Hi there.

I'm Wilson Lian.

I'm a security researcher, climber, tinkerer, and recent PhD graduate from UC San Diego in the Security & Crypto and Systems & Networking groups.

I'm advised by Hovav Shacham and Stefan Savage.

My research interests lie broadly in security and privacy, but lately I've been into JIT spraying attacks and hardening Just-In-Time compilers.

Prior to coming to UCSD, I earned my B.S. in Computer Science at the University of North Carolina at Chapel Hill in 2009. In 2013 and 2014, I earned my M.S. and C.Phil. at UCSD.


Too LeJIT to Quit:
Extending JIT Spraying to ARM

We show for the first time that the JIT spraying attack is feasible against the ARM architecture found in most handheld devices, describe our proof-of-concept attack, and offer tips for hardening.

Measuring the Practical Impact of DNSSEC Deployment

In a large-scale ad-based study, we show that enabling DNSSEC for a domain will prevent one client (typically in Asia) from accessing the domain for every ten clients protected from tampering.

Traffic Classification Using Visual Motifs: An Empirical Evaluation

We measure how well pretty pictures can be used to visually distinguish the traffic patterns of various application protocols on the wire.
It's super effective!

More on JIT Spraying...

Wilson Lian, Hovav Shacham, Stefan Savage. Too LeJIT to Quit:Extending JIT Spraying to ARM. In Proceedings of the Network and Distributed System Security (NDSS) Symposium, 2015. (16% acceptance) PDF BibTeX

More on DNSSEC Deploment...

Wilson Lian, Eric Rescorla, Hovav Shacham, Stefan Savage. Measuring the Practical Impact of DNSSEC Deployment. In Proceedings of the USENIX Security Symposium, Washington D.C., August 2013. (16% acceptance) PDF BibTeX

More on Traffic Classification...

Wilson Lian, Fabian Monrose, John McHugh. Traffic Classification Using Visual Motifs: An Empirical Evaluation In Proceedings of the Seventh International Symposium on Visualization for Cyber Security (VizSec). p. 70-78. September 2010. DOI BibTeX

I'm based out of San Diego, CA.

Shoot me an email at wlian [clutch] cs [stick] ucsd [pedal] edu