Eric Zeng

About Me

I am a PhD candidate in the Paul G. Allen School of Computer Science & Engineering at the University of Washington, where I am fortunate to be advised by Professor Franzi Roesner. My research interests are broadly in computer security and privacy, with a focus on usable security and privacy and web measurement.

My current research addresses security, privacy, and UX issues in online advertising, such as deceptive and misleading ads for online scams, content farms, and affiliate marketing. My recent work in this space investigated misleading political ads during the 2020 elections, such as ads disguised as polls and sensationalist political clickbait articles.

My previous work in usable security and privacy focuses on identifying users' security and privacy needs and concerns in emerging technologies, such as smart homes and encrypted email.

I have also collaborated various projects with researchers in industry. I recently interned with the Cryptography and Privacy Research Group at Microsoft Research, where I am worked with Kim Laine and Esha Ghosh on authentication and recovery for decentralized services. In the past, I interned on the Google Chrome Security team, where I worked with Emily Stark on improving HTTPS adoption.

When I'm not working, I love spending my time outside, running, hiking, cycling, and skiing! I also play keyboard in a band.


  • 2021-11-02 - Our political ads paper was a runner up for Best Paper at IMC 2021!
  • 2021-09-30 - We published a new paper measuring political ads during the 2020 U.S. elections at IMC 2021
  • 2021-01-20 - Our paper on user perceptions of "bad" ads was accepted to CHI 2021, read the preprint here
  • 2020-08-10 - Attending/volunteering at USENIX and SOUPS - let's chat!
  • 2020-05-11 - I submitted my thesis proposal and passed my generals exam!
  • 2020-02-20 - Our paper on clickbait ads was accepted at ConPro 2020


Polls, Clickbait, and Commemorative $2 Bills: Problematic Political Advertising on News and Media Websites Around the 2020 U.S. Elections

Eric Zeng, Miranda Wei, Theo Gregersen, Tadayoshi Kohno, Franziska Roesner
ACM Internet Measurement Conference 2021
Runner-Up for Best Paper Award
[ Project Page ]
[ UW News ]

What Makes a "Bad" Ad? User Perceptions of Problematic Online Advertising

Eric Zeng, Tadayoshi Kohno, Franziska Roesner
ACM CHI Conference on Human Factors in Computing Systems (2021)
[ CHI Talk ] [ Dataset ] [ Data Explorer ]

Bad News: Clickbait and Deceptive Ads on News and Misinformation Websites

Eric Zeng, Tadayoshi Kohno, Franziska Roesner
Workshop on Technology and Consumer Protection (2020)
[ Slides ] [ Dataset ]
[ Big Picture Science ] [ The Record ] [ UW News ]

Fixing HTTPS Misconfigurations: An Experiment with Security Notifications

Eric Zeng, Frank Li, Emily Stark, Adrienne Porter Felt, Parisa Tabriz
Workshop on the Economics of Information Security (2019)
[ Slides ]

Technology-Enabled Disinformation: Summary, Lessons, and Recommendations

John Akers, Gagan Bansal, Gabriel Cadamuro, Christine Chen, Quanze Chen, Lucy Lin, Phoebe Mulcaire, Rajalakshmi Nandakumar, Matthew Rockett, Lucy Simko, John Toman, Tongshuang Wu, Eric Zeng, Bill Zorn, Franziska Roesner
University of Washington Technical Report UW-CSE-18-12-02 and arXiv:1812.09383 (2018).

End User Security and Privacy Concerns with Smart Homes

Eric Zeng, Shrirang Mare, Franziska Roesner
13th Symposium on Usable Privacy and Security (2017)
[ Slides ]

Confidante: Usable Encrypted Email - A Case Study with Lawyers and Journalists

Ada Lerner*, Eric Zeng*, Franziska Roesner
2nd IEEE European Symposium on Security & Privacy (2017)
[ Website ] [ Slides ]

*Co-first authors listed in alphabetical order

Industry Experience

Microsoft Research - Privacy and Cryptography Group

Research Intern
Jun 2021 - Sep 2021

I worked with Kim Laine and Esha Ghosh on a usability evaluation of a "fuzzy" authentication and recovery system for the Decentralized Identity project.

Google - Chrome Usable Security

Software Engineering Intern
Jun 2017 - Sep 2017

During my internship on the Chrome Usable Security team, I conducted research with Emily Stark on reducing internet-wide HTTPS misconfiguration rates, using Google infrastructure to scan for misconfigurations and send email notifications to website owners.

Twitter - Ads Billing

Software Engineering Intern
Jun 2015 - Sep 2015

I helped our team migrate features from a Ruby monolith to a Scala-based microservice.

Google - Chrome Extensions

Software Engineering Intern
Jun 2014 - Sep 2014

I implemented an API that allows Chrome extensions to embed their options pages inside of Chrome's settings page using an iframe-like system for process isolation.

Google - YouTube Content Protection

Engineering Practicum Intern
Jun 2013 - Sep 2013

I conducted penetration testing on Chrome’s DRM module for video decryption.