He studies the security of computer systems. He tries to understand why it seems difficult to build secure systems and how we can get better at it. He works on software intrusion defense, debugging & software trustworthiness, and innovative approaches to information security education. [formal bio blurb (plaintext)]
I am actively recruiting top-quality students for positions in my lab, including undergraduate summer research interns, MSc thesis students, and PhD students. Prospective students should read this page (read also: the grad admissions FAQ and the minimum admission requirements). I do not respond to emails containing long descriptions, introductions, resumes, and CVs. Please be aware of deadlines; applications are often due nine months to a year ahead of the time of admission (e.g., December of year Y for September of year Y+1).
I frequently enjoy being unplugged and (mostly) off the grid. This means that I am occasionally unavailable and unresponsive in the cyber world, and I do not use "vacation" messages.
My current CV (html). Also, a Wordle of my paper titles.
My research group: Trustworthy Systems Group
A Wordle of Academic Systems Security topics
in Call-for-Papers topic lists
Program Committee, NSPW 2012
Program Committee, PST 2012
Program Committee, USENIX HotCloud 2012
Program Committee, ACNS 2012
Program Chair, ACSAC 2012
Faculty of Science revenue generation subcommittee
CPSC operations committee
ISPIA exec/steering committee: research portfolio
