William Enck is a Professor in the Department of Computer Science at the North Carolina State University where he is co-director of the Secure Computing Institute (SCI) and director of the Wolfpack Security and Privacy Research (WSPR) laboratory. Prof. Enck’s research interests span the broad area of systems security with applications to the software supply chain, 5G and cloud infrastructure, mobile platforms, Internet of Things (IoT), and networks. In particular, his work in mobile application security has led to significant consumer awareness and changes to platforms, as well as a SIGOPS Hall of Fame Award. He is currently serving as Secretary for the USENIX Board of Directors, as associate editor for ACM TOPS, and on the steering committee of the USENIX Security Symposium. He was program co-chair of USENIX Security 2018 and is program co-chair of the 2024 and 2025 IEEE Symposium on Security and Privacy (S&P).

Works (128)

Updated: February 12th, 2024 16:50

2024 journal article

PolyScope: Multi-Policy Access Control Analysis to Triage Android Scoped Storage

IEEE Transactions on Dependable and Secure Computing.

By: Y. Lee*, H. Chen*, W. Enck n, H. Vijayakumar*, N. Li*, Z. Qian*, G. Petracca*, T. Jaeger*

co-author countries: United States of America 🇺🇸
Source: ORCID
Added: January 2, 2024

2023 conference paper

ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

Proceedings of the USENIX Security Symposium, 6983–7000. https://www.usenix.org/conference/usenixsecurity23/presentation/muralee

By: S. Muralee, I. Koishybayev, A. Nahapetyan, G. Tystahl, B. Reaves, A. Bianchi, W. Enck, A. Kapravelos, A. Machiry

Event: USENIX Security Symposium at Anaheim, CA

Source: NC State University Libraries
Added: January 13, 2024

2023 article

Finding Fixed Vulnerabilities with Off-the-Shelf Static Analysis

2023 IEEE 8TH EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY, EUROS&P, pp. 489–505.

By: T. Dunlap n, S. Thorn n, W. Enck n & B. Reaves n

co-author countries: United States of America 🇺🇸

Event: IEEE Computer Society

Sources: Web Of Science, ORCID
Added: September 11, 2023

2023 article

It's like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security

2023 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, SP, pp. 1527–1544.

By: M. Fourne, D. Wermke, W. Enck, S. Fahl & Y. Acar

Sources: Web Of Science, ORCID
Added: September 5, 2023

2023 conference paper

It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security

Proceedings of the 44th IEEE Symposium on Security and Privacy (S&P 2023).

By: M. Fourné, D. Wermke, W. Enck, S. Fahl & Y. Acar

Source: ORCID
Added: January 2, 2024

2023 conference paper

MSNetViews: Geographically Distributed Management of Enterprise Network Security Policy

Proceedings of the 28th ACM Symposium on Access Control Models and Technologies, 121–132.

By: I. Anjum n, J. Sokal*, H. Rehman n, B. Weintraub*, E. Leba*, W. Enck n, C. Nita-Rotaru*, B. Reaves n

co-author countries: United States of America 🇺🇸
Source: ORCID
Added: January 2, 2024

2023 journal article

S3C2 Summit 2023-06: Government Secure Supply Chain Summit

ArXiv Preprint ArXiv:2308.06850.

By: W. Enck, Y. Acar, M. Cukier, A. Kapravelos, C. Kästner & L. Williams

Source: ORCID
Added: January 2, 2024

2023 journal article

S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit

ArXiv Preprint ArXiv:2307.15642.

By: M. Tran, Y. Acar, M. Cucker, W. Enck, A. Kapravelos, C. Kastner, L. Williams

Source: ORCID
Added: January 2, 2024

2023 journal article

Software Bills of Materials Are Required. Are We There Yet?

IEEE Security & Privacy, 21(2), 82–88.

By: N. Zahan n, E. Lin n, M. Tamanna n, W. Enck n & L. Williams n

co-author countries: United States of America 🇺🇸
Source: ORCID
Added: January 2, 2024

2023 journal article

VFCFinder: Seamlessly Pairing Security Advisories and Patches

ArXiv Preprint ArXiv:2311.01532.

By: T. Dunlap, E. Lin, W. Enck & B. Reaves

Source: ORCID
Added: January 2, 2024

2022 conference paper

${$ALASTOR$}$: Reconstructing the Provenance of Serverless Intrusions

31st USENIX Security Symposium (USENIX Security 22), 2443–2460.

By: P. Datta, I. Polinsky, M. Inam, A. Bates & W. Enck

Source: ORCID
Added: January 2, 2024

2022 conference paper

${$FReD$}$: Identifying File ${$Re-Delegation$}$ in Android System Services

31st USENIX Security Symposium (USENIX Security 22), 1525–1542.

By: S. Gorski III, S. Thorn, W. Enck & H. Chen

Source: ORCID
Added: January 2, 2024

2022 conference paper

A Study of Application Sandbox Policies in Linux

Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies, 19–30.

By: T. Dunlap, W. Enck & B. Reaves

Source: ORCID
Added: January 2, 2024

2022 article

Analysis of Payment Service Provider SDKs in Android

PROCEEDINGS OF THE 38TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, ACSAC 2022, pp. 576–590.

co-author countries: United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: October 16, 2023

2022 chapter

Optimizing Honey Traffic Using Game Theory and Adversarial Learning

In Cyber Deception: Techniques, Strategies, and Human Aspects (pp. 97–124). Springer.

By: M. Miah, M. Zhu, A. Granados, N. Sharmin, I. Anjum, A. Ortiz, C. Kiekintveld, W. Enck, M. Singh

Source: ORCID
Added: January 2, 2024

2022 article

Reflections on a Decade of Mobile Security Research

PROCEEDINGS OF THE 15TH ACM CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '22), pp. 2–2.

By: W. Enck n

co-author countries: United States of America 🇺🇸
author keywords: Smartphone security; mobile app security; mobile device security
Sources: Web Of Science, ORCID
Added: March 6, 2023

2022 conference paper

Removing the Reliance on Perimeters for Security using Network Views

Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies, 151–162.

By: I. Anjum, D. Kostecki, E. Leba, J. Sokal, R. Bharambe, W. Enck, C. Nita-Rotaru, B. Reaves

Source: ORCID
Added: January 2, 2024

2022 journal article

Top Five Challenges in Software Supply Chain Security: Observations From 30 Industry and Government Organizations

IEEE SECURITY & PRIVACY, 20(2), 96–100.

By: W. Enck n & L. Williams n

co-author countries: United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: May 31, 2022

2021 article

Hey Alexa, is this Skill Safe?: Taking a Closer Look at the Alexa Skill Ecosystem

28TH ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2021).

By: C. Lentzsch*, S. Shah n, B. Andow*, M. Degeling*, A. Das n & W. Enck n

co-author countries: Germany 🇩🇪 United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: August 30, 2021

2021 conference paper

PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems

30th ${$USENIX$}$ Security Symposium (${$USENIX$}$ Security 21).

By: Y. Lee, W. Enck, H. Chen, H. Vijayakumar, N. Li, Z. Qian, D. Wang, G. Petracca, T. Jaeger

Source: ORCID
Added: January 2, 2024

2021 conference paper

Role-Based Deception in Enterprise Networks

Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy, 65–76.

By: I. Anjum, M. Zhu, I. Polinsky, W. Enck, M. Reiter & M. Singh

Source: ORCID
Added: January 2, 2024

2021 conference paper

SCIFFS: Enabling Secure Third-Party Security Analytics using Serverless Computing

Proceedings of the 26th ACM Symposium on Access Control Models and Technologies, 175–186.

By: I. Polinsky, P. Datta, A. Bates & W. Enck

Source: ORCID
Added: January 2, 2024

2020 conference paper

Actions speak louder than words: Entity-sensitive privacy policy and data flow analysis with policheck

Proceedings of the 29th USENIX Security Symposium (USENIX Security'20).

By: B. Andow, S. Mahmud, J. Whitaker, W. Enck, B. Reaves, K. Singh, S. Egelman

Source: ORCID
Added: January 2, 2024

2020 conference paper

Analysis of Access Control Enforcement in Android

Proceedings of the 25th ACM Symposium on Access Control Models and Technologies, 117–118.

By: W. Enck

Source: ORCID
Added: January 2, 2024

2020 conference paper

Cardpliance: PCI DSS compliance of android applications

Proceedings of the 29th USENIX Conference on Security Symposium, 1517–1533.

By: S. Mahmud, A. Acharya, B. Andow, W. Enck & B. Reaves

Source: ORCID
Added: January 2, 2024

2020 conference paper

Do configuration management tools make systems more secure? an empirical research plan

Proceedings of the 7th Symposium on Hot Topics in the Science of Security, 1–2.

By: M. Rahman, W. Enck & L. Williams

Source: ORCID
Added: January 2, 2024

2020 article

Kobold: Evaluating Decentralized Access Control for Remote NSXPC Methods on iOS

2020 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2020), pp. 1056–1070.

By: L. Deshotels n, C. Carabas*, J. Beichler n, R. Deaconescu* & W. Enck n

co-author countries: Romania 🇷🇴 United States of America 🇺🇸

Event: IEEE

author keywords: access control; iOS; iPhone; inter-process communication; fuzzer; attack surface; automation; policy analysis
Sources: Web Of Science, ORCID
Added: March 8, 2021

2020 article

LeakyPick: IoT Audio Spy Detector

36TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2020), pp. 694–705.

By: R. Mitev*, A. Pazii*, M. Miettinen*, W. Enck n & A. Sadeghi*

co-author countries: Germany 🇩🇪 France 🇫🇷 United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: September 13, 2021

2020 journal article

Optimizing Vulnerability-Driven Honey Traffic Using Game Theory

ArXiv Preprint ArXiv:2002.09069.

By: I. Anjum, M. Miah, M. Zhu, N. Sharmin, C. Kiekintveld, W. Enck, M. Singh

Source: ORCID
Added: January 2, 2024

2020 conference paper

nm-Variant Systems: Adversarial-Resistant Software Rejuvenation for Cloud-Based Web Applications

Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy, 235–246.

By: I. Polinsky, K. Martin, W. Enck & M. Reiter

Source: ORCID
Added: January 2, 2024

2019 article

ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware

PROCEEDINGS OF THE NINTH ACM CONFERENCE ON DATA AND APPLICATION SECURITY AND PRIVACY (CODASPY '19), pp. 25–36.

By: S. Gorski n, B. Andow n, A. Nadkarni*, S. Manandhar*, W. Enck n, E. Bodden*, A. Bartel*

co-author countries: Germany 🇩🇪 Luxembourg 🇱🇺 United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: July 1, 2019

2019 article

ARF: Identifying Re-Delegation Vulnerabilities in Android System Services

PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 151–162.

By: S. Gorski n & W. Enck n

co-author countries: United States of America 🇺🇸

Event: ACM

Sources: Web Of Science, ORCID
Added: August 19, 2019

2019 article

Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things

PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 140–150.

By: T. OConnor n, W. Enck n & B. Reaves n

co-author countries: United States of America 🇺🇸

Event: ACM

Sources: Web Of Science, ORCID
Added: August 19, 2019

2019 article

HOMESNITCH: Behavior Transparency and Control for Smart Home IoT Devices

PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 128–139.

By: T. OConnor n, R. Mohamed*, M. Miettinen*, W. Enck n, B. Reaves n & A. Sadeghi*

co-author countries: Germany 🇩🇪 United States of America 🇺🇸

Event: ACM

Sources: Web Of Science, ORCID
Added: August 19, 2019

2019 journal article

HONEYSCOPE: IoT device protection with deceptive network views

Autonomous Cyber Deception: Reasoning, Adaptive Planning, and Evaluation of HoneyThings, 167–181.

By: R. Mohamed, T. O’Connor, M. Miettinen, W. Enck & A. Sadeghi

Source: ORCID
Added: January 2, 2024

2019 article

Hestia: Simple Least Privilege Network Policies for Smart Homes

PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 215–220.

By: S. Goutam n, W. Enck n & B. Reaves n

co-author countries: United States of America 🇺🇸

Event: ACM

author keywords: IoT & network security; smart home; least privilege policy
Sources: Web Of Science, ORCID
Added: August 19, 2019

2019 conference paper

PolicyLint: Investigating Internal Privacy Policy Contradictions on Google Play.

USENIX Security Symposium, 585–602.

By: B. Andow, S. Mahmud, W. Wang, J. Whitaker, W. Enck, B. Reaves, K. Singh, T. Xie

Source: ORCID
Added: January 2, 2024

2019 article

Selected Papers From the 2018 USENIX Security Symposium

IEEE SECURITY & PRIVACY, Vol. 17, pp. 7–8.

By: W. Enck n & T. Benzel*

co-author countries: United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: July 29, 2019

2019 article

Thou Shalt Discuss Security: Quantifying the Impacts of Instructions to RFC Authors

PROCEEDINGS OF THE 5TH ACM WORKSHOP ON SECURITY STANDARDISATION RESEARCH WORKSHOP (SSR '19), pp. 57–68.

By: J. Whitaker n, S. Prasad n, B. Reaves n & W. Enck n

co-author countries: United States of America 🇺🇸
author keywords: Requests for Comments; Internet Standards; Network Security; Text Analysis
Sources: Web Of Science, ORCID
Added: September 14, 2020

2018 article

PivotWall: SDN-Based Information Flow Control

PROCEEDINGS OF THE SYMPOSIUM ON SDN RESEARCH (SOSR'18). Presented at the ACM.

By: T. OConnor n, W. Enck n, W. Petullo* & A. Verma n

co-author countries: Puerto Rico 🇵🇷 United States of America 🇺🇸

Event: ACM

author keywords: Software Defined Networking; Information Flow Control
Sources: Web Of Science, ORCID
Added: November 11, 2019

2018 article

Programmable interface for extending security of application-based operating system

Enck, W. H., Nadkarni, A. P., Sadeghi, A.-R., & Heuser, S. (2018, March).

By: W. Enck, A. Nadkarni, A. Sadeghi & S. Heuser

Source: ORCID
Added: January 2, 2024

2018 conference paper

iOracle: Automated Evaluation of Access Control Policies in iOS

Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 117–131.

By: L. Deshotels, R. Deaconescu, C. Carabas, I. Manda, W. Enck, M. Chiroiu, N. Li, A. Sadeghi

Event: ACM

Source: ORCID
Added: January 2, 2024

2017 conference paper

A Study of Security Vulnerabilities on Docker Hub

Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy, 269–280.

By: R. Shu, X. Gu & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2017 conference paper

Analysis of SEAndroid Policies: Combining MAC and DAC in Android

Proceedings of the 33rd Annual Computer Security Applications Conference, 553–565.

By: H. Chen, N. Li, W. Enck, Y. Aafer & X. Zhang

Event: ACM

Source: ORCID
Added: January 2, 2024

2017 journal article

Phonion: Practical Protection of Metadata in Telephony Networks

Proceedings on Privacy Enhancing Technologies, 2017(1), 170–187.

By: S. Heuser, B. Reaves, P. Pendyala, H. Carter, A. Dmitrienko, W. Enck, N. Kiyavash, A. Sadeghi, P. Traynor

Source: ORCID
Added: January 2, 2024

2017 journal article

Policy by Example: An Approach for Security Policy Specification

ArXiv Preprint ArXiv:1707.03967.

By: A. Nadkarni, W. Enck, S. Jha & J. Staddon

Source: ORCID
Added: January 2, 2024

2017 chapter

Reliable Ad Hoc Smartphone Application Creation for End Users

In Intrusion Detection and Prevention for Mobile Ecosystems (pp. 65–98). CRC Press Taylor & Francis Group, 6000 Broken Sound Parkway NW, Suite 300 ….

By: A. Nadkarni, A. Verma, V. Tendulkar & W. Enck

Source: ORCID
Added: January 2, 2024

2017 conference paper

SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 612–624.

By: R. Wang, A. Azab, W. Enck, N. Li, P. Ning, X. Chen, W. Shen, Y. Cheng

Event: ACM

Source: ORCID
Added: January 2, 2024

2017 journal article

The Use of Functional Data Analysis to Evaluate Activity in a Spontaneous Model of Degenerative Joint Disease Associated Pain in Cats

PLOS ONE, 12(1), e0169576.

By: M. Gruen n, M. Alfaro-Córdoba n, A. Thomson n, A. Worth n, A. Staicu n & B. Lascelles n

co-author countries: United States of America 🇺🇸

Contributors: M. Gruen n, M. Alfaro-Córdoba n, A. Thomson n, A. Worth n, A. Staicu n & B. Lascelles n

Ed(s): J. Harezlak

MeSH headings : Accelerometry; Animals; Cat Diseases / physiopathology; Cats; Female; Male; Motor Activity / physiology; Osteoarthritis / physiopathology; Osteoarthritis / veterinary
Sources: Web Of Science, ORCID, Crossref
Added: August 6, 2018

2017 conference paper

UiRef: analysis of sensitive user inputs in Android applications

Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 23–34.

By: B. Andow, A. Acharya, D. Li, W. Enck, K. Singh & T. Xie

Event: ACM

Source: ORCID
Added: January 2, 2024

2016 journal article

* droid: Assessment and Evaluation of Android Application Analysis Tools

ACM Computing Surveys (CSUR), 49(3), 55.

By: B. Reaves, J. Bowers, S. Gorski III, O. Anise, R. Bobhate, R. Cho, H. Das, S. Hussain ...

Source: ORCID
Added: January 2, 2024

2016 article

A Study of Grayware on Google Play

2016 IEEE SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (SPW 2016), pp. 224–233.

By: B. Andow n, A. Nadkarni n, B. Bassett*, W. Enck n & T. Xie*

co-author countries: United States of America 🇺🇸

Event: IEEE

Sources: Web Of Science, ORCID
Added: August 6, 2018

2016 journal article

A Study of Security Isolation Techniques

ACM COMPUTING SURVEYS, 49(3).

By: R. Shu n, P. Wang n, S. Gorski n, B. Andow n, A. Nadkarni n, L. Deshotels n, J. Gionta n, W. Enck n, X. Gu n

co-author countries: United States of America 🇺🇸
author keywords: Security isolation; access control; resilient architectures
Sources: Web Of Science, ORCID
Added: August 6, 2018

2016 conference paper

Code-Stop: Code-Reuse Prevention By Context-Aware Traffic Proxying

Proceedings of the Conference on Internet Monitoring and Protection (ICIMP), Barcelona, Spain, 22–26.

By: T. OConnor & W. Enck

Source: ORCID
Added: January 2, 2024

2016 conference paper

Practical ${$DIFC$}$ Enforcement on Android

25th USENIX Security Symposium (USENIX Security 16), 1119–1136.

By: A. Nadkarni, B. Andow, W. Enck & S. Jha

Source: ORCID
Added: January 2, 2024

2016 conference paper

Practical DIFC Enforcement on Android.

USENIX Security Symposium, 1119–1136.

By: A. Nadkarni, B. Andow, W. Enck & S. Jha

Source: ORCID
Added: January 2, 2024

2016 conference paper

Practical DIFC enforcement on android

Proceedings of the 25th USENIX Security Symposium, 1119–1136.

By: A. Nadkarni, B. Andow, W. Enck & S. Jha

Source: NC State University Libraries
Added: August 6, 2018

2016 conference paper

Preventing kernel code-reuse attacks through disclosure resistant code diversification

2016 ieee conference on communications and network security (cns), 189–197.

By: J. Gionta n, W. Enck n & P. Larsen*

co-author countries: United States of America 🇺🇸

Event: IEEE

Sources: NC State University Libraries, ORCID
Added: August 6, 2018

2016 conference paper

SandScout: Automatic Detection of Flaws in iOS Sandbox Profiles

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 704–716.

By: L. Deshotels, R. Deaconescu, M. Chiroiu, L. Davi, W. Enck & A. Sadeghi

Event: ACM

Source: ORCID
Added: January 2, 2024

2016 journal article

Sandblaster: Reversing the apple sandbox

ArXiv Preprint ArXiv:1608.04303.

By: R. Deaconescu, L. Deshotels, M. Bucicoiu, W. Enck, L. Davi & A. Sadeghi

Source: ORCID
Added: January 2, 2024

2016 conference paper

Text analytics for security: tutorial

Proceedings of the Symposium and Bootcamp on the Science of Security, 124–125.

By: T. Xie & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2016 journal article

droid: Assessment and Evaluation of Android Application Analysis Tools

ACM COMPUTING SURVEYS, 49(3).

By: B. Reaves*, J. Bowers*, S. Gorski n, O. Anise*, R. Bobhate*, R. Cho*, H. Das*, S. Hussain* ...

co-author countries: United States of America 🇺🇸
author keywords: Android; application security; program analysis
Sources: Web Of Science, ORCID
Added: August 6, 2018

2015 article

AppContext: Differentiating Malicious and Benign Mobile App Behaviors Using Context

2015 IEEE/ACM 37TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, VOL 1, Vol. 1, pp. 303–313.

co-author countries: United States of America 🇺🇸

Event: IEEE

Sources: Web Of Science, ORCID
Added: August 6, 2018

2015 article

Automatic Server Hang Bug Diagnosis: Feasible Reality or Pipe Dream?

2015 IEEE INTERNATIONAL CONFERENCE ON AUTONOMIC COMPUTING, pp. 127–132.

By: D. Dean n, P. Wang n, X. Gu n, W. Enck n & G. Jin n

co-author countries: United States of America 🇺🇸

Event: IEEE

author keywords: hang bugs; characteristic study; performance
Sources: Web Of Science, ORCID
Added: August 6, 2018

2015 conference paper

EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning

Proceedings of the USENIX Security Symposium, 351–366. https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/wang-ruowen

By: R. Wang, W. Enck, D. Reeves, X. Zhang, P. Ning, D. Xu, W. Zhou, A. Azab

Event: USENIX Security Symposium at Washington, D.C.

Source: NC State University Libraries
Added: January 13, 2024

2015 conference paper

Hidem: Protecting the contents of userspace memory in the face of disclosure vulnerabilities

Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 325–336.

By: J. Gionta, W. Enck & P. Ning

Event: ACM

Source: ORCID
Added: January 2, 2024

2015 conference paper

Multitasking Increases Stress and Insecure Behavior on Mobile Devices

Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 59(1), 1110–1114.

By: Q. Liu, A. McLaughlin, B. Watson, W. Enck & A. Davis

Event: SAGE Publications

Source: ORCID
Added: January 2, 2024

2014 conference paper

${$ASM$}$: A Programmable Interface for Extending Android Security

23rd USENIX Security Symposium (USENIX Security 14), 1005–1019.

By: S. Heuser, A. Nadkarni, W. Enck & A. Sadeghi

Source: ORCID
Added: January 2, 2024

2014 conference paper

ASM: A Programmable Interface for Extending Android Security.

USENIX Security Symposium, 1005–1019.

By: S. Heuser, A. Nadkarni, W. Enck & A. Sadeghi

Source: ORCID
Added: January 2, 2024

2014 journal article

An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities

ArXiv Preprint ArXiv:1410.7745.

By: V. Tendulkar & W. Enck

Source: ORCID
Added: January 2, 2024

2014 conference paper

Dacsa: A decoupled architecture for cloud security analysis

Proceedings of the 7th Workshop on Cyber Security Experimentation and Test.

By: J. Gionta, A. Azab, W. Enck, P. Ning & X. Zhang

Source: ORCID
Added: January 2, 2024

2014 report

GraphAudit: Privacy Auditing for Massive Graph Mining

North Carolina State University. Dept. of Computer Science.

By: A. Nadkarni, A. Sheth, U. Weinsberg, N. Taft & W. Enck

Source: ORCID
Added: January 2, 2024

2014 article

Guest Editors' Introduction: Special Issue on Security and Privacy in Mobile Platforms

IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, Vol. 11, pp. 209–210.

By: G. Ahn*, W. Enck n & D. Shin*

co-author countries: United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: August 6, 2018

2014 conference paper

Improving mobile application security via bridging user expectations and application behaviors

Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 32.

By: W. Yang, X. Xiao, R. Pandita, W. Enck & T. Xie

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 conference paper

Insecure behaviors on mobile devices under stress

Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 31.

By: A. Davis, A. Shashidharan, Q. Liu, W. Enck, A. McLaughlin & B. Watson

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 conference paper

Modeling and sensing risky user behavior on mobile devices

Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 33.

By: Q. Liu, J. Bae, B. Watson, A. McLaughhlin & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 conference paper

NativeWrap: ad hoc smartphone application creation for end users

Proceedings of the 2014 ACM conference on Security and privacy in wireless & mobile networks, 13–24.

By: A. Nadkarni, V. Tendulkar & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 conference paper

PREC: practical root exploit containment for android devices

Proceedings of the 4th ACM conference on Data and application security and privacy, 187–198.

By: T. Ho, D. Dean, X. Gu & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 conference paper

SEER: practical memory virus scanning as a service

Proceedings of the 30th Annual Computer Security Applications Conference, 186–195.

By: J. Gionta, A. Azab, W. Enck, P. Ning & X. Zhang

Event: ACM

Source: ORCID
Added: January 2, 2024

2014 journal article

TaintDroid: An Information Flow Tracking System for Real-Time Privacy Monitoring on Smartphones

COMMUNICATIONS OF THE ACM, 57(3), 99–106.

By: W. Enck n, P. Gilbert*, B. Chun*, L. Cox*, J. Jung*, P. McDaniel*, A. Sheth*

co-author countries: Germany 🇩🇪 United Kingdom of Great Britain and Northern Ireland 🇬🇧 Korea (Republic of) 🇰🇷 United States of America 🇺🇸
Sources: Web Of Science, ORCID
Added: August 6, 2018

2014 journal article

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

ACM TRANSACTIONS ON COMPUTER SYSTEMS, 32(2).

By: W. Enck n, P. Gilbert*, S. Han*, V. Tendulkar n, B. Chun*, L. Cox*, J. Jung*, P. McDaniel*, A. Sheth*

co-author countries: Germany 🇩🇪 United Kingdom of Great Britain and Northern Ireland 🇬🇧 Korea (Republic of) 🇰🇷 United States of America 🇺🇸

Event: USENIX Association

author keywords: Design; Security; Performance; Information-flow tracking; privacy monitoring; smartphones; mobile apps
Sources: Web Of Science, ORCID
Added: August 6, 2018

2014 conference paper

Tutorial: Text Analytics for Security

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 1540–1541.

By: W. Enck & T. Xie

Event: ACM

Source: ORCID
Added: January 2, 2024

2013 conference paper

AppsPlayground: automatic security analysis of smartphone applications

Proceedings of the third ACM conference on Data and application security and privacy, 209–220.

By: V. Rastogi, Y. Chen & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2013 chapter

Automatic Security Analysis of Android Applications

In Android Security and Mobile Cloud Computing. Springer.

By: V. Rastogi, Y. Chen & W. Enck

Source: ORCID
Added: January 2, 2024

2013 conference paper

MAST: triage for market-scale mobile malware analysis

Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, 13–24.

By: S. Chakradeo, B. Reaves, P. Traynor & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2013 conference paper

Preventing accidental data disclosure in modern operating systems

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 1029–1042.

By: A. Nadkarni & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2013 conference paper

WHYPER: towards automating risk assessment of mobile applications

Proceedings of the 22nd USENIX Security Symposium, Washington DC, USA, 14–16.

By: R. Pandita, X. Xiao, W. Yang, W. Enck & T. Xie

Source: ORCID
Added: January 2, 2024

2012 conference paper

Abusing cloud-based browsers for fun and profit

Proceedings of the 28th Annual Computer Security Applications Conference, 219–228.

By: V. Tendulkar, R. Snyder, J. Pletcher, K. Butler, A. Shashidharan & W. Enck

Event: ACM

Source: ORCID
Added: January 2, 2024

2012 conference paper

Meteor: Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems

IEEE MoST: Mobile Security Technologies Workshop.

By: D. Barrera, W. Enck & P. Oorschot

Source: ORCID
Added: January 2, 2024

2012 journal article

Semantically rich application-centric security in Android

SECURITY AND COMMUNICATION NETWORKS, 5(6), 658–673.

By: M. Ongtang*, S. McLaughlin*, W. Enck n & P. McDaniel*

co-author countries: Thailand 🇹🇭 United States of America 🇺🇸

Event: Ieee

author keywords: security; android; smartphones
Sources: Web Of Science, ORCID
Added: August 6, 2018

2011 conference paper

A Study of Android Application Security.

USENIX Security Symposium.

By: W. Enck, D. Octeau, P. McDaniel & S. Chaudhuri

Source: ORCID
Added: January 2, 2024

2011 chapter

ARP Spoofing

In Encyclopedia of Cryptography and Security (pp. 48–49). Springer US.

By: W. Enck

Source: ORCID
Added: January 2, 2024

2011 thesis

Analysis Techniques for Mobile Operating System Security

The Pennsylvania State University.

By: W. Enck

Source: ORCID
Added: January 2, 2024

2011 chapter

Android’s Security Framework--Understanding the Security of Mobile Phone Platforms

In Encyclopedia of Cryptography and Security (pp. 34–37). Springer US.

By: W. Enck

Source: ORCID
Added: January 2, 2024

2011 chapter

Defending Users against Smartphone Apps: Techniques and Future Directions

In Information Systems Security (pp. 49–70).

By: W. Enck n

co-author countries: United States of America 🇺🇸

Event: Springer Berlin Heidelberg

Sources: Crossref, ORCID
Added: June 6, 2020

2011 report

Seeding a Security-Enhancing Infrastructure for Multi-market Application Ecosystems

Technical report, School of Computer Science, Carleton University, http ….

By: D. Barrera, W. Enck & P. Oorschot

Source: ORCID
Added: January 2, 2024

2010 journal article

Not so great expectations: Why application markets haven't failed security

IEEE Security & Privacy, 8(5), 76–78.

By: P. McDaniel & W. Enck

Source: ORCID
Added: January 2, 2024

2010 journal article

malnets: large-scale malicious networks via compromised wireless access points

Security and Communication Networks, 3(2-3), 102–113.

By: P. Traynor*, K. Butler*, W. Enck*, P. McDaniel* & K. Borders

co-author countries: United States of America 🇺🇸
author keywords: malware; routing; security
Sources: Crossref, ORCID
Added: June 6, 2020

2009 journal article

ASR: anonymous and secure reporting of traffic forwarding activity in mobile ad hoc networks

Wireless Networks, 15(4), 525–539.

co-author countries: United States of America 🇺🇸
author keywords: MANET; Security; Anonymity; Packet forwarding; Monitoring; Secure link layer acknowledgment; Secure reporting protocol
Sources: Crossref, ORCID
Added: November 7, 2020

2009 journal article

Configuration management at massive scale: system design and experience

IEEE Journal on Selected Areas in Communications, 27(3), 323–335.

By: W. Enck, T. Moyer, P. McDaniel, S. Sen, P. Sebos, S. Spoerel, A. Greenberg, Y. Sung, S. Rao, W. Aiello

Source: ORCID
Added: January 2, 2024

2009 journal article

Mitigating attacks on open functionality in SMS-capable cellular networks

IEEE/ACM Transactions on Networking (TON), 17(1), 40–53.

By: P. Traynor, W. Enck, P. McDaniel & T. Porta

Source: ORCID
Added: January 2, 2024

2009 conference paper

On lightweight mobile phone application certification

Proceedings of the 16th ACM conference on Computer and communications security, 235–245.

By: W. Enck, M. Ongtang & P. McDaniel

Event: ACM

Source: ORCID
Added: January 2, 2024

2009 journal article

Understanding Android Security.

IEEE Security & Privacy, 7(1), 50–57.

By: W. Enck, M. Ongtang, P. McDaniel & others

Source: ORCID
Added: January 2, 2024

2008 conference paper

Defending against attacks on main memory persistence

2008 Annual Computer Security Applications Conference (ACSAC), 65–74.

By: W. Enck, K. Butler, T. Richardson, P. McDaniel & A. Smith

Event: IEEE

Source: ORCID
Added: January 2, 2024

2008 journal article

Exploiting open functionality in SMS-capable cellular networks

Journal of Computer Security, 16(6), 713–742.

By: P. Traynor, W. Enck, P. Mcdaniel & T. La Porta

Source: ORCID
Added: January 2, 2024

2008 journal article

Mitigating Android software misuse before it happens

Pennsylvania State University, Tech. Rep. NAS-TR-0094-2008.

By: W. Enck, M. Ongtang & P. McDaniel

Source: ORCID
Added: January 2, 2024

2008 conference paper

Pinup: Pinning user files to known applications

2008 Annual Computer Security Applications Conference (ACSAC), 55–64.

By: W. Enck, P. McDaniel & T. Jaeger

Event: IEEE

Source: ORCID
Added: January 2, 2024

2008 conference paper

Realizing massive-scale conditional access systems through attribute-based cryptosystems

In Proceedings of the ISOC Network & Distributed System Security Symposium (NDSS).

By: P. Traynor, K. Butler, W. Enck & P. McDaniel

Source: ORCID
Added: January 2, 2024

2008 conference paper

Systemic Issues in the Hart InterCivic and Premier Voting Systems: Reflections Following Project EVEREST

Proceedings of the USENIX/ACCURATE Electronic Voting Technology (EVT) Workshop.

By: K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor & P. McDaniel

Source: ORCID
Added: January 2, 2024

2007 conference paper

Configuration Management at Massive Scale: System Design and Experience

Proceedings of the USENIX Annual Technical Conference, 73–86. https://www.usenix.org/legacy/events/usenix07/tech/enck.html

By: W. Enck, P. McDaniel, S. Sen, P. Sebos, S. Spoerel, A. Greenberg, S. Rao, W. Aiello

Event: USENIX Annual Technical Conference at Santa Clara, CA

Source: NC State University Libraries
Added: January 13, 2024

2007 report

Grains of SANs: Building Storage Area Networks from Memory Spots

Technical Report NASTR-0060-2007, Network and Security Research Center ….

By: L. Johansen, K. Butler, W. Enck, P. Traynor & P. McDaniel

Source: ORCID
Added: January 2, 2024

2007 conference paper

Limiting sybil attacks in structured p2p networks

INFOCOM 2007. 26th IEEE International Conference on Computer Communications. IEEE, 2596–2600.

By: H. Rowaihy, W. Enck, P. McDaniel & T. La Porta

Event: IEEE

Source: ORCID
Added: January 2, 2024

2007 conference paper

Protecting users from themselves

Proceedings of the 2007 ACM workshop on Computer security architecture, 29–36.

By: W. Enck, S. Rueda, J. Schiffman, Y. Sreenivasan, L. St Clair, T. Jaeger, P. McDaniel

Event: ACM

Source: ORCID
Added: January 2, 2024

2007 journal article

TARP: Ticket-based address resolution protocol

Computer Networks, 51(15), 4322–4337.

By: W. Lootah*, W. Enck* & P. McDaniel*

co-author countries: United States of America 🇺🇸
author keywords: network security; ARP security
Sources: Crossref, ORCID
Added: August 28, 2020

2006 thesis

Analysis of Open Functionality in SMS-capable Cellular Networks

Pennsylvania State University.

By: W. Enck

Source: ORCID
Added: January 2, 2024

2006 conference paper

Mitigating attacks on open functionality in SMS-capable cellular networks

Proceedings of the 12th annual international conference on Mobile computing and networking, 182–193.

By: P. Traynor, W. Enck, P. McDaniel & T. La Porta

Event: ACM

Source: ORCID
Added: January 2, 2024

2006 chapter

Password Exhaustion: Predicting the End of Password Usefulness

In Information Systems Security (pp. 37–55).

By: L. Clair*, L. Johansen*, W. Enck*, M. Pirretti*, P. Traynor*, P. McDaniel*, T. Jaeger*

co-author countries: United States of America 🇺🇸
Sources: Crossref, ORCID
Added: August 28, 2020

2006 chapter

Privacy Preserving Web-Based Email

In Information Systems Security (Vol. 3, pp. 116–131).

By: K. Butler*, W. Enck*, J. Plasterr*, P. Traynor* & P. McDaniel*

co-author countries: United States of America 🇺🇸

Event: Springer Berlin Heidelberg

Sources: ORCID, Crossref
Added: August 28, 2020

2006 article proceedings

TARP: Ticket-based Address Resolution Protocol

Presented at the 21st Annual Computer Security Applications Conference (ACSAC'05).

By: W. Lootah*, W. Enck* & P. McDaniel*

co-author countries: United States of America 🇺🇸

Event: 21st Annual Computer Security Applications Conference (ACSAC'05)

Sources: Crossref, ORCID
Added: January 7, 2024

2005 conference paper

Exploiting open functionality in SMS-capable cellular networks

Proceedings of the 12th ACM conference on Computer and communications security, 393–404.

By: W. Enck, P. Traynor, P. McDaniel & T. La Porta

Event: ACM

Source: ORCID
Added: January 2, 2024

2005 conference paper

Limiting sybil attacks in structured peer-to-peer networks

IEEE Infocom Mini-Symposium.

By: H. Rowaihy, W. Enck, P. McDaniel & T. La Porta

Source: ORCID
Added: January 2, 2024

2005 article proceedings

Secure reporting of traffic forwarding activity in mobile ad hoc networks

Presented at the The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services.

co-author countries: United States of America 🇺🇸

Event: The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services

Source: Crossref
Added: January 5, 2024

2005 conference paper

Secure reporting of traffic forwarding activity in mobile ad hoc networks

The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 12–21.

By: H. Choi, W. Enck, J. Shin, P. McDaniel & T. La Porta

Event: IEEE

Source: ORCID
Added: January 2, 2024

journal article

ARGUS: A Framework for Staged Static Taint Analysis of GitHub Workflows and Actions

Muralee, S., Koishybayev, I., Nahapetyan, A., Tystahl, G., Reaves, B., Bianchi, A., … Machiry, A.

By: S. Muralee, I. Koishybayev, A. Nahapetyan, G. Tystahl, B. Reaves, A. Bianchi, W. Enck, A. Kapravelos, A. Machiry

Source: ORCID
Added: January 2, 2024

conference paper

EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning

Wang, R., Enck, W., Reeves, D., Zhang, X., Ning, P., Xu, D., … Azab, A. 24th USENIX Security Symposium (USENIX Security 15). Presented at the USENIX Association.

By: R. Wang, W. Enck, D. Reeves, X. Zhang, P. Ning, D. Xu, W. Zhou, A. Azab

Event: USENIX Association

Source: ORCID
Added: January 2, 2024

journal article

Securing the So ware Supply Chain: Research, Outreach, Education

Williams, L., Acar, Y., Cukier, M., Enck, W., Kapravelos, A., Kästner, C., & Wermke, D.

By: L. Williams, Y. Acar, M. Cukier, W. Enck, A. Kapravelos, C. Kästner, D. Wermke

Source: ORCID
Added: January 2, 2024

journal article

Systemic Issues in the Hart InterCivic Voting System: Reflections Following Project EVEREST

Butler, K., Enck, W., Hursti, H., McLaughlin, S., Traynor, P., & McDaniel, P.

By: K. Butler, W. Enck, H. Hursti, S. McLaughlin, P. Traynor & P. McDaniel

Source: ORCID
Added: January 2, 2024

journal article

iOS Security Framework: Understanding the Security of Mobile Phone Platforms

Enck, W., Deaconescu, R., Chiroiu, M., & Deshotels, L.

By: W. Enck, R. Deaconescu, M. Chiroiu & L. Deshotels

Source: ORCID
Added: January 2, 2024

Employment

Updated: October 5th, 2022 10:15

2021 - present

North Carolina State University Raleigh, North Carolina, US
Professor Computer Science

2016 - 2021

North Carolina State University Raleigh, North Carolina, US
Associate Professor Computer Science

2011 - 2016

North Carolina State University Raleigh, North Carolina, US
Assistant Professor Computer Science

Education

Updated: October 5th, 2022 10:16

2006 - 2011

The Pennsylvania State University - University Park Campus University Park, PA, US
PhD, Computer Science and Engineering Computer Science and Engineering

2004 - 2006

The Pennsylvania State University The Methodology Center University Park, PA, US
MS, Computer Science and Engineering Computer Science and Engineering

2000 - 2004

The Pennsylvania State University - University Park Campus University Park, PA, US
BS, Computer Engineering Computer Science and Engineering

Funding History

Funding history based on the linked ORCID record. Updated: October 5th, 2022 10:18

grant February 1, 2022 - January 31, 2023
Collaborative Research: Conference: 2022 Secure and Trustworthy Cyberspace PI Meeting
Directorate for Computer & Information Science & Engineering
grant January 1, 2022 - December 31, 2024
Collaborative Research: SaTC: CORE: Medium: Enabling Practically Secure Cellular Infrastructure
Directorate for Computer & Information Science & Engineering
grant October 1, 2020 - September 30, 2023
SaTC: CORE: Small: Detecting Vulnerabilities and Remediations in Software Dependencies
Directorate for Computer & Information Science & Engineering
grant November 1, 2019 - November 30, 2022
Defining Security Policy in Distributed Environments using Network Views
United States Department of the Navy
grant July 1, 2016 - May 31, 2018
NSF Travel Grant Support for ACM WiSec 2016
Directorate for Computer & Information Science & Engineering
grant May 9, 2016 - May 8, 2019
Correct Enforcement of Access Control Policy in Modern Operating Systems
United States Department of the Army
grant July 1, 2015 - June 30, 2019
TWC: Medium: Collaborative: Improving Mobile-Application Security via Text Analytics
Directorate for Computer & Information Science & Engineering
grant September 1, 2013 - August 31, 2019
TWC: Frontier: Collaborative: Rethinking Security in the Era of Cloud Computing
Directorate for Computer & Information Science & Engineering
grant February 1, 2013 - January 31, 2019
CAREER: Secure OS Views for Modern Computing Platforms
Directorate for Computer & Information Science & Engineering
grant October 1, 2012 - September 30, 2016
TWC: Small: Collaborative: Characterizing the Security Limitations of Accessing the Mobile Web
Directorate for Computer & Information Science & Engineering

Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.

Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.