Originally, the Internet was a collaborative effort among researchers, but has since evolved into a marketplace comprising millions of commercial entities and billions of users who often have conflicting goals. My work builds off of the belief that we can secure the Internet by understanding and accounting for these competing interests.
I empirically measure security on the Internet to understand how security breaks down, and I apply economics and cryptography to design and build new systems with provable and usable security. I study the web's PKI, censorship avoidance, DNS root servers, and more. I have been fortunate to work with many wonderful collaborators. See my CV for more information.
I am an Assistant Professor at the University of Maryland. I am looking for ambitious, motivated PhD and undergraduate students to work with. If you're interested in systems and network security, then:
I am the founder of Breakerspace, a lab for group undergraduate research in computer and network security. CS enrollment is skyrocketing: Breakerspace's goal is to scale research so more students can try it. We are actively looking for participants.
Our paper on "Weaponizing Middleboxes for Reflected TCP Amplification" received an Internet Defense Prize! Thank you to USENIX and Facebook for this award.
Our paper on a new form of reflected amplification attack—the first of its kind to trigger amplification with HTTP traffic over TCP—was recognized with a Distinguished Paper Award at USENIX Security 2021! You can read more about this work.
Very excited to become a member of the National Academies Forum on Cyber Resilience. This group explores and advises on present and future threats to the resilience of various aspects of technology that pervades our lives.
Congrats to Kevin Bock on a great (live!) presentation of his and other Breakerspace students' work at WOOT 2021 demonstrating that censorship infrastructure can be weaponized to launch availability attacks. Congrats Kevin, Pranav Bharadwaj, and Jasraj Singh.
This Fall, I'm teaching:
I also helped design and run the Build it, break it, fix it secure programming competition that gives students firsthand experience with building secure code.All My Classes
I was the General Chair for the ACM Symposium on SDN Research (SOSR) 2017 and for HotNets 2013. I regularly serve on program committees and NSF panels, and have also visited Congress to discuss increasing nationwide funding for scientific research.All Service