Xueqiang (Brandon) Wang is an Assistant Professor of Computer Science at UCF, where he is also a member of the Cyber Security and Privacy Cluster (CyberSP). Dr. Wang obtained his Ph.D. in 2021 from Indiana University Bloomington and worked in security and privacy teams at Symantec Research Labs, NIO USA, and Amazon Lab126. Prior to that, he earned a Master’s degree from IIE CAS receiving a Dean’s Award in 2015 and a Bachelor’s degree from USTC in 2012.

Dr. Wang leads the Security and PRIvacy for smarT systems (SPIRIT) lab at UCF. His recent research focuses on the privacy compliance and security of software systems and devices, ranging from existing mobile and IoT applications to emerging AI-enabled software and devices. His earlier studies concentrated on technically analyzing privacy and security issues, but more recently, driven by the goal of empowering both developers and users, he has focused on developing developer-centered solutions to mitigate these issues, understanding their impact on end users, and educating users to prevent further harm. Besides, he remains interested in understanding various cybercrime activities.

• Privacy Analysis and Mitigations: [USENIX Security'24], [USENIX Security'23-A], [USENIX Security'23-B], [USENIX Security'23-C], [USENIX Security'21]
• User/Developer Aspects of Security and Privacy: [USENIX Security'25], [CHI'25]
• Security Analysis and Mitigations: [USENIX Security'23-B], [DSN'23], [USENIX Security'19], [CCS'20], [SP'19], [SP'16], [NDSS'18], [NDSS'18], [CCS'17], [NDSS'17], [NDSS'15], [ICISC'14]
• Data-Driven Cybercrime Analysis: [EuroS&P'24], [USENIX Security'21], [TDSC'19], [USENIX Security'19]

News

• (08/2025) Jingzhou presented our paper on software privacy compliance at USENIX Security 2025 in Seattle.
• (06/2025) We received an SaTC EDU award from NSF for experiential learning of dark patterns in cybersecurity and privacy.
• (06/2025) I am invited to serve as a PC member of USENIX Security 2026.
• (05/2025) 21 students completed our summer training for secure, resilient cyber-physical energy systems.
• (04/2025) I will serve as a PC member of NDSS 2026.
• (03/2025) Thanks to the LIFE Gerontology Research Grant for supporting our research participants.
• (03/2025) Our paper won the Best Paper Award at CHI 2025. Congrats to Jingzhou and the collaborators!
• (03/2025) Together with Dr. Yao Li, we gave a talk about dark patterns threatening security and privacy to the Learning Institute for Elders (LIFE) at UCF.
• (02/2025) Thanks to UCF Seed Funding for supporting our research on educating older adults about cyber threats!
• (01/2025) One paper is accepted to CHI 2025. Congrats to Jingzhou and collaborators!
• (10/2024) I will serve as a PC member of ACM CCS 2025.
• (09/2024) One paper on software privacy compliance is accepted to USENIX Security 2025.
• (08/2024) I will serve as a PC member of AsiaCCS 2025.
• (08/2024) I will serve as a PC member of USENIX Security 2025.
• (05/2024) Together with colleagues at FAU, USF, and FIU, we provided a 9-day summer training for secure, resilient cyber-physical energy systems.
• (05/2024) One paper on the privacy compliance risks of the software supply chain is accepted to USENIX Security 2024. Congrats to Yifan and Zhaojie.
• (03/2024) One paper on a new authentication method for voice-enabled IoT devices is accepted to IoT-J. Congrats to Sungbin (Bill).
• (02/2024) One paper on the analysis of fake evidence (or misinformation) supply chains is accepted to EuroS&P 2024. Congrats to Zhaojie and Jingzhou.
• (12/2023) I will serve as a PC member of the software security track at ACM CCS 2024.
• (10/2023) I will serve as the co-registration chair for ACM CCS 2024.
• (09/2023) NSF awarded our collaborative grant led by FAU through the CyberTraining program.
• (08/2023) I will serve as a PC member of EuroS&P 2024.
• (08/2023) Welcome Jingzhou and Zhaojie to the team!
• (07/2023) I will introduce cybersecurity and privacy to 8th-11th graders at UCF Camp Connect I.
• (04/2023) Our paper on mobile dark user interface patterns is accepted to DSN 2023.
• (03/2023) Our paper on software supply chain security is accepted to USENIX Security 2023.
• (09/2022) Our paper on a large-scale analysis of IoT data exposure is accepted to USENIX Security 2023.
• (07/2022) Our paper on the security of exposed cloud services is accepted to USENIX Security 2023.
• (07/2022) I will serve as a PC member of ACNS 2023 (Applied Cryptography and Network Security 2023).
• (03/2022) I will join UCF as a tenure-track assistant professor in fall 2022.
• (09/2021) I will serve as a reviewer of IEEE Security & Privacy.
• (01/2021) I will serve as a reviewer of ACM Transactions on Privacy and Security.
• (12/2020) Our paper about malicious cross-library data harvesting (XLDH) attack is accepted by USENIX Security'21.
• (06/2020) Our paper about the app-in-app paradigm was accepted by CCS'20
• (04/2020) I have joined Amazon Lab126.