I study the security of computer systems. I try to understand why it seems difficult to build secure systems and how we can get better at it. I also have an interest in innovative approaches to information security education. I like taking systems apart and understanding how they really work to discover and fix vulnerabilities in software. I work on (1) cooperative security - the challenge of getting security systems to work together; (2) efficient security - the craft of making security less of a tax or performance burden; and (3) beautiful security - the emerging art of meaningfully visualizing security events, relationships, and data.
I am actively recruiting top-quality students for positions in my lab, including undergraduate summer research interns, MSc thesis students, and PhD students. I am particularly interested in mentoring people who have an interest in or experience doing applied and systems security. Translation: if you are a hacker who, for some crazy reason, has an interest in a graduate degree, I am very interested in talking to you. Prospective students should read this page (read also: the grad admissions FAQ and the minimum admission requirements). I do not read or reply to emails containing long descriptions, introductions, resumes, CVs, and other attachements. Please be aware of deadlines; applications are often due nine months to a year ahead of the time of admission (e.g., December of year Y for September of year Y+1).
I frequently enjoy being unplugged and (mostly) off the grid. This means that I am occasionally unavailable and unresponsive in the cyber world, and I do not use "vacation" messages. I also read books for sport.
My current CV (html). Also, a Wordle of my paper titles.
My research group: Trustworthy Systems Group
A Wordle of Academic Systems Security topics in Call-for-Papers topic lists
Finance Chair, IEEE Security & Privacy 2014
Local Chair, NSPW 2013
Program co-Chair, ACNS 2013
Program Chair, ACSAC 2012
Program Committee, NSPW 2012
Program Committee, PST 2012
Program Committee, USENIX HotCloud 2012
Program Committee, ACNS 2012
Faculty of Science revenue generation subcommittee
Grad. Award subcommittee / Graduate Affairs Committee
CPSC operations committee
ISPIA Exec and Steering committee