Helen Jiahe Wang, Ph.D.

Microsoft Research
One Microsoft Way
Redmond, WA 98052


Areas of Interest

Security, privacy, systems, protocol architecture, networking, mobile computing and applications


University of California, Berkeley Computer Science Ph.D. (2001)
University of California, Berkeley Computer Science M.S. (1998)
University of Texas, Austin Computer Science B.S. (1994)


2012 Oakland Best Practical Paper award
2009, 2010 Microsoft Research Tech Transfer award
2009 Microsoft Gold Star Award
2007 SIGMOD Test-of-Time award for "Online Aggregation"
NSF Graduate Fellowship 1996-1999.

Research Experience

Somex: Social Memory Index (2012-present)
I have been leading the Somex research project, a new social network platform and a client application.

Security and Privacy in augmented reality-based general-purpose client systems (2012-present)
I have been contributing to the design of new OS abstractions and access control in a general purpose augmented reality-based client system.

ServiceOS (including MashupOS and Gazelle) (2006-2012):
I led the ServiceOS project. ServiceOS represents the next generation client platform designed to embrace the software-as-a-service paradigm where the master copy of any software and data resides in the cloud and cached on client devices.

BrowserShield (2005-2007):
I led the BrowserShield project. BrowserShield is the first inline reference monitor for JavaScript. BrowserShield enables vulnerability signatures for dynamic content and many other applications.

Shield/GAPA (2003-2007)
I led the Shield/GAPA project. Shield is a vulnerability-driven end-host firewall where network traffic is "patched" according to known software defects. Such a data-driven "patch" is much easier to test for and to deploy than software patches, and can effectively protect the critical time window between vulnerability disclosure and patch application where 90% of the attacks take place today.

Location Privacy in Wireless Networks (2005-2007)
I led this project to address the location privacy in wireless networks. We achieve location privacy by obfuscating all dimensions of information exhibited from a mobile node, including sender identity, time of transmission, and signal strength. And we validate our design through real-system implementation and field experiments along with analysis and simulations.

PeerPressure (2003-2004)
I led PeerPressure project in which we diagnose PC misconfigurations by using statistics of configuration values from other machines. This is in contrast with methods that require manual identification on a healthy machine for diagnosing misconfigurations. The elimination of this manual operation makes a significant step towards automated misconfiguration troubleshooting. This technology has been built by Microsoft's ATC into a toolkit for Microsoft PSS.

Friends Troubleshooting Network (2003-2005)
I led the FTN project to investigate privacy- and integrity-preserving peer-to-peer troubleshooting using PeerPressure. To this end, we constructed a friends peer-to-peer overlay to gather PC configuration samples using source-less and destination-less random walk, during which search is carried out simultaneously with secure parameter aggregation for the purpose of troubleshooting. For secure parameter aggregation, we designed a novel open-membership homomorphic scheme.

CoopNet (2002-2004)
I was one of the main contributors to the CoopNet project at MSR. In this project, we enable resilient living streaming in peer-to-peer networks by providing redundancy in both path and data. We use multiple, diverse distribution trees to provide redundancy in network paths and multiple description coding (MDC) to provide redundancy in data.

ICEBERG (1999-2001)
I led the design, implementation, deployment, and maintenance of a unified communication network system called ICEBERG at U.C. Berkeley. For my dissertation research, I designed, built and evaluated the soft-state signaling protocol, mobility support, and the network- and device-independent service creation model for the system. I also served as the system integrator for our ICEBERG releases.

Employment History

Research Manager Microsoft Research, Redmond, WA (2006 - present):
Found, build up, and lead the security and privacy research group at MSR Redmond.

Principal Researcher (2010 - present), Senior Researcher (2007 - 2010), Researcher (Nov 2001 - 2007)
Led research in ServiceOS, Gazelle, MashupOS, BrowserShield, Shield, Location privacy, PeerPressure, Friends Troubleshooting Network. Contribute to other research projects. Tech-transfer to product groups. Provide consulting to product groups. Mentor graduate students.

Graduate Student Researcher U. C. Berkeley, CA (1996-2001):
Led research in ICEBERG and policy-driven vertical handoff in heterogeneous wireless networks. TA-ed graduate level mobile computing class. Mentored 7 undergraduate students.

Summer Intern Daimler Benz Research Lab, Palo Alto, CA (Summer 1997): Summer Intern
Researched on policy-driven handoffs across heterogeneous wireless networks, and deployed and measured my architecture and protocol.

Summer Intern IBM Almaden Research Center, San Jose, CA (Summer 1996):
Designed and implemented the access control mechanism for Grand Central Station, an information gathering and redistribution system for the web.

Software Engineer Nortel, Dallas, TX (1995-1996):
Worked on Intelligent Cellular Remote Module Operation, Administration and Maintenance (ICRM OA&M) and Over-The-Air-Activation-Provisioning (OTASP) in CDMA systems.

U. T. Austin Austin, TX (1992-1994): Undergraduate Researcher and TA
Researched on the integration of the real-time system verification and simulation. Taught self-paced Introduction to Computer Science class and graded math class exams and homeworks.

Mobil Oil Dallas, TX (Summer 1993, 1994): Internship
Built 3D graphics using APEX and wrote Visual Basic application

Professional Activities

Program committee member for:

Steering Committee member for:

Program Chair for:

NSF Proposal Reviewer: 2005, 2006, 2013

Panelist for:

Keynote speaker for:

Technical advisor's board member for The Collaborative Center for Internet Epidemiology and Defenses (CCIED).



Enabling Fine-Grained Permissions for Augmented Reality Applications With Recognizers
Suman Jana, David Molnar, Alexander Moshchuk, Alan Dunn, Benjamin Livshits, Helen J. Wang, and Eyal Ofek
Proceedings of the 22nd USENIX Security Symposium, August 2013. [pdf]

Operating System Support for Augmented Reality Applications
Loris D'Antoni, Alan Dunn, Suman Jana, Tadayoshi Kohno, Benjamin Livshits, David Molnar, Alexander Moshchuk, Eyal Ofek, Franziska Roesner, Scott Saponas, Margus Veanes, and Helen J Wang
14th Workshop on Hot Topics in Operating Systems (HotOS), May 2013. [pdf]

Lightweight Server Support for Browser-Based CSRF Protection
Alexei Czeskis, Alexander Moshchuk, Tadayoshi Kohno, Helen J. Wang
Proceedings of the International World Wide Web Conference (WWW), May 2013. [pdf]


User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
Franziska Roesner, Tadayoshi Kohno, Alexander Moshchuk, Bryan Parno, and Helen J. Wang
IEEE Symposium of Security and Privacy (The Oakland Conference) 2012, San Francisco, CA [pdf] [an older version]

Clickjacking: Attacks and Defenses
Lin-Shung Huang, Alex Moshchuk, Helen J. Wang, Stuart Schechter, Collin Jackson
Usenix Security 2012, Bellevue, WA [pdf]

Practical End-to-End Web Content Integrity
Kapil Singh, Helen J. Wang, Alexander Moshchuk, Collin Jackson, Wenke Lee
Proceedings of the 21st International World Wide Web Conference (WWW), 2012. [pdf]


Permission Re-Delegation: Attacks and Defenses
Adrienne Porter Felt, Helen J. Wang, Alex Moshchuk, Steven Hanna, and Erika Chin
Usenix Security 2011 [pdf]

Enabling Security in Cloud Storage SLAs with CloudProof
Raluca Ada Popa, Jay Lorch, David Molnar, Helen J. Wang, and Li Zhuang
USENIX Annual Technical Conference 2011 [pdf] [longer]


On the Incoherencies in Web Browser Access Control Policies
Kapil Singh, Alexander Moshchuk, Helen J. Wang, Wenke Lee IEEE Symposium on Security and Privacy, Oakland, CA, May 17-20, 2010 [pdf]

SecondNet: A Data Center Network Virtualization Architecture with Bandwidth Guarantees
Chuanxiong Guo, Guohan Lu, Helen J. Wang, Shuang Yang, Chao Kong, Peng Sun, Wenfei Wu, Yongguang Zhang
ACM CoNEXT 2010 [ pdf ]


Convergence of Desktop and Web Applications on a Multi-Service OS
Helen J. Wang, Alexander Moshchuk, Alan Bush 4th Usenix Workshop on Hot Topics in Security, August, 2009, Montreal, Canada. [pdf]

The Multi-Principal OS Construction of the Gazelle Web Browser
Helen J. Wang, Chris Grier, Alexander Moshchuk, Samuel T. King, Piali Choudhury, Herman Venter 18th Usenix Security Symposium, August, 2009, Montreal, Canada. [pdf]


Tupni: Automatic Reverse Engineering of Input Formats
Weidong Cui, Marcus Peinado, Karl Chen, Helen J. Wang, Luis Irun-Briz The 15th ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 27-31, 2008 [pdf]

Characterizing Botnets from Email Spam Records
Li Zhuang, John Dunagan, Daniel R. Simon, Helen J. Wang, Ivan Osipkov Geoff Hulten, J. D. Tygar First USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), San Francisco, CA [pdf]


Protection and Communication Abstractions for Web Browsers in MashupOS
Helen J. Wang, Xiaofeng Fan, Collin Jackson, and Jon Howell
21st ACM Symposium on Operating Systems Principles (SOSP), Stevenson, WA, October 2007 [pdf]

Discoverer: Automatic Protocol Reverse Engineering from Network Traces
Weidong Cui, Jayanthkumar Kannan, Helen J. Wang
The 16th USENIX Security Symposium, Boston, MA, August 2007 [pdf][html]

Location Privacy in Wireless Networks
Tao Jiang, Helen J. Wang, and Yi-Chun Hu
The 5th International Conference on Mobile Systems, Applications, and Service (MobiSys
Puerto Rico, June 11-14, 2007 [pdf]

ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing
Weidong Cui, Marcus Peinado, Helen J. Wang, and Michael E. Locasto
IEEE Symposium on Security and Privacy
Oakland, CA, May 20-23, 2007 [pdf]

A Systematic Approach to Uncover Security Flaws in GUI Logic
Shuo Chen, Jose Meseguer, Ralf Sasse, Helen J. Wang, and Yi-Min Wang
IEEE Symposium on Security and Privacy
Oakland, CA, May 20-23, 2007 [pdf]

Subspace: Secure Cross-Domain Communication for Web Mashups
Collin Jackson and Helen J. Wang
16th International World Wide Web Conference (WWW)
Banff, Alberta, Canada, May 8-12, 2007 [pdf]

MashupOS: Operating System Abstractions for Client Mashups
Jon Howell, Collin Jackson, Helen J. Wang, and Xiaofeng Fan
11th Workshop on Hot Topics in Operating Systems (HotOS XI)
San Diego, CA, May 7-9, 2007 [pdf]

Live Monitoring: Using Adaptive Instrumentation and Analysis to Debug and Maintain Web Applications
Emre Kiciman and Helen J. Wang
11th Workshop on Hot Topics in Operating Systems (HotOS XI)
San Diego, CA, May 7-9, 2007 [pdf]

A Generic Application-Level Protocol Analyzer and its Language
Nikita Borisov, David J. Brumley, Helen J. Wang, John Dunagan, Pallavi Joshi, and Chuanxiong Guo
The 14th Annual Network & Distributed System Security Symposium (NDSS)
San Diego, CA, Feb, 2007 [pdf]


Finding Diversity in Remote Code Injection Exploits
Justin Ma, John Dunagan, Helen J. Wang, Stefan Savage, and Geoffrey M. Voelker
Internet Measurement Conference, Rio de Janeiro, Brazil October, 2006 pdf

BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
Charles Reis, John Dunagan, Helen J. Wang, Opher Dubrovsky, and Saher Esmeir
Usenix OSDI, Seattle, WA December 2006 pdf

SubVirt: Implementing malware with virtual machines
Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, and Jacob R. Lorch
IEEE Symposium on Security and Privacy, Oakland, CA May 2006. [pdf]

Automatically Extracting Fields from Unknown Network Protocols Karthik Gopalratnam, Sumit Basu, John Dunagan, Helen J. Wang
Systems and Machine Learning Workshop (SysML), Saint-Malo, France


Applications of Secure Electronic Voting to Automated Privacy-Preserving Troubleshooting
Qiang Huang, David Jao, Helen J. Wang
Proceedings of the 12th ACM CCS, Alexandria, VA, November 2005. [pdf]

Virtual Playgrounds for Worm Behavior Investigation
Xuxian Jiang, Dongyan Xu, Helen J. Wang , Eugene H. Spafford
Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID '05), Seattle, WA, September 2005. [pdf]

Location Privacy in Wireless Networks
Yih-Chun Hu and Helen J. Wang
Proceedings of the ACM SIGCOMM Asia Workshop 2005, ACM, Bejing, China, April 2005. [pdf]

Generic Application-Level Protocol Analyzer and its Language
Nikita Borisov, David J. Brumley, Helen J. Wang , and Chuanxiong Guo
Microsoft Technical Report MSR-TR-2005-133, Feburary, 2005 [pdf]

Privacy-Preserving Friends Troubleshooting Network
Qiang Huang, Helen J. Wang, and Nikita Borisov
ISOC NDSS 2005, Feb, San Diego, CA [pdf]


Smart-Phone Attacks and Defenses
Chuanxiong Guo, Helen J. Wang, and Wenwu Zhu
HotNets III, November, 2004 San Diego, CA

Some Anti-Worm Efforts at Microsoft
Helen J. Wang Invited Talk at 2nd Workshop Of Rapid Malcode (WORM), Oct 29, 2004 [pdf]

Shield: Vulnerability-Driven Network Filters for Preventing Known Vulnerability Exploits
Helen J. Wang, Chuanxiong Guo, Daniel R. Simon, and Alf Zugenmaier
ACM SIGCOMM, August, 2004 Portland, OR
[pdf][an older version] [talk]

Automatic Misconfiguration Troubleshooting with PeerPressure
Helen J. Wang, John C. Platt, Yu Chen, Ruyun Zhang, Yi-Min Wang
Usenix OSDI, December, 2004 San Francisco, CA
[pdf] [html]

PeerPressure for Automatic Troubleshooting
Helen J. Wang , John C. Platt, Yu Chen, Ruyun Zhang, and Yi-Min Wang
ACM SIGMETRICS 2004 Poster Paper, New York
[pdf][ long version]

Friends Troubleshooting Network: Towards Privacy-Preserving, Automatic Troubleshooting
Helen J. Wang, Yih-Chun Hu, Chun Yuan, Zheng Zhang, and Yi-Min Wang
The 3rd International Workshop on Peer-to-Peer Systems (IPTPS 2004), San Diego, CA; Feb 26-27, 2004
[pdf] [ps]

Supporting Heterogeneity and Congestion Control in Peer-to-Peer Multicast Streaming
Venkata N. Padmanabhan, Helen J. Wang, and Philip A. Chou
The 3rd International Workshop on Peer-to-Peer Systems (IPTPS 2004), San Diego, CA; Feb 26-27, 2004


Resilient Peer-to-Peer Streaming
Venkata N. Padmanabhan, Helen J. Wang, and Philip A. Chou
11th IEEE International Conference on Network Protocols (ICNP), Atlanta, GA, November, 2003
[pdf] [ps]
[Presentation: pdf, ps]

STRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support
Yi-Min Wang, Chad Verbowski, John Dunagan, Yu Chen, Helen J. Wang, Chun Yuan, and Zheng Zhang
USENIX LISA, October, 2003
Best Paper Award.

Layered Multiple Description Coding
Philip A. Chou, Helen J. Wang, and Venkata N. Padmanabhan
Packet Video Workshop, Nantes, France, April 2003.

Server-based Inference of Internet Link Lossiness
Venkata N. Padmanabhan, Lili Qiu, and Helen J. Wang
IEEE Infocom 2003, San Francisco, CA, April 2003
[pdf] [ps]

An Evaluation of Scalable Application-level Multicast Built Using Peer-to-peer Overlays.
Miguel Castro, Michael B. Jones, Anne-Marie Kermarrec, Antony Rowstron, Marvin Theimer, Helen J. Wang, and Alec Wolman.
Proceedings of IEEE Infocom 2003, San Francisco, CA, April 2003.


Passive Network Tomography Using Bayesian Inference
Venkata N. Padmanabhan, Lili Qiu, and Helen J. Wang.
Internet Measurement Workshop, Marseille, France, November 2002.

Distributing Streaming Media Content using Cooperative Networking
Venkata N. Padmanabhan, Helen J. Wang, Philip A. Chou, and Kay Sripanidkulchai
[pdf] [ps]
The 12th International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV 2002), Miami Beach, FL.
An extended version (Microsoft Research Technical Report MSR-TR-2002-37): [pdf] [ps]

2001 and before

Mobility Support in Unified Communication Systems
Helen J. Wang and Randy H. Katz
ACM Workshop on Wireless Mobile Multimedia (WoWMoM) 2001, Rome, Italy.
[ ps][pdf]

A Personal Communication Service Creation Model for Internet-based Unified Communication Systems
Helen J. Wang, Ascan Morlang, and Randy H. Katz
IEEE International Conference on Communications, Helsinki, Finland. June 2001.
[ ps.gz ] [pdf ]

Internet-core Network Architecture for Integrated Communications
Helen J. Wang, Bhaskaran Raman, Chen-nee Chuah, Rahul Biswas, Ramakrishna Gummadi, Barbara Hohlt, Xia Hong, Emre Kiciman, Zhuoqing Mao, Jimmy S. Shih, Lakshminarayanan Subramanian, Ben Y. Zhao, Anthony D. Joseph, and Randy H. Katz
IEEE Personal Communications, August 2000: Special Issue on IP-based Mobile Telecommunication Networks.
[ ps.gz ] [ pdf ]

A Signaling System Using Lightweight Call Sessions
Helen J. Wang, Anthony D. Joseph, and Randy H. Katz
Proceedings of IEEE Infocom 2000, Tel-Aviv, Israel, March, 2000.
[ ps.gz ] [ pdf ]

The ICEBERG Project: Defining the IP and Telecom Intersection
Bhaskaran Raman, Helen J. Wang, Jimmy S. Shih, Anthony D. Joseph, and Randy H. Katz
IEEE IT Professional, Nov/Dec 1999.

Policy-Enabled Handoffs Across Heterogeneous Wireless Networks
Helen J. Wang, Jochen Giese, and Randy H. Katz
2nd IEEE Workshops on Mobile Computing and Applications (WMCSA 1999), New Orleans, LA, February 1999.

Online Aggregation
Joseph M. Hellerstein, Peter Haas, and Helen J. Wang
Proceedings of ACM-SIGMOD International Conference on Management of Data, Tucson, May 1997.

Evaluation of Existing Architectures in IRAM Systems
W. Bowman, N. Cardwell, C. Kozyrakis, C. Romer, Helen J. Wang
Workshop on "Mixing Logic and DRAM", the 24th Annual International Symposium on Computer Architecture, Denver, CO, June 1997.