Drew Davidson

Associate Professor, University of Kansas EECS

Contact About News Publications CV



  • Email: drewdavidson@ku
  • Twitter: @drewdavidsonku


I am a computer scientist broadly focused on security and privacy. I'm currently working on software supply chain security, blockchain technology and security for autonomous systems.


February 2021
An Analysis of First-Party Cookie Exfiltration due to CNAME Redirections, a collaboration between Tongwei Ren & Lorenzo De Carli (WPI) and Alex Wittman & and me (KU) got a runner-up best paper award at MADWeb 2021! Honored by the program committee's decision and grateful for the award (MADWeb 2021 Program).
January 2021
Pleased to announce that our team has advanced to the USDOT Inclusive Design Challenge semifinals. I'm working on the mobile interface and security architecture to help passengers with mild cognitive impairments use cutting-edge autonomous vehicles (DOT Bio).
January 2021
My lab is assisting the KU team on the NSF CIVIC Award, which was recently funded for a Phase I award to help Kansas City leaders figure out how to connect underserved teens to out-of-school activities and opportunities (KU Press).


  • Drew Davidson, Vaibhav Rastogi, and Somesh Jha. Enhancing Android Security through App Splitting. In EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2017.
  • Vaibhav Rastogi and Drew Davidson and Lorenzo De Carli and Somesh Jha and Patrick McDaniel. Cimplifier: Automatically Debloating Containers. In Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), 2017.
  • Drew Davidson, Yaohui Chen, Franklin George, Long Lu, and Somesh Jha. Secure Integration of Web Content and Applications on Commodity Operating Systems. In ACM Asia Conference on Computer and Communications Security (ASIACCS), 2017.
  • Drew Davidson, Hao Wu, Robert Jellinek, Thomas Ristenpart, and Vikas Singh. Controlling UAVs with Sensor Input Spoofing Attacks. In USENIX Workshop on Offensive Technologies (WOOT), 2016.
  • Drew Davidson, Matt Fredrikson, and Ben Livshits. MoRePriv: Mobile OS Support for Application Personalization and Privacy. In Annual Computer Security Applications Conference (ACSAC), 2014.
  • Drew Davidson, Benjamin Moench, Thomas Ristenpart, and Somesh Jha. FiE on Firmware. In USENIX Security Symposium, 2013.
  • Matt Fredrikson, Drew Davidson, Ben Livshits, and Somesh Jha. Towards Enforceable Data-Driven Privacy Policies. In Workshop on Web 2.0 Security and Privacy (W2SP), 2011.
  • Roberto Paleari, Lorenzo Martignoni, Emanuele Passerini, Drew Davidson, Matt Fredrikson, Jon Giffin, and Somesh Jha. Automatic Generation of Remediation Procedures for Malware Infections. In USENIX Security Symposium, 2010.
  • Drew Davidson, Randy Smith, Nic Doyle, and Somesh Jha. Protocol Normalization Using Attribute Grammars. In European Symposium on Research in Computer Security (ESORICS), 2009.