-0094-2008, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA. Sep, 2008. (Updated Nov 2008)
  4. Lisa Johansen, Kevin Butler, William Enck, Patrick Traynor, and Patrick McDaniel. Grains of SANs: Building Storage Area Networks from Memory Spots, Technical Report NAS-TR-0060-2007, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA. January, 2007.

Miscellaneous

  1. William Enck. 17th USENIX Security Symposium Conference Summaries, USENIX ;login Magazine, Dec, 2008.
  2. Patrick McDaniel, Kevin Butler, William Enck, Harri Hursti, Stephen McLaughlin, Patrick Traynor, Matt Blaze, Adam Aviv, Pavol Cerny, Sandy Clark, Eric Cronin, Gaurav Shah, Micah Sherr, Giovanni Vigna, Richard Kemmerer, David Balzarotti, Greg Banks, Marco Cova, Viktoria Felmetsger, William Robertson, Fredrik Valeur, Joseph Lorenzo Hall, and Laura Quilter. EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing, December, 2007.
  3. William Enck. 16th USENIX Security Symposium Conference Summaries, USENIX ;login Magazine, Dec, 2007.