Danny Huang
Friday, October 11, 2019 at 12:00 PM in 380 Soda Hall
Title: Empirically understanding consumer-facing security/privacy problems in situ and in the wild
Abstract: Many consumer-facing technologies are increasingly fraught with security/privacy risks. Beyond anecdotal reports, however, systematic and empirical studies of such problems tend to be missing, often because of the lack of non-proprietary, large-scale datasets for researchers. For instance, cryptocurrencies and smart home IoTs are two examples of consumer-facing technologies associated with significant hype, widespread usage, but little data-driven understanding of the inherent security/privacy issues. In particular, many cryptocurrencies are designed to be anonymous or untraceable, and smart home devices are typically on private networks. These properties make it difficult for researchers to gain visibility into the issues faced by real users at scale. To gain a data-driven insight, I develop methods and tools to collect, label, and analyze security/privacy-related datasets in situ and in the wild. This approach allows me to investigate, for example, millions of dollars of real transaction records of criminals, where I found clues on the possible identities of cybercriminals and understood their hidden business structures that would facilitate takedowns [IEEE S&P '18, NDSS '14, KDD '17]. Furthermore, my research method allows me to discover for the first time evidence of viewer tracking on smart TVs [CCS '19], along with a variety of security/privacy problems on hundreds of thousands of IoT devices behind actual smart home networks, providing the research community with the largest dataset for smart home research not only in security/privacy, but also in other areas such as network management and healthcare.
Bio: Danny Y. Huang is a postdoctoral fellow at Princeton's Center for Information Technology Policy. He is broadly interested in the security and privacy of emerging technologies, such as cryptocurrency and IoT. He obtained his PhD in Computer Science from University of California, San Diego. For more information, visit https://www.cs.princeton.edu/~yuxingh/.