Now I am passionate about research problems in the security and privacy of mobile and IoT devices by leveraging techniques from many other CS areas. I created a system called ReCon, which exploits machine learning to detect personally identifiable information(PII) leaks in network traffic. Thus far, ReCon and its on-going studies have received much public attention and attracted thousands of users. Our continuous work in the Internet of Things is generously supported by a DHS grant and a Comcast Innovation Fund. I envision that increased transparency of privacy in mobile devices and Internet of Things is the key for users to make more informed decisions, for regulators to enforce more precise laws and for companies to build safer and more sustainable products. Auditing at the network level makes it possible to place rigorous control over sensitive data and prevent potential harms before it happens.
Before I joined the security and networking research community, I did research in Human Computer Interaction for over two years, and also spent one year working on machine learning problems. I have extensive experience in writing software systems, including various engineering and research areas such as network trace analysis, human computer interaction, health informatics, behavior change theory and machine learning.
Collaborators: I am fortunate to work with some of the most talented faculties, postdocs, grad/undergrad students and other professionals throughout my career. I have learned enormously from them and would like to extend my gratitude here (in no particular order): Prof. David Choffnes(NEU), Prof. Christo Wilson (NEU), Prof. Martina Lindorfer (TU Wien), Dr. Daniel Dubois (NEU), Dr. Ashwin Rao(H Helsinki), Prof. Narseo Vallina-Rodriguez (ICSI/IMEDA Networks), Elleen Pan (now Square), Christophe Leung (now Visa), Dr. Arnaud Legout(INRIA), Dr. Mastooreh Salajegheh (Visa Research), Dr. Mihai Christodorescu (Visa Research), Abhinav Aggarwal (U New Mexico), Prof. Jeremy Blackburn (now U Alabama), , Dr. Claudio Soriente (Telefonica Research), Dr. Matteo Varvello (Telefonica Research), Prof. Nikolaos Laoutaris (now IMEDA Networks), Kevin Byrnes (indevu films), Prof. Timothy Bickmore (NEU), Dr. Ha Trinh (now Huawei), Dr. Lazlo Ring (NEU), Juan Fernandez (NEU), Megan Hempstead (BMC), Dr. Brian Jack (BMC), Prof. Li Liu (now CSUN), Prof. Xiangxu Meng (SDU), Prof. Lin Lu (SDU), Prof. Hongjun Dai (SDU), Prof. Baodong Liu (SDU), Prof. Yilong Yin (SDU), Shun Niu(now VT), Tong Zhang(now VT), Yuetang Lin(now ZJU), Jun Zhang (now Finger Inc.) etc.
The Mon(IoT)r Lab: Detecting Suspicious Behaviors in Home IoT Ecosystem
The increasingly availability and utility of Internet of Things (IoT) devices will undoubtedly lead to many beneficial new technologies, from health care to personal entertainment and beyond. However, as users and their surroundings become increasingly connected to the Internet, it becomes incredibly challenging to understand — let alone protect — user privacy. The key research questions we will answer in this investigation are: (1) What personal data (including PII and multimedia) is being leaked, intentionally or otherwise, from IoT devices, and (2) What can we do to mitigate privacy risks beyond simply encrypting, modifying, or blocking PII?
Panoptispy: Are Mobile Apps Spying on Users?
In this work, we present the first large-scale empirical study of media permissions and leaks from Android apps, covering 17,260 apps from Google Play, App China, Mi.com, and Anzhi. We empirically study the behavior these apps using a combination of static and dynamic analysis techniques.
Advisors: Dr. David Choffnes, Dr. Christo Wilson Collaborators: Elleen Pan, Dr. Martina Lindorfer.
[Project] [Paper] [Gizmodo News]
Mobile privacy evolution in Android apps
The one task we do almost weekly is to update apps in our phones. How does that affect our privacy? Is mobile privacy getting better or worse over time? Our longitudinal study in 512 apps (7,665 unique versions) released over the past 8 years is the first to analyze the privacy impact of using popular Android apps and updating to new versions over time.
Advisor: Dr. David Choffnes, Collaborators: Dr. Daniel Dubois, Dr. Martina Lindorfer, Dr. Ashwin Rao, Dr. Narseo VALLINA-RODRIGUEZ
[Project] [Paper] [Tool]
App vs. Web: which one should you use?
When we use the Internet, more often than not, information about us is being transmitted to other parties. Sometimes this information is simple, like a tracking identifier, and sometimes it's very personal, like your name, birth date, or credentials. This information is leaked differently when you use an online service via a Web site and an app. So a natural question is, which is worse, app or web?
Advisor: Dr. David Choffnes, Collaborators: Christophe Leung, Dr. Christo Wilson
[Project] [Paper] [Tool]
ReCon: Watch who is watching you, and block unwanted privacy leaks
Have you ever wondered who or what is tracking you and/or stealing your personal information? Unfortunately, your mobile devices currently give you little or no way to tell if this is the case. Even if they did, they don't give you any way to control it except to decline to install an app. With ReCon, we give you a way to see how your personal information is transmitted to other parties, and allow you to block or modify it with fine granularity.
This project was covered by the Boston Globe, Northeastern News, Christian Science Monitor, New Scientist, Science Codex, NBC News, MSN News, El Mundo, Le Matin, among others.
Advisor: Dr. David Choffnes, Collaborators: Dr. Ashwin Rao, Dr. Martina Lindorfer, Dr. Arnaud Legout
[Project] [Paper] [Demo]
Co-presenting your work with a 3D Virtual Agent
Equipped with a Kinect sensor, our system present
Advisor: Dr. Timothy Bickmore, Collaborator: Dr. Ha Trinh, Lazlo Ring
Preconception Care - Gabby System
The purpose of this project is to develop a relational agent who supports women in improving their personal preconception risks in order to improve their preconception health status and improve their chances of having a healthy pregnancy and healthy baby. Check RAG Group or BUFamilyMed page
Advisor: Dr. Timothy Bickmore, Collaborators: Dr. Ha Trinh, Lazlo Ring, Juan Fernandez, Megan Hempstead, Dr. Brian Jack et al.
Tongible: Tongue Interface for People with Dexterity
Tongue is a promising candidate to build hand free human-computer interface. In this project, we introduces a new non-contact tongue interface, Tongible, for people with dexterity impairment to access computer.
Advisor: Dr. Li Liu, Collaborator: Shuo Niu
Sharfa/SHUN: Sharing Uninterruptedly among Devices, based on DLNA
"Enjoy your music, photos and videos, anywhere anytime."-- Slogan of DLNA. Sharfa/SHUN(Share fast) allows user share all types of media uninterruptedly among smartphones, tablet PCs, laptop and other electronic devices. Image that, when you are watching an interesting movie in the laptop, but you have to begin to cook in the kitchen. The only thing you have to do is just use Sharfa to share it on your iPad and you can see from where your stopped before.
Advisor: Dr. Hongjun Dai, Collaborator: Tong Zhang, Hao Li and YaTing Yue. [Video]
SDU Online Enet: Online Trading Platform for College Students
I led a group to build a website for on-campus online marketing based on Java EE Technology. The well-designed pages and all UI details are just made for students at Shandong University. The application service is now online and turns out to be a good one. Visit here
Collaborator: Yuetan Lin, Hang Yu, Weiguo Lan, Yuguo Zhai, Jun Zhang et al.
HIS: Hospital Information Sytem for Shiheng Power Plant Hospital
The HIS is built with ASP.NET Technology and SQL Server Database.
Director: Dr. Jun Zhou, Collaborator: Xiaohui Qin, Wei Gao, Xiaojun Rong et al.