Originally, the Internet was a collaborative effort among researchers, but has since evolved into a marketplace comprising millions of commercial entities and billions of users who often have conflicting goals. My work builds off of the belief that we can secure the Internet by understanding and accounting for these competing interests.
I empirically measure security on the Internet to understand how security breaks down, and I apply economics and cryptography to design and build new systems with provable and usable security. I study the web's PKI, censorship avoidance, DNS root servers, and more. I have been fortunate to work with many wonderful collaborators. See my CV for more information.
I am a new Assistant Professor at the University of Maryland. I am looking for ambitious, motivated PhD and undergraduate students to work with. If you're interested in systems and network security, then:
Our paper on an intensely compact representation of certificate revocations was accepted to IEEE Security & Privacy (Oakland) 2017.
The winners of our Build-it, Break-it, Fix-it secure programming competition have been announced. Congrats BreakAndBuild and CyberGo, the 1st place build-it and break-it teams.
I have taught a range of undergraduate and graduate courses on cybersecurity, as well as an honors course that introduces undergraduate CS majors to research. I also helped design and run the Build it, break it, fix it secure programming competition that gives students firsthand experience with writing code that will be attacked. This Spring, I'm teaching:All My Classes
I am the General Chair for the ACM Symposium on SDN Research (SOSR) 2017, taking place April 3-4 in Santa Clara, CA. I encourage you to attend and participate!
In addition to this, I was General Chair for HotNets 2013, and have served on many program committees and NSF panels. I have also visited Congress to discuss increasing nationwide funding for scientific research.All Service