Qi Alfred Chen

Assistant Professor of Computer Science at UCI Donald Bren School of Information and Computer Sciences

Researcher Spotlight: Qi Alfred Chen

What brought you to UCI?
I joined UCI right after my Ph.D. at University of Michigan, Ann Arbor. UCI students are the biggest reason for me to choose UCI over my other offers: during my job interview at UCI,  I found that UCI students are the most energetic among all my interviews, including the ones in top 10 CS universities. In my talk, almost all students in the room were proactively participating and asking good questions, which is exactly the atmosphere I am looking for as a faculty.

Besides good students, UCI also has an impressive number of excellent faculties in research areas related to mine, for example security, software engineering, and embedded systems, which creates enormous collaboration opportunities. In addition, Irvine is a wonderful place to live with good weather and location. I am extremely fortunate to have the opportunity to work in a school with both strong academics and a wonderful life.

What is your major focus area as a researcher, and why?
My research area is computer and network security. Most recently, as computer technology is increasingly adopted in our physical living environments such as homes and cars, my research starts to focus more on security problems in emerging IoT/CPS systems such as smart home systems, smart transportation systems, and autonomous vehicle systems.

I enjoy security research since it is like playing games and one can play both attacker and defender roles. At the same time, security is also extremely important since security problems in today’s computer systems can lead to severe economical, societal, and even safety damages — imagining that in the near future you are a passenger riding a self-driving taxi on the highway and a remote attacker suddenly manages to take full control of it.

In one sentence, what is the most important question you want to address?
While today’s defense mechanisms are mostly ad hoc and reactive, how to develop more systematic and more principled defense approaches that can proactively discover and address security challenges in existing and future computer technology?

What has been (or will be) the impact of your research?
My research has high impact in both academic and industry with over 10 top-tier conference papers (covering all top-tier security conferences), a US DHS (Department of Homeland Security) US-CERT alert, 2 CVEs (Common Vulnerabilities and Exposures), 7 Android bug tracking records, email acknowledgements from security teams in Apply, Microsoft, and Comcast, and over 50 news articles by major news media such as Fortune, BBC News, Ars Technica, CNET News, and Wired.

What is innovative about your research?
From the research topic perspective, I am the first to study security problem in many emerging computer technologies such as smart traffic light control, autonomous driving, and new gTLDs. From the research style perspective, my research aims at proactively addressing security challenges through systematic problem analysis and design, leveraging techniques such as static/dynamic program analysis, software testing, and data-driven approaches. My research has developed such approaches to systematically discover, analyze, detect, and fix vulnerabilities in a wide range of important computer systems and components such as smartphone OSes, network protocols, DNS, GUI systems, access control systems, and very recently smart traffic signal control systems.

What papers do you have coming through in the next year?
Two of my papers will appear in Mobisys’19 on IoT malware and smartphone malware. At the same time, I expect to submit papers on in-vehicle software security, autonomous vehicle perception security, and autonomous vehicle localization security to Usenix Security’19 and CCS’19.