{"id":20,"date":"2013-02-26T20:37:53","date_gmt":"2013-02-26T20:37:53","guid":{"rendered":"http:\/\/faculty.engineering.ucdavis.edu\/template\/?page_id=20"},"modified":"2014-10-27T16:21:14","modified_gmt":"2014-10-27T16:21:14","slug":"research","status":"publish","type":"page","link":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/research\/","title":{"rendered":"Research Interests"},"content":{"rendered":"<p>Computer security: wireless and mobile security, Web security, privacy and anonymity.<\/p>\n<h3>Projects<\/h3>\n<p>My current research focuses on\u00a0<em>mobile computing and security<\/em>, as exemplified by our recent papers:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Gustafson:2013:Permission\">Quantifying the Effects of Removing Permissions from Android Applications.<\/a><\/li>\n<li>\u00a0<a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Davis:2013:Retrofit\">Retrofitting Android Apps.<\/a><\/li>\n<li><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Gibler:2013:UEcon\">Characterizing Android Application Plagiarism and its Impact on Developers.<\/a><\/li>\n<li><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Stevens:2013:Permission\">Asking for (and About) Permissions Used by Android Apps.<\/a><\/li>\n<\/ul>\n<h3>My past projects include:<\/h3>\n<ul>\n<li><b>Wireless security<\/b>:\u00a0<acronym title=\"AndroidLeaks: Automatically Detecting Potential Privacy Leaks In Android Applications on a Large Scale\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Gibler:2012:AndroidLeaks\">TRUST 2012<\/a><\/acronym>,\u00a0<acronym title=\"On the Practicality of Motion Based Keystroke Infernce Attack\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Cai:2012:Motion\">TRUST 2012<\/a><\/acronym>,\u00a0<acronym title=\"I-ARM-Droid: A Rewriting Framework for In-App Reference Monitors for Android Applications\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Davis:2012:IARMDroid\">MoST 2012<\/a><\/acronym>,\u00a0<acronym title=\"Investigating User Privacy in Android Ad Libraries\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Stevens:2012:Ad\">MoST 2012<\/a><\/acronym>,\u00a0<acronym title=\"Opaak: Using Mobile Phones to Limit Anonymous Identities Online\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Maganis:2012:Opaak\">MobiSys 2012<\/a><\/acronym>,\u00a0<acronym title=\"Privacy-Preserving Alibi Systems\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Davis:2012:Alibi\">ASIACCS 2012<\/a><\/acronym>,\u00a0<acronym title=\"TouchLogger: Inferring Keystrokes On Touch Screen From Smartphone Motion\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Cai:2011:TouchLogger\">HotSec 2011<\/a><\/acronym>,\u00a0<acronym title=\"Good Neighbor: Secure Pairing of Nearby Wireless Devices by&lt;br \/&gt;   Multiple Antennas\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Cai:2011:GoodNeighbor\">NDSS 2011<\/a><\/acronym>,\u00a0<acronym title=\"CapAuth: A Capability-based Handover Scheme\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Liang:2010:CapAuth\">INFOCOM 2010<\/a><\/acronym>,<acronym title=\"Distributed Authentication for Low-Cost Wireless Networks\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Machiraju:2008:Authentication\">HotMobile 2008<\/a><\/acronym>,\u00a0<acronym title=\"Exploiting Opportunistic Scheduling in Cellular Data Networks\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Racic:2008:PF\">NDSS 2008<\/a><\/acronym>,\u00a0<acronym title=\"Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Racic:2006:MMS\">SecureComm 2006<\/a><\/acronym><\/li>\n<li><b>Web security<\/b>:\u00a0<acronym title=\"DBTaint: Cross-Application Information Flow Tracking via Databases\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Davis:2010:DBTaint\">WebApps 2010<\/a><\/acronym>,\u00a0<acronym title=\"Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#VanGundy:2009:Noncespaces\">NDSS 2009<\/a><\/acronym>,\u00a0<acronym title=\"OMash: Enabling Secure Web Mashups via Object Abstractions\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Crites:2008:OMash\">CCS 2008<\/a><\/acronym>,\u00a0<acronym title=\"iPhish: Phishing Vulnerabilities on Consumer Electronics\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Niu:2008:iPhish\">UPSEC 2008<\/a><\/acronym>,\u00a0<acronym title=\"Spam Double-Funnel: Connecting Web Spammers with Advertisers\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Wang:2007:spam\">WWW 2007<\/a><\/acronym>,\u00a0<acronym title=\"A Quantitative Study of Forum Spamming Using Context-based Analysis\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Niu:2007:spam\">NDSS 2007<\/a><\/acronym><\/li>\n<li><b>Malware analysis, detection, and defense<\/b>:\u00a0<acronym title=\"Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#VanGundy:2007:FO\">ACSAC 2007<\/a><\/acronym>,\u00a0<acronym title=\"Back to the Future: A Framework for Automatic Malware Removal and System Repair\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Hsu:2006:BTTF\">ACSAC 2006<\/a><\/acronym><\/li>\n<li><b>Firewall security<\/b>:\u00a0<acronym title=\"FIREMAN: a toolkit for FIREwall Modeling and ANalysis\"><a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/paper\/#Yuan:2006:FIREMAN\">IEEE S&amp;P 2006<\/a><\/acronym><\/li>\n<li><b>Software security<\/b>:\u00a0<a href=\"http:\/\/www.cs.ucdavis.edu\/~hchen\/mops\/\"><acronym title=\"Model Checking Programs for Security Properties\">MOPS<\/acronym><\/a><\/li>\n<\/ul>\n<h3>Funding<\/h3>\n<ul>\n<li><b><acronym title=\"National Science Foundation\">NSF<\/acronym><\/b>:\u00a0<a href=\"http:\/\/nsf.gov\/awardsearch\/showAward.do?AwardNumber=1018964\"><acronym title=\"Designing New Authentication Mechanisms using Hardware Capabilities in Advanced Mobile Devices\">Trusted Computing<\/acronym><\/a>,\u00a0<a href=\"http:\/\/nsf.gov\/awardsearch\/showAward.do?AwardNumber=0644450\"><acronym title=\"Securing Broadband Cellular Data Networks\">CAREER Award<\/acronym><\/a>,\u00a0<a href=\"http:\/\/nsf.gov\/awardsearch\/showAward.do?AwardNumber=0831547\"><acronym title=\"Practical Privacy Preserving Technologies\">CyberTrust<\/acronym><\/a>,<\/li>\n<li><b><acronym title=\"Department of Defense\">DoD<\/acronym>\u00a0<acronym title=\"Multidisciplinary University Research Initiative\">MURI<\/acronym><\/b>:\u00a0<a href=\"http:\/\/helix.cs.virginia.edu\/\"><acronym title=\"A Self-Regenerative Architecture\">HELIX<\/acronym><\/a>.<\/li>\n<li><b>Industrial<\/b>: Sprint, Intel, Microsoft.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Computer security: wireless and mobile security, Web security, privacy and anonymity. Projects My current research focuses on\u00a0mobile computing and security, as exemplified by our recent papers: Quantifying the Effects of Removing Permissions from Android Applications. \u00a0Retrofitting Android Apps. Characterizing Android Application Plagiarism and its Impact on Developers. Asking for (and \u2026 <a class=\"continue-reading-link\" href=\"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/research\/\"> Continue reading <span class=\"meta-nav\">&rarr; <\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-twocolumns-left.php","meta":{"inline_featured_image":false,"ngg_post_thumbnail":0,"footnotes":""},"class_list":["post-20","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/pages\/20","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/comments?post=20"}],"version-history":[{"count":25,"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/pages\/20\/revisions"}],"predecessor-version":[{"id":264,"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/pages\/20\/revisions\/264"}],"wp:attachment":[{"href":"https:\/\/faculty.engineering.ucdavis.edu\/chenh\/wp-json\/wp\/v2\/media?parent=20"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}