Current Doctoral Students

Kevin Benton is focused on the dynamics of network security, having constructed the Bongo extension to connect BGP and SDN. In particular, in his internships at the Cambrigde University Computer Security Laboratory and now at BigNetworks, his focus is SDN. Engineers are humans too

Gary Deckard is bridging two divides: military and academic, computer science and education. With extensive experience in operations, training, and Information Technology, he is working to examine security training in practice. His interests are security, privacy, cybersecurity pedagogy, and security for Cyber Physical Systems.

Pablo Moriano develops innovative models and methods for large-scale networks that can help in the understanding of the dynamical evolution of empirical network data. A direct application of this approach is in the field of anomaly detection in routing data. These research efforts are multi-disciplinary and encompass contributions from computer science, statistics, and physics.

Krishna Bathina has a powerful analysis toolkit, and has recently completed his examination of results from a study of mental models online. He used cluster analysis and network analysis to examine risk behaviors in browsing. His major security work is in the creation of effective biological models for ecrime.

Behnood Momenzadeh is examing how to evaluate risk in mobile phones, how to combines these risk measures, and how to communicate the risk to the user.

Shakthidhar Gopavaram is evaluating human risk taking. Currently he is completing analysis on web-based risk-taking and will move to embedded systems.

Gianpaolo Russo combines technical excellence with his pursuit of a JD. He has published with Andrew Dingman on Risk-Based Vulnerability Disclosure.

Andrew Dingman combines full time employment at RedHat with a research-focused masters. He has published with Gianpaolo on vulnerability policy.

Tonya R. S. Thompson is a recipent of the highly competitive NASA Research Fellowship. Her work with me had focused on effective risk communication. First, she was working on effective risk communication to end users using narratives, where she has developed narrative communication mechanisms. Secondly, she investigated effective communication from highly non—expert users to secure systems designers in order to enable designs that address the legitimate but highly variable privacy concerns of individuals.

Graduate Students, Primary Advisor

Ashwin Dev focuses on secure network programming.

Pratik Patel is maintaining the certificate telemetry.

Jill Minor, now outreach coordinator for Data to Insight, provided data and analysis support to all the projects.

soumya achar is modeling BGP hijacks and how to identify them with Pablo.

Srivatsan Iyer is also working with Pablo on BGP anamolies.

Pralhad Sapre is working on mobile security with Behnood.

Raghavendra Nataraj is working on mobile vulnerabilities, also with Behnood.

Shravan Kumar works with risk estimates of online behaviors in browsing and in mobile systems.

Sowmya H. Achanta also works on risk contexts and behaviors online.

Doctoral Alumni, Primary Advisor

Zheng Dong is a pioneer in using machine learning in the service of computer security. His dissertation applied machine learning to the detection of phishing sites (using certificate analysis), rogues certificates, and banking certificates. He finished his masters thesis in spring 2010 on the topic of the marginal return for adding an individual into a social network for the purposes of recommendations or discovery. He works at Microsoft Seattle.

Post doctoral fellow Prashanth Rajivan has moved to Carnegie Mellon. He is focused on the psychology of security not only of individuals, but also as a function of group processes.

Tim Kelley combines human experimentation with large scale modeling. His implements complex systems models that integrate human behaviors as critical variables. He is currently employed in a joint position at Indiana University Department of Psychology and Crane Naval, continuing to combine brain science with network science.

Vaibhav Garg on ecrime, risk communication, and usable security. His work brought perceived risk methods to the study of on-line risk, as well as pioneering applications of crime science from criminal justice to online crime. He is Director of Security Awareness at VISA.

Debin Liu on risk-based access control and usable security. His work included a mastery of quantitative tools combined with economic theories of security; such as applying contract theory to access control. After his time as a senior researcher at PayPal, he returned to China to built the country's first consumer credit rating agency.

Camilo Veicco on Tor. His redesign of TCP in Tor reduced delay, jitter, and prevented timing attacks. He is a senior scientist at Mozilla.

Alex Tsow on making programming easier, usable security. Alex combined programming languages with usability to make the creation of secure code easier for developers. Alex was a post-doctoral fellow rather than a doctoral student. He is now at MITRE.

J Duncan on user-centered design, with a focus on ethical design of security experiments. He is a lecturer at IU.

Warigia Bowman on ICT for developmentwith an interdisciplinary dissetation on Internet diffusion in East Africa. She is a professor at the University of Arkansas.

Allan Friedman on security and privacy. By combining game theory and social network modeling he was able to examine how information flowed across the combination of social and computing networks. His work pioneered the use of crowd-sourcing and peer production for diffusion of information sharing for community security and privacy (beyond open source communities). He is the Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of Commerce.

Somewhere between this and the next category lies Christopher Soghoian on electronic civil liberties. He is currently the Principal Technologist with the Speech, Privacy, and Technology Project at the ACLU.

Doctoral Alumni, Joint Advisor

Xiaoyong Zhou on mobile security.
Rui Wang on malware and security in ecommerce.
Carlos Osorio on ICT for development, innovation, security and privacy.
Kristiina Karvonen for whom I was a doctoral opponent.
Serena Chan on reliability and hardening by using commodity computing in satellites.
Sabine Schaffer on trust in the Internet.
Sara Wilford on privacy.

Selected Excellent Nondoctoral Alumni

Sanjay Pandey has spent his career innovating for justice and transparency using ICTs in India.
Greg Norcie the intersection of public policy, traditional usability with security and privacy. Farzaneh Asgharpour on mental models of security.
Ty Bross on mobile desvice security.
Alla Zollers on usable security and social trust, interaction designer on on Net Trust.
Hillary Elmore on usable PGP.
Gayathri Athreya on usable security.
Tony Moore
Taiyu Chen on ICT for development.
Brandon Stephens on usable security and Net Trust.