Paul Chung

Ph.D. Student
University of California, San Diego

I am a strong enthusiast for security and privacy, working with Professors Stefan Savage and Geoffrey Voelker in the Sysnet and CryptoSec research groups. As an empiricist, my work primarily focuses on solving real-world problems that users face. Specifically, I am interested in measuring security and privacy issues and building systematic solutions. More recently, I've been into the intricacies of Security Operations, Enterprise Security, Cybercrime, Technology Abuse, and Emerging Technologies.

Before joining UC San Diego, I was a Goldwater, Mark Mensink, and a Hilldale Scholar at the University of Wisconsin-Madison under Professors Rahul Chatterjee and Kassem Fawaz in the MadS&P research group. There, I worked on developing systematic solutions for Password Guessing Attacks, Privacy Label Inconsistencies, Network Censorship, and Technology Abuse.

If you would like to know more about me or my work, feel free to contact me via paulc [at]


  1. Automation Tools on Intimate Partner Violence
    Shirley Zhang, Jacob VerVelde, Paul Chung, Rahul Chatterjee, and Kassem Fawaz
    Under Submission, 2025

  2. 2024
  3. State-of-the-Art Tactics Used by Network Censorship Systems
    Paul Chung and Rahul Chatterjee
    Under Submission, 2024
  4. Academia and Industry Insights on Adversarial Machine Learning
    Vishruti Kakkad, Paul Chung, Hanan Hibshi, and Maverick Woo
    Under Submission, 2024
  5. Unpacking Privacy Labels: A Measurement and Developer Perspective on Google's Data Safety Section
    Rishabh Khandelwal, Asmit Nayak, Paul Chung, and Kassem Fawaz
    USENIX Security Symposium, 2024 [pdf]

  6. 2023
  7. Araña: Discovering and Characterizing Password Guessing Attacks in Practice
    Marina Sanusi Bohuk, Mazharul Islam, Paul Chung, Thomas Ristenpart, and Rahul Chatterjee
    USENIX Security Symposium, 2023 [pdf]
  8. Comparing Privacy Labels of Applications in Android and iOS
    Rishabh Khandelwal, Asmit Nayak, Paul Chung, and Kassem Fawaz
    Workshop on Privacy in the Electronic Society (WPES), 2023 [pdf]
  9. Consistency of Self-reported Practices in Privacy Labels and Privacy Policies
    Rishabh Khandelwal, Paul Chung, Asmit Nayak, and Kassem Fawaz
    arXiv Preprint, 2023 [pdf]

  10. 2019
  11. Exploitation of Bluekeep RDP Vulnerability on Embedded Systems and Possible Mitigations
    Yi Won Chung and Tae Gyeom Heo
    Conference on Information Security and Cryptography-Winter (CISC-W'), 2019 [pdf]