David Huang (Lin-Shung Huang)

Hello! I work on Product Security at Facebook. I've previously interned at Facebook and Microsoft Research. I TA'd at Carnegie Mellon University for Browser Security (18-636) and Web Application Security and Performance (18-635).

I recieved my PhD from Carnegie Mellon University under the supervision of Collin Jackson. My research interests are in the security of web applications and browsers.

Education

PhD, Electrical and Computer Engineering, Carnegie Mellon University, 2014

MEng, Electrical and Computer Engineering, Cornell University, 2009

BS, MS, Computer Science, National Chiao Tung University, 2007

Publications

Analyzing Forged SSL Certificates in the Wild

Lin-Shung Huang, Alex Rice, Erling Ellingsen and Collin Jackson

IEEE Symposium on Security and Privacy (IEEE S&P) 2014

*Proposed method is deployed at Facebook.

All Your Screens Are Belong to Us: Attacks Exploiting the HTML5 Screen Sharing API

Yuan Tian, Ying-Chuan Liu, Amar Bhosale, Lin-Shung Huang, Patrick Tague and Collin Jackson

IEEE Symposium on Security and Privacy (IEEE S&P) 2014

An Experimental Study of TLS Forward Secrecy Deployments

Lin-Shung Huang, Shrikant Adhikarla, Dan Boneh and Collin Jackson

Web 2.0 Security and Privacy (W2SP) 2014

IEEE Internet Computing (Volume: 18, Issue: 6)

Darwin: A Ground Truth Agnostic CAPTCHA Generator Using Evolutionary Algorithm (Poster)

Eric Y. Chen, Lin-Shung Huang, Ole J. Mengshoel and Jason D. Lohn

Genetic and Evolutionary Computation Conference (GECCO) 2014

Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure

Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson and Virgil Gligor

International World Wide Web Conference (WWW) 2013

Clickjacking: Attacks and Defenses

Lin-Shung Huang, Alexander Moshchuk, Helen J. Wang, Stuart Schechter and Collin Jackson

USENIX Security Symposium 2012

*Proposed defense is part of the User Interface Security W3C working draft.

Towards Short-Lived Certificates

Emin Topalovic, Brennan Saeta, Lin-Shung Huang, Collin Jackson and Dan Boneh

Web 2.0 Security and Privacy (W2SP) 2012

The Case for Prefetching and Prevalidating TLS Server Certificates

Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson and Dan Boneh

Network and Distributed System Security Symposium (NDSS) 2012

Clickjacking Attacks Unresolved

Lin-Shung Huang and Collin Jackson

Technical Report 2011

Talking to Yourself for Fun and Profit

Lin-Shung Huang, Eric Y. Chen, Adam Barth, Eric Rescorla and Collin Jackson

Web 2.0 Security and Privacy (W2SP) 2011

*Proposed defense is standardized in RFC 6455 and adopted across major browsers.

Protecting Browsers from Cross-Origin CSS Attacks

Lin-Shung Huang, Zack Weinberg, Chris Evans and Collin Jackson

ACM Conference on Computer and Communications Security (CCS) 2010

*Proposed defense is adopted by IE, Firefox, Chrome, Safari, Opera, and standardized in HTML5.

TouchAble: A Camera-Based Multitouch System (Demo)

Lin-Shung Huang, Feng-Tso Sun and Pei Zhang

ACM Conference on Embedded Networked Sensor Systems (SenSys) 2010

A Rate-Distortion Optimization Model for SVC Inter-Layer Encoding and Bitstream Extraction

Wen-Hsiao Peng, John K. Zao, Hsueh-Ting Huang, Tse-Wei Wang and Lin-Shung Huang

Journal of Visual Communication and Image Representation 2008

Rate-Distortion Optimized SVC Bitstream Extraction for Heterogeneous Devices: A Preliminary Investigation

Wen-Hsiao Peng, Lin-Shung Huang, John K. Zao, Jiun-Shien Lu, Tse-Wei Wang, Hsueh-Ting Huang and Lun-Chia Kuo

IEEE International Symposium on Multimedia Workshops 2007

Trickle: Resilient Real-Time Video Multicasting for Dynamic Peers with Limited or Asymmetric Network Connectivity

Yu-Hsuang Guo, John K. Zao, Wen-Hsiao Peng, Lin-Shung Huang, Fang-Po Kuo and Che-Min Lin

IEEE International Symposium on Multimedia 2006