
Eric Zeng
Postdoctoral Researcher
CyLab Security & Privacy Institute
Carnegie Mellon University
Contact
About Me
I am a Postdoctoral Researcher in CyLab Institute at Carnegie Mellon University, where I am currently advised by Professor Lujo Bauer. My research interests are broadly in computer security and privacy, with a focus on usable security and privacy and web measurement.
I recently graduated with a PhD in Computer Science & Engineering from the University of Washington, where I was fortunate to be advised by Professor Franzi Roesner, and worked in the Security and Privacy Lab.
My research addresses security, privacy, and UX issues in online advertising, such as deceptive and misleading ads for online scams, content farms, and affiliate marketing. My recent work in this space investigated misleading political ads during the 2020 elections, such as ads disguised as polls and sensationalist political clickbait articles. My other work in usable security and privacy is broadly about identifying users' security and privacy needs and concerns in emerging technologies, such as smart homes and encrypted email.
I have also collaborated various projects with researchers in industry. I recently interned with the Cryptography and Privacy Research Group at Microsoft Research, where I am worked with Kim Laine and Esha Ghosh on authentication and recovery for decentralized services. In the past, I interned on the Google Chrome Security team, where I worked with Emily Stark on improving HTTPS adoption.
When I'm not working, I love spending my time outside, running, hiking, cycling, and skiing! I also play keyboard in a band.
News
2022-09-27 | Our newest paper, a field study of the factors that affect ad targeting and bid values, was accepted to IMC 2022! I will be presenting our paper at IMC in Nice, and later at FTC PrivacyCon. | 2022-06-13 | I have finally graduated with my PhD! I have already started my new position as a postdoc at CMU's CyLab, where I'll be working with Prof. Lujo Bauer. |
2022-05-16 | Our new paper on Anti-Privacy and Anti-Security Advice on TikTok was just accepted to SOUPS! I will be at both SOUPS and USENIX this year. |
2022-05-12 | I successfully defended my dissertation! I will be graduating mid-June 2022. |
2021-11-02 | Our political ads paper was a runner up for Best Paper at IMC 2021! |
2021-09-30 | We published a new paper measuring political ads during the 2020 U.S. elections at IMC 2021 |
2021-01-20 | Our paper on user perceptions of "bad" ads was accepted to CHI 2021, read the preprint here |
2020-08-10 | Attending/volunteering at USENIX and SOUPS - let's chat! |
2020-05-11 | I submitted my thesis proposal and passed my generals exam! |
2020-02-20 | Our paper on clickbait ads was accepted at ConPro 2020 |
Publications
What Factors Affect Targeting and Bids in Online Advertising? A Field Measurement Study
Eric Zeng, Rachel McAmis, Tadayoshi Kohno, Franziska Roesner
ACM Internet Measurement Conference 2022
https://doi.org/10.1145/3517745.3561460
Anti-Privacy and Anti-Security Advice on TikTok: Case Studies of Technology-Enabled Surveillance and Control in Intimate Partner and Parent-Child Relationships
Miranda Wei, Eric Zeng, Tadayoshi Kohno, Franziska Roesner
Symposium On Usable Privacy and Security (2022)
[ Slides ]
Polls, Clickbait, and Commemorative $2 Bills: Problematic Political Advertising on News and Media Websites Around the 2020 U.S. Elections
Eric Zeng, Miranda Wei, Theo Gregersen, Tadayoshi Kohno, Franziska Roesner
ACM Internet Measurement Conference 2021
https://doi.org/10.1145/3487552.3487850
Runner-Up for Best Paper Award
[ Project Page ] [ IMC Talk ]
[ UW News ]
What Makes a "Bad" Ad? User Perceptions of Problematic Online Advertising
Eric Zeng, Tadayoshi Kohno, Franziska Roesner
ACM CHI Conference on Human Factors in Computing Systems (2021)
https://doi.org/10.1145/3411764.3445459
[ CHI Talk ]
[ Dataset ]
[ Data Explorer ]
[ Interview on Data Skeptic Podcast ]
Bad News: Clickbait and Deceptive Ads on News and Misinformation Websites
Eric Zeng, Tadayoshi Kohno, Franziska Roesner
Workshop on Technology and Consumer Protection (2020)
[ Slides ]
[ Dataset ]
[ Big Picture Science ]
[ The Record ]
[ UW News ]
Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study
Eric Zeng, Franziska Roesner
USENIX Security Symposium (2019)
[ GitHub ]
[ Slides ]
[ Presentation ]
Fixing HTTPS Misconfigurations: An Experiment with Security Notifications
Eric Zeng, Frank Li, Emily Stark, Adriana Porter Felt, Parisa Tabriz
Workshop on the Economics of Information Security (2019)
[ Slides ]
End User Security and Privacy Concerns with Smart Homes
Eric Zeng, Shrirang Mare, Franziska Roesner
Symposium on Usable Privacy and Security (2017)
[ Slides ]
Confidante: Usable Encrypted Email - A Case Study with Lawyers and Journalists
Ada Lerner*, Eric Zeng*, Franziska Roesner
IEEE European Symposium on Security & Privacy (2017)
[ Website ] [ Slides ]
Theses, Tech Reports, and Other Writing
Characterizing and Measuring "Bad" Ads on the Web
Eric Zeng
Doctoral Dissertation (June 2022)
Why "bad" ads appear on "good" websites – a computer scientist explains
Eric Zeng
The Conversation (April 2022)
Technology-Enabled Disinformation: Summary, Lessons, and Recommendations
John Akers, Gagan Bansal, Gabriel Cadamuro, Christine Chen, Quanze Chen, Lucy Lin, Phoebe Mulcaire, Rajalakshmi Nandakumar, Matthew Rockett, Lucy Simko, John Toman, Tongshuang Wu, Eric Zeng, Bill Zorn, Franziska Roesner
University of Washington Technical Report UW-CSE-18-12-02 and arXiv:1812.09383 (2018).
Press
2022-07-25 |
User Perceptions of Problematic Ads
Data Skeptic |
2021-11-08 |
Political ads during the 2020 presidential election cycle collected personal information and spread misleading information
UW News |
2020-10-26 |
Skeptic Check: Stay Skeptical - Deceptive Ads
SETI - Big Picture Science |
2020-10-26 |
Misleading ads, masquerading as news you can trust
KUOW - The Record with Bill Radke |
2020-09-28 |
Q&A: UW researchers clicked ads on 200 news sites to track misinformation
UW News |
Industry Experience
Microsoft Research - Privacy and Cryptography Group
Research Intern
Jun 2021 - Sep 2021
Google - Chrome Usable Security
Software Engineering Intern
Jun 2017 - Sep 2017
During my internship on the Chrome Usable Security team, I conducted research with Emily Stark on reducing internet-wide HTTPS misconfiguration rates, using Google infrastructure to scan for misconfigurations and send email notifications to website owners.
Twitter - Ads Billing
Software Engineering Intern
Jun 2015 - Sep 2015
I helped our team migrate features from a Ruby monolith to a Scala-based microservice.
Google - Chrome Extensions
Software Engineering Intern
Jun 2014 - Sep 2014
I implemented an API that allows Chrome extensions to embed their options pages inside of Chrome's settings page using an iframe-like system for process isolation.
Google - YouTube Content Protection
Engineering Practicum Intern
Jun 2013 - Sep 2013
I conducted penetration testing on Chrome’s DRM module for video decryption.