profile

Biography

Welcome to Rui Wang's homepage. I have started my career in Microsoft Research Redmond from October, 2011. My managers are Yi-Min Wang and Shuo Chen. Prior to joining Microsoft Research, I was a PhD student in Indiana University Bloomington, fortunately advised by Prof. XiaoFeng Wang, and Dr. Shuo Chen (co-advisor, Microsoft Research Redmond).

My research interests mainly focus on systems security, with an emphasis on web and mobile security. The topics I have been working on include Android update problems, mobile cross-origin issues, web single-sign-on issues, ecommerce security, side-channel problems, privacy-preserving techniques, and reverse engineering of binary executables. I frequently publish papers on top security conferences, including USENIX Security, ACM CCS, and IEEE Symposium on Security & Privacy. My research has won best practical paper award from IEEE Symposium on Security & Privacy 2011, and PET Award for Outstanding Research in Privacy Enhancing Techniques from PET 2011.

I can be reached at ruiwanATmicrosoftDOTcom.

My LinkedIn profile can be viewed at here.

Publications

  1. Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating. PDF

    By Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang

    Accepted by the 35th IEEE Symposium on Security and Privacy, San Jose, CA, May. 2014. Acceptance Rate: 13.5%(44/324).

    Media coverage: Forbes, Yahoo! News, ZDNet, The Register, Computer World, Tech Republic, etc.

  2. Unauthorized Origin Crossing on Mobile Platforms: Threats and Mitigation. PDF

    By Rui Wang, Luyi Xing, XiaoFeng Wang, Shuo Chen

    Accepted by the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, Nov. 2013. Acceptance Rate: 20%(105/530).

    Media coverage: Ars Technica, Net Security, etc.

  3. Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization. PDF

    By Rui Wang, Yuchen Zhou, Shuo Chen, Shaz Qadeer, David Evans, Yuri Gurevich

    To appear in the Proceedings of the 22th USENIX Security Symposium(Security’13), Washington, D.C., Aug. 2013. Acceptance Rate: 16%(45/277).

  4. Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services. PDF

    By Rui Wang, Shuo Chen, XiaoFeng Wang

    Accepted by the 33th IEEE Symposium on Security and Privacy, San Francisco, CA, May. 2012. Acceptance Rate: 13%(40/307).

    Media coverage: Ars Technica, Dark Reading, ZDNet, The Register, PC World, etc.

  5. How to Shop for Free Online - Security Analysis of Cashier-as-a-Service Based Web Stores. Best Practical Paper. PDF

    By Rui Wang, Shuo Chen, XiaoFeng Wang, Shaz Qadeer

    Accepted by the 32th IEEE Symposium on Security and Privacy (oakland’11), Oakland, CA, May. 2011. Acceptance Rate: 11%(34/306).

    Media coverage: CNN Money, The Register, Network World, CNET, MSNBC, Internet Retailer, New Scientist, etc.

    Industry impact: PayPal had a 44-minute talk about our free-shopping work on its Annual Developer Conference 2011.

  6. Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow. PET Award runners-up. PDF

    By Shuo Chen, Rui Wang, XiaoFeng Wang, Kehuan Zhang

    Accepted by the 31th IEEE Symposium on Security and Privacy (oakland’10), Oakland, CA, May. 2010. Acceptance Rate: 11%(26/237).

    Media coverage: The Register, Freedom to Tinker, Network World, Dark Reading, etc.

  7. Sidebuster: Automated Detection and Quantification of Side-Channel Leaks in Web Application Development.

    By Kehuan Zhang, Zhou Li, Rui Wang, XiaoFeng Wang, Shuo Chen

    Accepted by the 17th ACM Conference on Computer and Communications Security (CCS’10), Chicago, IL, Oct. 2010. Acceptance Rate: 17%(55/320).

  8. Learning Your Identity and Disease from Research Papers: Information Leaks in Genome Wide Association Study. PET Award. PDF

    By Rui Wang, Yong Li, XiaoFeng Wang, Haixu Tang, Xiaoyong Zhou

    Accepted by the 16th ACM Conference on Computer and Communications Security (CCS’09), Chicago, IL, Nov. 2009. Acceptance Rate: 18%(58/315).

  9. Privacy-Preserving Genomic Computation Through Program Specialization. PDF

    By Rui Wang, XiaoFeng Wang, Zhou Li, Haixu Tang, Michael Reiter, Zheng Dong

    Accepted by the 16th ACM Conference on Computer and Communications Security (CCS’09), Chicago, IL, Nov. 2009. Acceptance Rate: 18%(58/315).

  10. Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software. PDF

    By Rui Wang, XiaoFeng Wang, Zhuowei Li

    To appear in the Proceedings of the 17th USENIX Security Symposium(Security’08), San Jose, CA, July 2008. Acceptance Rate: 16%(27/170).

  11. Towards Automatic Reverse Engineering of Software Security Configuration. PDF

    By Rui Wang, XiaoFeng Wang, Kehuan Zhang and Zhuowei Li

    To appear in the Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS’08), Alexandra, VA, October, 2008. Acceptance Rate: 18%(51/281).

Professional Services