Home Research Publications Talks Personal FAQ Bio
Research Overview
My research lies at the intersection of human-computer interaction, privacy and security, and systems, focusing primarily on three questions:
  • How can we use rich sensor data to improve our lives?
  • How can we make privacy and security easy for smart environments?
  • How can we use crowdsourcing to improve privacy and security?

My research group is called CHIMPS (Computer Human Interaction: Mobility Privacy Security), and we have been generously funded by the National Science Foundation, DARPA, IBM, the Army Research Office, Microsoft, Nokia Research, Intel, Google, Portugal Telecom, Pitney Bowes, CMU Cylab, NQ Mobile, Samsung, Yahoo!, the Alfred P. Sloan Foundation, and the HCII Foundation. Our work has been featured in the New York Times, CNN, BBC, CBS News, MIT Tech Review, the World Economic Forum, and more.

I help run the Pervasive Computing subreddit. I sometimes write for BLOG@CACM and Wombat Security Technologies' blog. I'm also a co-founder of Wombat Security Technologies.

What's New?
Nov 18, 2015
I wrote up an article entitled Safe passwords shouldn’t require people to have a PhD in computer science in Quartz magazine.

Oct 16, 2015
Our team has been selected to be part of the DARPA Brandeis project to advance the state of the art for privacy.

Oct 15, 2015
Wombat Security has acquired ThreatSim, a provider of simulated phishing attacks. Read more here.

Sep 11, 2015
Our group presented two papers at Ubicomp 2015. The first is Knock x Knock: The Design and Evaluation of a Unified Authentication Management System. The second is Using Text Mining to Infer the Purpose of Permission Use in Mobile App.

Sep 9, 2015
Presented some of our team's work on using smartphones for healthcare at the World Economic Forum at Dalian.

Aug 13, 2015
Our CCS 2014 paper entitled Increasing Security Sensitivity with Social Proof: A Large-Scale Experimental Confirmation won Honorable Mention at NSA's Best Scientific Cybersecurity Paper Competition.

Aug 12, 2015
My article about the human element of cybersecurity was published on Slate.

Jul 09, 2015
Gave a talk at the FTC about PrivacyGrade and Social Cybersecurity. Here are the slides.

Jul 09, 2015
Special thanks to Google for funding several of us at CMU to help build out the Internet of Things. Read a Pittsburgh Post-Gazette article about it.

Jul 02, 2015
I wrote a short essay about my work on the Internet of Things, Privacy, and advice for high school students about their future.

Jun 30, 2015
Gave a talk at HCIC 2015 on Social Cybersecurity, but the talk was really about the relationship of Theory with Technical HCI. Here is the workshop paper and here are the slides.

Jun 17, 2015
I'm honored to now be a New America National Cybersecurity Fellow.

Apr 5, 2015
My whitepaper for the NITRD National Research Strategy on Privacy, entitled Research Issues for Privacy in a Ubiquitously Connected World, is now available.

Feb 17, 2015
I was interviewed by the BBC program The Naked Scientist about smartphones and privacy.

Dec 26, 2014
PrivacyGrade.org, which presents our analysis of the privacy of 1 million Android smartphone apps, has been public for about a month. So far, our work has appeared on CNN, US News and World Report, New York Times, CNBC, IEEE Spectrum, Forbes, and more.

Dec 1, 2014
I'm very fortunate to have received the HCII Career Development fellowship. Special thanks to all of my colleagues and the students at CMU.

Oct 30, 2014
I briefed some Congressional staffers about our work on analyzing the privacy of smartphone apps.

Sep 17, 2014
My brother and I have created the Frances and Chou-Chu Hong graduate fellowship at the Veterinary and Animal Sciences Department at the University of Massachusetts, in honor of our parents.

July 10, 2014
Wombat Security Technologies has closed Series B Funding of $6.7M with Level Equity. Read more here.

Jun 16, 2014
I gave the keynote talk at the Mobile Cloud Computing and Services Workshop, at Mobisys 2014. The talk was entitled Privacy, Ethics, and Big (Smartphone) Data.

Mar 10, 2014
I gave a one hour crash course in UX and UI design. See the slides here.

Feb 26, 2014
Our group's work on predictive analytics was listed by the World Economic Forum as one of the top ten emerging technologies of 2014. See the article here.

Oct 25, 2013
Gave a talk at PopTech 2013 on sensing and privacy. See slides and video here.

Dec 26, 2012
Our work on smartphone app privacy was featured on the CBS Morning Show.

Apr 9, 2012
Livehoods.org is now public. Our vision is to re-imagine how cities work in the age of social media. Specifically, we've analyzed and clustered 18m foursquare checkins to understand how people use a city. We currently have maps for New York City and Pittsburgh. Livehoods has been featured in The Atlantic Cities, Wired Insider, MIT Technology Review, Fast Company Co.Design, New York Post, Wall Street Journal, and Haaretz.

Current Research
Phenom: Enabling an Ecosystem of Personal Behavioral Data
How can we make better use of all of the wealth of personal behavioral data (smartphones, web usage, social networking) to develop a better computational model of people, places, activities, and things?

Giotto: An Open Infrastructure for the Internet of Things
The goal of this project is to build out an open infrastructure for the Internet of Things, in a manner that is adaptive, privacy-sensitive, and easy for developers.

UniAuth: Streamlining Authentication for Ubiquitous Computing
What kinds of protocols, APIs, and user interfaces are needed for our smartphones to manage all of our authentication needs, both for the web and Internet of Things?

PrivacyGrade: Analyzing Smartphone App Privacy
How can we analyze the privacy of millions of smartphone apps in a manner that is scalable and understandable to everyday users?

Social Cybersecurity
How do people talk about cybersecurity? How can we apply techniques from social psychology to improve people's awareness, knowledge, and motivation to be secure?

The CHIMPS Research Team
Our research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We have an amazingly talented group of PhD students and post-docs:
  • Eiji Hayashi, working on Internet of Things
  • Sauvik Das, working on social dimensions of cybersecurity
  • Dan Tasse, working on analytics and urban computing
  • Fanglin Chen
  • Alex Sciuto, with Jodi Forlizzi
Some alums of the CHIMPS group:
  • Karen Tang
  • Janne Lindqvist, now an asst prof at Rutgers
  • Polo Chau (with Christos Faloutsos and Niki Kittur), now an asst prof at Georgia Tech
  • Guang Xiang (with Carolyn Rose), now at Twitter
  • Jialiu Lin (with Norman Sadeh), now a privacy engineer at Google
  • Shah Amini, now at Google (previously Appthority)
  • Jun Ki Min, now at Motorola
  • Mike Villena, now at Appthority
  • Afsaneh Doryab, now a System Scientist at CMU
  • Song Luan, now at Uber
  • Jason Wiese (with John Zimmerman), now at FXPAL
Some of My Writings and Other Stuff I Helped Create
Running Program Committees My Cybersecurity Advice (for general audiences) Design Patterns for Ubiquitous Computing Rapid Prototyping and Evaluation Tools Instructor Guides and Overviews Advice for PhD students and Grad School Applicants Odds and Ends The Design of Sites
I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the design of customer-centered web sites. Check out the web site for our book The Design of Sites. Our book has been translated into Polish, Chinese, Korean (and possibly other languages as well).
Current Service Some Past Service