My research confronts issues of security and transparency in computer systems and networks. Within this broad area, my interests span various domains of computing, including operating systems, the cloud, and network communications, as well as both mobile and embedded devices. More information on my work can be found at:

My major research thrusts are:

Secure & Accountable Computing

Data provenance can be aggregatedfrom multiple operational layers of complex systems.

Modern computers are largely opaque, capable of processing data but providing little visibility into the activities that lead to a particular result. This computing model has become increasingly untenable. It limits insight into the nature of cyber threats, making it harder to detect and defend against attack. This research has focused on addressing this challenge through the reliable capture and management of data provenance. Provenance-aware computing gathers and reports metadata that provides insight into the history of each object being processed on a system. The aim of this work has been to record high integrity provenance metadata that can be used to such ends as preventing insider threats, detecting system intrusions, and assuring the integrity and confidentiality of data.

Recent Papers:

Mobile & Embedded Device Security

Through the USB Interface, mobile phones can be used to attest the identity of the machines to which they connect.

Mobile and embedded devices represent two rapidly growing sectors of the computing landscape. While the proliferation of mobile phones, smart devices, and Internet-connected critical infrastructure creates unprecedented opportunities for innovation, this also exposes novel attack surfaces that must be better understood in order to provide adequate protections. The aim of this research thrust is two fold: first, to reason about the challenges of securing mobile and embedded devices; second, to identify ways in which smart devices can be leveraged to address the broader goals of system security. My work in this area has investigated smart USB devices, Android application security, and device-to-host fingerprinting techniques.

Recent Papers:

Network & Communications Security

Our research has evaluated novel techniques for verifying identity on the Internet.

An increasing proportion of the global economy is dependent on the security of network communications and infrastructures. Unfortunately, these security properties are violated with alarming frequency due to implementation errors or developer confusion, or because systems are made use of in unanticipated ways. This research seeks to better understanding this breakdown between theory and practice, and identify ways to restore correct functionality in vulnerable networked systems. To this end, my work has considered the security challenges surrounding Software Defined Networks (SDN), the ubiquitous TLS/HTTPS protocols, and legacy telecommunications infrastructure.

Recent Papers: