Thinking of getting a PhD with me?

You're applying for PhD programs: what an exciting time! (And maybe somewhat overwhelming.) This page is to help you understand what you might get out of working with me.

But before getting into all of that, let's make one thing very clear:

Your goal should be to find the place and advisor that will make you the strongest, most independent researcher you can be. Rank, prestige, or status should have little to no bearing on your decision: you should go to the place that will empower you to do your best work, wherever that might be.

That may very well mean working with me at the University of Maryland, just a stone's throw from Washington, DC. Read on to find out what that might mean for you!

To learn and hear more of me, you might also consider checking out this Packet Pushers podcast in which they interviewed me about how I got into academia and not my original love: Tuba!

My research area & Tools of the trade

I am passionate about problems that affect and involve real people's security, privacy, and ability to communicate freely and openly. This spans many different areas (see some of my research highlights below).

To get a sense of the kind of work I do, it's useful to consider some of the tools of the trade my students and I use—and that you would gain experience applying (to the extent that they serve your research goals):

  • AI-based network fuzzers: We developed what I consider to be the best network fuzzer to date: Geneva. We have used Geneva to automatically discover how to evade network censorship, create new amplification attacks, find bugs in popular tools like Docker, and more. I believe AI-guided measurement is going to be a critical tool in an increasingly complex Internet, and my group is at the forefront of creating it.
  • Internet-wide measurement: Often, we ask questions that span the entire Internet, and the only way to truly answer them is to, well, ask then entire Internet! We use tools like Zmap, Yarrp, and some custom crawlers to measure and understand the entire Internet.
  • User studies: Whereas network measurement tells us the "what," we often need user studies to get at the "why." To truly understand the Internet, we have to realize that protocols do not begin and end with the spec; ultimately they are designed, implemented, administered, and (mis)understood by users of all stripes. User studies are critical for truly understanding and improving the Internet.

What's my research agenda?

I'm going to let you in on a little secret...

I do not have a research agenda. My students are my agenda.

My students are not my employees; you do not work for me to further my brand or add another line to my CV, or push forward some vision I have. On the contrary: if you are my student, I work to develop you: to shape you as a researcher, to establish and further your brand, and to help you develop and realize your vision.

As a result, "my" work goes in the direction of my students' passions, not the other way around. That's why you might see me simultaneously work in network security, Internet measurement, usable security, systems security, and gamification and game theory all at the same time. They're all fascinating to me, but more importantly they're passion areas of my students.

What you get from working with me

  • Seed projects to get you started, if you do not already have research problems in mind.
  • Practice and feedback in asking good research questions.
  • The tools, connections, and freedom to identify and pursue your dream research agenda.
  • A unique research identity by the time you graduate.

Research Highlights


We have developed Geneva, which stands for "Gen"etic "Eva"sion: a genetic algorithm that trains directly against nation-state censors to automatically learn how to evade censorship. Geneva has discovered hundreds of novel evasion strategies, including the first that run strictly "server-side," without requiring clients to install any extra software whatsoever.

Geneva project page

The Web's PKI

The public key infrastructure (PKI) is what allows us to know with whom we are communicating online. As with many of my group's research efforts, we approach the PKI with two goals in mind: Measuring it and Improving it by applying our measurement findings to develop new, better systems. Our CRLite certificate revocation system has been integrated into Firefox!

PKI project page

A more programmable Tor

Tor is a powerful anonymity network, but notoriously difficult to extend. We developed Bento, an architecture that lets users safely and anonymously deploy small programs to willing Tor relays: much like SDN and NFV in the "non-anonymous" Internet. This work involved developing new systems primitives that use trusted hardware so that the Bento programs can safely run even on untrusted relays.

Bento project page

What is Breakerspace?

Breakerspace is a lab I started that is designed around having groups of undergraduate researchers work on real, challenging, publishable problems.

Not enough undergraduates try research! The fact that you are considering pursuing a PhD means you were likely the exception; you probably got to do research with one of your professors. Think about how much of an impact that experience had on you and your decisions for your next career step. Sadly, there are many students who want such an experience but when faculty only advise zero, one, or two undergrads, that leaves few opportunities available.

By having students work in groups, not only can more of them try research, but they can also work on much more challenging problems than they could alone. In fact, my Breakerspace undergrads often tackle problems that my PhD students alone cannot!

With Breakerspace, advising undergrads isn't some laborious service: it is the foundation of our group's productivity! This is because UMD undergraduates have an incredible amount of cybersecurity experience. Breakerspace students run the UMD Cybersecurity Club, they created and teach an undergraduate course on ethical hacking, and they've included some of the best reverse engineers and hardware hackers I've ever met. In Breakerspace, they channel those skills towards doing research, and it has resulted in many publications.

What does Breakerspace mean for you?

Breakerspace is not just an opportunity for the undergraduate researchers; it is also an incredible opportunity for my PhD students to gain experience mentoring others in research. Many of the projects in the Breakerspace lab are led by my PhD students. I am there for every step of the way, but I largely let my PhD students lead, advising them on how to effectively mentor, manage projects, encourage collaboration, and so on.

Wherever you end up going to get your PhD, you owe it to yourself to try mentoring others' research! You may find that you love it, in which case you should absolutely consider pursuing an academic job after you get your PhD. On the other hand, you may find that you are not too keen on it; that's OK too! It is important to learn what you like and dislike, and to allow that to inform your future job decisions.

What you get from working with Breakerspace

  • First-hand experience mentoring undergraduate researchers in group settings (there is strength in numbers!).
  • Advising of how to effectively mentor, advise, and lead groups of students.
  • If you so choose, an academic job application that is much stronger because you will have real mentoring experience (and the publications to prove it!).

What are the goals of a PhD?

Vern Paxson says that there are three things that separate great research groups from mediocre ones:

  • Problem selection: If you aren't choosing good problems, what does it matter if you solve them at all?
  • Execution: If you can't come up with good solutions, what does it matter if you have a good problem to work on?
  • Communication: If you can't inform the broad public of your findings, then what impact can they have?

It is my opinion that (part of) the goal of a PhD is to become excellent at these three skills. Critical to doing so is practice (at asking research questions, running experiments, writing, etc.) and developing connections with the broader community. All of the three are improved by engaging with and getting feedback from colleagues. I work with my students to give feedback and help connect them with a broader network of collaborators.

Work/Life balance?

I am a strong advocate of maintaining a healthy work/life balance. Health and safety are always the topmost priorities. And besides, a balanced life outside the lab leads to greater productivity inside the lab!

UMD is wonderfully situated for a fulfilling time during your PhD. It is just a few miles outside of Washington, DC (where I live), and close to three airports which makes travel easy.

Many of my students and I are into running; let's set up a running meeting!

What am I looking for?

So what am I looking for in a PhD student? As a necessity, I am looking for people who are motivated to solve big, challenging problems—and willing to pick up whatever skills are needed to solve the problems at hand. If you want your research to have impact on real people and if you are willing to learn what it takes to make that happen, then I want to hear from you.

I do not have some requisite set of skills or background knowledge; I can train you in just about anything. But you might be starting with a bit of an advantage if you know things like software development, network protocols/programming, reverse engineering, fuzzing, pen testing, user-centric security, hardware hacking, OS development, cryptography, or the law. (As you can tell, my group's interests cover a lot of ground.)

Still interested? Apply to UMD!

If after all of this you are still interested in working with me, then please apply to UMD and get in touch with me! This is not a decision you should enter into lightly, so let's talk, get to know one another, and see if I might be a good fit for you.

Apply to UMD CS PhD

If you do apply, please drop me a line to let me know that you did, and mention this webpage:


Apply to MMP, too!

As if coming to UMD weren't amazing enough as it is, there is an even better opportunity for those interested in spending time in Europe, as well. MMP (Maryland/Max Planck) is a joint PhD program with Germany's Max Planck Institute. Students admitted to this program get advisors both at UMD and MPI, and spend their time in both countries. I cannot imagine a better opportunity to expand your network, see the world, and have a blast during what should be every right be some of the best years of your life. Please consider it!

Apply to MMP