We are a security research lab affiliated with the Department of Computer Science at William & Mary. Our aim is to design systems that facilitate holistic security improvements for emerging computing platforms (e.g., smartphones, IoT).
In the pursuit of this goal, we are currently researching several approaches for discovering real security vulnerabilities in emerging platforms, developing practical but secure defenses in the form of OS/software enhancements, and enabling evaluation of security systems through novel, data-driven, evaluation frameworks (see Research).
We are looking for passionate new PhD, Masters, and Bachelors students to join the team (more info) !
We are grateful for funding from the National Science Foundation (NSF), Coastal Virginia Center of Cyber Innovation (CoVA CCI) as well as William & Mary (via the Faculty Summer Research Grants).
Our paper, "False negative - that one is going to kill you": Understanding Industry Perspectives of Static Analysis based Security Testing, led by Amit, received the Distinguished Paper Award at IEEE S&P 2024!
Apr 18, 2024Amit has been awarded the International Student Achievement Award from William & Mary. Congratulations to him!
Apr 03, 2024Prianka Mandal selected as the 2024 Commonwealth of Virginia Engineering and Science (COVES) Policy Fellow!
Dec 18, 2023Our paper, Practical Integrity Validation in the Smart Home with HomeEndorser has been accepted at the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)! [WiSec'24]
Oct 27, 2023Our paper, Understanding the Privacy Practices of Political Campaigns: A Perspective from the 2020 US Election Websites has been accepted at the 45th IEEE Symposium on Security and Privacy! [IEEE S&P'24]
Aug 15, 2023Our paper, 'Belt and suspenders' or 'just red tape'?: Investigating Early Outcomes and Perceptions of IoT Security Compliance Enforcement has been accepted at the 33rd USENIX Security Symposium! [USENIX'24]
July 10, 2023Our paper, "False negative - that one is going to kill you": Understanding Industry Perspectives of Static Analysis based Security Testing, has been accepted for publication at the IEEE Symposium on Security and Privacy 2024! [Oakland'24]
July 20, 2023Our paper, MASC: A Tool for Mutation-based Evaluation of Static Crypto-API Misuse Detectors has been accepted to the Tool Demo Track at ESEC/FSE'23! [ESEC/FSE'23 Demonstrations]
July 20, 2023Our paper, Helion: Enabling Natural Testing of Smart Homes, has been accepted to the Tool Demo Track at ESEC/FSE'23! [ESEC/FSE'23 Demonstrations]