My daughters drew a few photo-trace portraits of me. :)
I am a researcher in Internet Services Research Center (ISRC), and also affiliated with the Redmond Security and Privacy Research group.
Research background: my research interest is mainly on systems security and privacy. My current focus is in the web/browser space. Here is a summary of my previous projects. 
- Rui Wang, Yuchen Zhou - in alphabetical order, Shuo Chen, Shaz Qadeer, David Evans, and Yuri Gurevich, Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization, in Proceedings of the USENIX Security Symposium, USENIX, August 2013
- Rui Wang, Shuo Chen, and XiaoFeng Wang, Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services, in Proceedings of the IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2012
- Rui Wang, Shuo Chen, XiaoFeng Wang, and Shaz Qadeer, How to Shop for Free Online – Security Analysis of Cashier-as-a-Service Based Web Stores, in Proceedings of the IEEE Symposium on Security and Privacy (Oakland) (Best Practical Paper award), IEEE Computer Society, May 2011
- Shuo Chen, Rui Wang, XiaoFeng Wang, and Kehuan Zhang, Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow, in Proceedings of the IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2010
- Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang, Pretty-Bad-Proxy: An Overlooked Adversary in Browsers’ HTTPS Deployments, in Proceedings of the IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2009
- Shuo Chen, Jose Meseguer, Ralf Sasse, Helen J. Wang, and Yi-Min Wang, A Systematic Approach to Uncover Security Flaws in GUI Logic, in Proceedings of the IEEE Symposium on Security and Privacy (Oakland), IEEE Computer Society, May 2007
- Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer, Non-Control-Data Attacks Are Realistic Threats, in Proceedings of USENIX Security Symposium, USENIX, August 2005
Academic Service
- Ralf Sasse (UIUC, advised by Jose Meseguer), defended successfully in 2012
- Keun Soo Yim (UIUC, advised by Ravi Iyer), defended successfully in 2012
- Rui Wang (Indiana, advised by XiaoFeng Wang)
- Yuchen Zhou (UVa, advised by David Evans)
Microsoft Research
One Microsoft Way
Redmond, WA 98052
Office phone: 425-722-8238
Fax: 425-936-7329
EMail: FirstnameLastname at
company dot com
Links:
Resume
Short bio
Publications
Presentation slides
Educational materials
Interns
Media coverage
Know more about me
2012龙星课程资料
关于科研工作的闲谈
Recent media coverage:
About our Oakland'12 paper
• Study Finds Major Weaknesses in Single Sign-on Systems, Network World, March 27, 2012
• Flawed sign-in services from Google and Facebook imperil user account, Ars Technica, March 25, 2012
• Trial finds EIGHT WAYS to defeat Google, PayPal and other SSOs, The Register, March 20, 2012
• Researchers discover flaws in SSO that leave websites vulnerable, Infosecurity, March 20
• Web Services Single Sign-On Contain Big Flaws, Dark Reading, March 19, 2012
• Researchers discover “worrisome” authentication flaws in many online services, ZDNet, March 16, 2012
About our Oakland'11 paper
• How to Shop for Free Online (video interview), Channel 9, May 17, 2011
• Vulnerabilities in Online Payment Systems, Schneier on Security, May 9, 2011
• Researchers find major flaws in online payment systems. CNN, April 13, 2011.
• Exploit-wielding boffins go on free online shopping binge -- World's biggest e-commerce sites wide open, The Register, April 12, 2011
• Could criminals shop for free online? CNET, April 11, 2011
• Security Researchers Exploit Logic Flaws to Shop for Free Online, Network World, April 11, 2011