Measuring and Improving Internet Security

Assistant Professor Computer Science
Co-Chair, CS Undergraduate Honors Program

Originally, the Internet was a collaborative effort among researchers, but has since evolved into a marketplace comprising millions of commercial entities and billions of users who often have conflicting goals. My work builds off of the belief that we can secure the Internet by understanding and accounting for these competing interests.

I empirically measure security on the Internet to understand how security breaks down, and I apply economics and cryptography to design and build new systems with provable and usable security. I study the web's PKI, censorship avoidance, DNS root servers, and more. I have been fortunate to work with many wonderful collaborators. See my CV for more information.

I'm looking for students

I am an Assistant Professor at the University of Maryland. I am looking for ambitious, motivated PhD and undergraduate students to work with. If you're interested in systems and network security, then:

Drop me a line

Announcing Breakerspace

I am the founder of Breakerspace, a lab for group undergraduate research in computer and network security. CS enrollment is skyrocketing: Breakerspace's goal is to scale research so more students can try it. We are actively looking for participants.

Learn More

Join CS Honors

I am the Chair of the UMD CS Departmental Honors. This program helps students get involved in research, get more engaged with the department, and overall Do Good. If you are a UMD CS student with a good GPA and are looking for a challenge, apply!

Learn More



Our paper on "Weaponizing Middleboxes for Reflected TCP Amplification" received an Internet Defense Prize! Thank you to USENIX and Facebook for this award.


Our paper on a new form of reflected amplification attack—the first of its kind to trigger amplification with HTTP traffic over TCP—was recognized with a Distinguished Paper Award at USENIX Security 2021! You can read more about this work.


Very excited to become a member of the National Academies Forum on Cyber Resilience. This group explores and advises on present and future threats to the resilience of various aspects of technology that pervades our lives.


Come check out Kevin's and my talk on "Weaponizing Censorship Infrastructure" at RightsCon 2021 this week. We'll be hosting an AMA on Tuesday.


Congrats to Kevin Bock on a great (live!) presentation of his and other Breakerspace students' work at WOOT 2021 demonstrating that censorship infrastructure can be weaponized to launch availability attacks. Congrats Kevin, Pranav Bharadwaj, and Jasraj Singh.


Two papers accepted to ACM SIGCOMM 2021! The first is on Bento, a Breakerspace paper led by undergraduate students and in collaboration with Purdue. The other is a collaboration with Cloudflare.


My research measures and improves real-world security. I envision an Internet where users have greater control and understanding of what happens to their data. Recently, I've been studying the web's certificate ecosystem, cloud computing, and censorship-avoidance.

Projects Papers


Fall 2022, I'm teaching:

I also helped design and run the Build it, break it, fix it secure programming competition that gives students firsthand experience with building secure code.

All My Classes


I'm on the committees for IEEE S&P 2023 (Oakland) and PAM 2020. Submit your work!

I was the General Chair for ACM Internet Measurement Conference (IMC) 2021", the ACM Symposium on SDN Research (SOSR) 2017, and HotNets 2013. I regularly serve on program committees and NSF panels, and have also visited Congress to discuss increasing nationwide funding for scientific research.

All Service


    5222 Iribe Center
    301-405-8515 (I rarely check vmail)