William H. Enck

Systems and Internet Infrastructure Security Laboratory
PhD Candidate
Department of Computer Science and Engineering
The Pennsylvania State University
Email: enck-at-cse.psu.edu
Homepage: http://www.enck.org

Education

Ph.D., The Pennsylvania State University, Computer Science and Engineering

(expected graduation date: May 2011)
Dissertation Topic: Mobile phone operating system security
Advisor: Dr. Patrick McDaniel

M.S., The Pennsylvania State University, Computer Science and Engineering, May 2006

Thesis Title: Analysis of Open-Functionality in SMS-Capable Cellular Networks
Advisor: Dr. Patrick McDaniel

B.S., The Pennsylvania State University, Computer Engineering, May 2004

With Honors in Computer Engineering
Thesis Title: Study of Adaptive Routing Algorithms for NoC Architectures
Thesis Supervisor: Dr. Chita R. Das

Research and Teaching Experience

The Pennsylvania State University, Research Assistant, 2005-Present

Investigated security of mobile phone operating systems, Funded by NSF CNS-0721579, CNS-0905447, Jun. 2007 - Present.
Continued investigation and development of the PRESTO automated router configuration system, Funded by AT&T, Jan. 2006 - May 2007.
Investigated telecommunications security, network security, and trusted computing, Jun.-Dec. 2005.

Lead Graduate Student, Systems and Internet Infrastructure Security (SIIS) Laboratory, The Pennsylvania State University, Jan. 2009 - Present

Administrative and logistical lead student in the SIIS lab. Ran weekly meetings of 12+ members, met with students individually for mentoring and development of leadership and research skills. Responsible for most daily operational activities in the lab.

co-Instructor, Mobile Phone Security, The Pennsylvania State University, Jan.-May. 2009

co-Instructor for CSE597a, a graduate seminar on mobile phone operating system security.

Instructor, Communication Networks, The Pennsylvania State University, Jun.-Aug. 2007

Instructor for EE/CSE 458, the senior undergraduate course on computer networking.

Teaching Assistant, Microcomputer Laboratory, The Pennsylvania State University, Jan.-May 2005

Provided hands-on aid for CSE473, the undergraduate embedded systems development course.

Industrial Experience

Research Intern, Intel Labs, Seattle, WA, Summer 2009

Developed a system-wide information flow tracking system for the Android mobile phone platform.

Research Intern, AT&T Research, Florham Park, NJ, Summer 2006

Developed a system for massive-scale automated router configuration deployment.

Summer Intern, IBM Corp., Poughkeepsie, NY, Summer 2003

Performed error propagation logic testing for the zSeries mainframe process hardware caches.

Systems Administrator, Lebanon MobileFone Inc., Lebanon, PA, Summers 2000-2002 and 2004

Administrated Web and Email servers. Designed spam detection system for the ISP. Performed corporate and residential installation of wired and wireless broadband equipment. Repaired personal computers and performed phone and on-site customer technical support.

Publications

See the publications page.

Awards, Honors, and Scholarships

Google Security and Product Safety Acknowledgement, 2008: in recognition of efforts in improving the security of the Google Android cellular phone operating system.
National Science Foundation (NSF) Graduate Research Fellowship, Honorable Mention, 2006.
H. Thomas and Dorothy Willits Hallowell Scholarship, The Pennsylvania State University, 2003.
Chris Mader Scholarship, The Pennsylvania State University, 2002.
Lockheed Martin Engineering Scholars Award, The Pennsylvania State University, 2002.
Richard A. McQuade Memorial Scholarship, The Pennsylvania State University, 2001.
Student Travel Awards: USENIX Association, 2007, 2009; ACM Conference on Computer and Communications Security, 2009.

Professional Service

Conference and Workshop Organization

Information Security Conference (ISC), PC Member, 2009.
International Conference on Information Security and Assurance (ISA), PC Member, 2009.
International Conference on Information Systems Security (ICISS), PC Member, 2007
International Conference on Information Technology (ICIT), PC Member, 2009.
International Conference on Internet Monitoring and Protection (ICIMP), PC Member, 2009, 2010.
International Workshop on Security (IWSEC), PC Member, 2010.

Reviewer

Reviewer (Journal and Book): ACM Computing Surveys, 2009; ACM Transactions on Information and System Security (TISSEC), 2008; ACM Transactions on Internet Technology (TOIT), 2006, 2009; Handbook of Computer Networks, 2006; IEEE Communications Letters, 2008, 2009; IEEE Transactions on Computers, 2009; IEEE Transactions on Software Engineering, 2007; Journal of Autonomic and Trusted Computing (JoATC), 2006.

Reviewer (Conference and Workshop): ACM Computer Security Architecture Workshop (CSAW), 2008; ACM Conference on Computer and Communications Security (CCS), 2008; ACM Symposium on Access Control Models and Technology (SACMAT), 2006, 2008, 2009; Annual Computer Security Applications Conference (ACSAC), 2005, 2006; European Symposium on Research in Computer Security (ESORICS), 2005; Financial Cryptography (FC), 2007; International Conference on Availability, Reliability and Security (ARES), 2009; International Conference on Cryptology and Network Security (CANS), 2009; International Conference on Distributed Computing Systems (ICDCS), 2008; International Conference on Emerging Trends in Information and Communications Security (ETRICS), 2006; International Conference on Information Systems Security (ICISS), 2006, 2008; International World Wide Web Conference (WWW), 2010; International Workshop on Security (IWSec), 2006, 2007; IEEE Conference on Computer Communications (Infocom), 2007; IEEE Symposium on Security and Privacy (Oakland), 2007, 2008; ISOC Network and Distributed System Security Symposium (NDSS), 2007, 2009; USENIX Annual Technical Conference, 2010; USENIX Security Symposium, 2006, 2007, 2008, 2009; Workshop on Virtual Machine Security (VMSec), 2008.

Professional Affiliations

The Association for Computing Machinery (ACM)
The Institute of Electrical and Electronics Engineers (IEEE)
USENIX Advanced Computing Systems Association (USENIX)

Presentations and Invited Talks

On Lightweight Mobile Phone Certification

University of Notre Dame (South Bend, IN, October 2009), ACM CCS'09 (Chicago, IL, November 2008).

Lightweight Information Tracking for Mobile Phones

USENIX Security'09, Works in Progress (Montreal, QC, Canada).

Understanding Android's Security Framework

University of Washington (Seattle, WA, July 2009), Georgia Institute of Technology (Atlanta, GA, January 2009), ACM CCS'08, Tutorial Session, joint tutorial with Patrick McDaniel (Alexandria, VA, October 2008).

Defending Against Attacks on Main Memory Persistence

ACSAC'08 (Anaheim, CA, December 2008).

PinUP: Pinning User Files to Known Applications

ACSAC'08 (Anaheim, CA, December 2008), USENIX Security'08, Poster Session (San Jose, CA, August 2008).

Systematic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST

USENIX EVT'08 (San Jose, CA, July 2008).

Protecting User Files by Reducing Application Access

USENIX Security'07, Works in Progress (Boston, MA, August 2007).

PRESTO: A tool for Configuration Management at a Massive Scale

USENIX ATC'07 (Santa Clara, CA, June 2007), PRESTO'07 Workshop (Princeton, NJ, May 2007).

Mitigating DoS Through Basic TPM Operations

USENIX Security'05, Works in Progress (Baltimore, MD, August 2005).

William Enck

Vita