Eric Zeng

About Me

I am a PhD candidate in the Paul G. Allen School of Computer Science & Engineering at the University of Washington, where I am fortunate to be advised by Professor Franzi Roesner. My research interests are broadly in computer security and privacy, with a focus on usable security and privacy and web measurement.

My current research addresses security, privacy, and UX issues in online advertising, such as deceptive and misleading advertising commonly found on news and media websites. My recent work in this space measures the prevalence of problematic online ads and how users perceive such ads.

My previous work in usable security and privacy focuses on identifying users' security and privacy needs and concerns in emerging technologies, such as smart homes and encrypted email.

I have also collaborated various projects with researchers in industry. I am currently a research intern in the Cryptography and Privacy Research Group at Microsoft Research, where I am working with Kim Laine and Esha Ghosh on new authentication schemes. In the past, I have interned with Google Chrome Security, where I worked with Emily Stark on improving HTTPS adoption on the web.

When I'm not working, I love spending my time outside, running, hiking, cycling, and skiing! I also play keyboard in a band.

News

  • 2021-09-30 - We published a new paper measuring political ads during the 2020 U.S. elections at IMC 2021 - read here!
  • 2021-01-20 - Our paper on user perceptions of "bad" ads was accepted to CHI 2021, read the preprint here
  • 2020-08-10 - Attending/volunteering at USENIX and SOUPS - let's chat!
  • 2020-05-11 - I submitted my thesis proposal and passed my generals exam!
  • 2020-02-20 - Our paper on clickbait ads was accepted at ConPro 2020

Press

Research

Polls, Clickbait, and Commemorative $2 Bills: Problematic Political Advertising on News and Media Websites Around the 2020 U.S. Elections

Eric Zeng, Miranda Wei, Theo Gregersen, Tadayoshi Kohno, Franziska Roesner
ACM Internet Measurement Conference 2021

What Makes a "Bad" Ad? User Perceptions of Problematic Online Advertising

Eric Zeng, Tadayoshi Kohno, Franziska Roesner
ACM CHI Conference on Human Factors in Computing Systems (2021)
[ Dataset ] [ Data Explorer ]

Bad News: Clickbait and Deceptive Ads on News and Misinformation Websites

Eric Zeng, Tadayoshi Kohno, Franziska Roesner
Workshop on Technology and Consumer Protection (2020)
[ Slides ] [ Dataset ]

Fixing HTTPS Misconfigurations: An Experiment with Security Notifications

Eric Zeng, Frank Li, Emily Stark, Adrienne Porter Felt, Parisa Tabriz
Workshop on the Economics of Information Security (2019)
[ Slides ]

Technology-Enabled Disinformation: Summary, Lessons, and Recommendations

John Akers, Gagan Bansal, Gabriel Cadamuro, Christine Chen, Quanze Chen, Lucy Lin, Phoebe Mulcaire, Rajalakshmi Nandakumar, Matthew Rockett, Lucy Simko, John Toman, Tongshuang Wu, Eric Zeng, Bill Zorn, Franziska Roesner
University of Washington Technical Report UW-CSE-18-12-02 and arXiv:1812.09383 (2018).

End User Security and Privacy Concerns with Smart Homes

Eric Zeng, Shrirang Mare, Franziska Roesner
13th Symposium on Usable Privacy and Security (2017)
[ Slides ]

Confidante: Usable Encrypted Email - A Case Study with Lawyers and Journalists

Ada Lerner*, Eric Zeng*, Franziska Roesner
2nd IEEE European Symposium on Security & Privacy (2017)
[ Website ] [ Slides ]

*Co-first authors listed in alphabetical order

Industry Experience

Google - Chrome Usable Security

Software Engineering Intern
Jun 2017 - Sep 2017

During my internship on the Chrome Usable Security team, I conducted research with Emily Stark on reducing internet-wide HTTPS misconfiguration rates, using Google infrastructure to scan for misconfigurations and send email notifications to website owners.

Twitter - Ads Billing

Software Engineering Intern
Jun 2015 - Sep 2015

I helped our team migrate features from a Ruby monolith to a Scala-based microservice.

Google - Chrome Extensions

Software Engineering Intern
Jun 2014 - Sep 2014

I implemented an API that allows Chrome extensions to embed their options pages inside of Chrome's settings page using an iframe-like system for process isolation.

Google - YouTube Content Protection

Engineering Practicum Intern
Jun 2013 - Sep 2013

I conducted penetration testing on Chrome’s DRM module for video decryption.