I study the security of computer systems. I try to understand why it seems difficult to build secure systems and how we can get better at it. I also have an interest in innovative approaches to information security education. I like taking systems apart and understanding how they really work to discover and fix vulnerabilities in software. I work on (1) cooperative security - the challenge of getting security systems to work together; (2) efficient security - the craft of making security less of a tax or performance burden; and (3) beautiful security - the emerging art of meaningfully visualizing security events, relationships, and data.
I am actively recruiting top-quality students for positions in my lab. I am particularly interested in mentoring people who have an interest in or experience doing applied and systems security. Translation: if you are a hacker who, for some crazy reason, has an interest in a graduate degree, I am very interested in talking to you. If you've never written a C program larger than 5K lines or compiled an OS kernel, we probably should not talk. Prospective students should read this page (read also: the grad admissions FAQ and the minimum admission requirements). I do not read or reply to emails containing long descriptions, introductions, resumes, CVs, and other attachements.
My current CV (html). Also, a Wordle of my paper titles.
My research group: Trustworthy Systems Group
A Wordle of Academic Systems Security topics in Call-for-Papers topic lists
Vice Chair (Registration), IEEE Security & Privacy 2015
Program Committee, PSP 2014
Program Committee, TRUST 2014
co-Organizer, IEEE SPW LangSec Workshop 2014
Finance Chair, IEEE Security & Privacy 2014
Local Chair, NSPW 2013
Program co-Chair, ACNS 2013
Program Chair, ACSAC 2012
Program Committee, NSPW 2012
Program Committee, PST 2012
Program Committee, USENIX HotCloud 2012
Program Committee, ACNS 2012
Faculty of Science revenue generation subcommittee
Grad. Award subcommittee / Graduate Affairs Committee
CPSC operations committee
ISPIA Exec and Steering committee