Contact
CV
Research
Teaching
Students
Publications
Miscellaneous
Home
UsableSecurity.net
InfosEcon.net
Students
Current Doctoral Students
Laura Calloway
is examining information exfiltration on personal health devices. She is comparing the perceptions and reality of personal and health information, considering both security and privacy.
Hilda Hadan
works on perceptions and reality of PKI and privacy on the Internet, in smart cities, and in the IoT.
Gary Deckard is bridged two divides: military and academic, computer
science and education. With extensive experience in operations and training,
his dissertation examined the factors that lead to individual and collective success in a series of exercises and in classroom
practice. His interests are security, privacy, cybersecurity pedagogy, and
security for Cyber Physical Systems.
DongInn Kim became a member of
the research group in summer 2017. His background is in computer
networking. He is our new lead on the CUTS CertProbe and the
CertWarehouse to more effectively share our data.
Behnood
Momenzadeh is examining how to evaluate risk in IoT and mobile devices,
how to combines these risk measures, and how to communicate the
risk to the user.
Shakthidhar
Gopavaram is evaluating human risk taking. Currently he is
completing analysis on web-based risk-taking and will move to
embedded systems.
Jacob Abbott is
a doctoral student who previously worked with me on human-centered
design. His particular focus is cognitive alignment between human decision-making and
the demands of security interactions. He is moving into accessible
design with Sameer Patil.
Sanchari
Das is focused on usable privacy and security, particularly
in the context of social computing. Her background is in
networking. Her current research uses human subjects experiments
in the lab and online (jointly supervised with Sameer Patil.)
Vafa
Andalibi is currently working on both vulnerability hunting in
IoT devices and web-based device fingerprinting. He is also a
member of the CTF team, ambitiously expanding his red-teaming technical skills.
Jayati Dev
brings a mastery of wireless communications to social components of
security and privacy.
Andrew Dingman
combines full time employment at Mitre with a research-focused
masters. He has published with Gianpaolo on vulnerability
policy. He is currently on leave.
Tonya R. S. Thompson
is a recipient of the highly competitive NASA Research
Fellowship. Her work with me had focused on effective risk
communication. First, she was working on effective risk
communication to end users using narratives, where she has
developed narrative communication mechanisms. Secondly, she
investigated effective communication from highly
non—expert users to secure systems designers in
order to enable designs that address the legitimate but highly
variable privacy concerns of individuals. She is currently on leave.
Graduate Students, Primary Advisor
Ashwin Dev focuses
on secure network programming.
Pratik Patel is
maintaining the certificate telemetry.
Jill
Minor, now outreach coordinator for Data to Insight,
provided data and analysis support to all the projects.
Soumya Achar is
modeling BGP hijacks and how to identify them with Pablo.
Srivatsan
Iyer is also working with Pablo on BGP anomalies.
Pralhad Sapre
is working on mobile security with Behnood.
Raghavendra Nataraj
is working on mobile vulnerabilities, also with Behnood.
Shravan Kumar works with risk estimates of online behaviors in browsing and in mobile systems.
Sowmya H. Achanta also works on risk contexts and behaviors online.
Doctoral Student Committee Member
Omkar Bhide is
building crypto on constrained devices for the next generation IoT while
simultaneously engaging in threat analysis for this
generation. His threat models include every layer, from bit
leakage to human error. (Jointly supervised with Ryan Henry,
with whom he is working on lattice crypto.)
Doctoral Alumni, Primary
Advisor
Shrirang Mare is a post-doctoral scholar. He received his PhD from Dartmouth College, and his interests include security and privacy issues in pervasive computing, particularly in healthcare, usable security, and continuous authentication. He recently completed a post-doctoral fellowship at the University of Washington.
Pablo Moriano develops innovative models and methods for large-scale networks that can help in the understanding of the dynamical evolution of empirical network data. A direct application of this approach is in the field of anomaly detection in routing data. These research efforts are multi-disciplinary and encompass contributions from computer science, statistics, and physics.
Kevin Benton is
focused on the dynamics of network security in both SDN and BGP. In the past, in his
internships at the Cambrigde University Computer Security
Laboratory and now at BigNetworks, his focus was on SDN. His work
reminds us that engineers are humans too.
Zheng Dong is a pioneer in using machine learning in the service of computer security. His dissertation applied machine learning to the detection of phishing sites (using certificate analysis), rogues certificates, and banking certificates. He finished his masters thesis in spring 2010 on the topic of the marginal return for adding an individual into a social network for the purposes of recommendations or discovery. He works at Microsoft Seattle.
Post doctoral fellow
Prashanth
Rajivan has moved to Carnegie Mellon. He is focused on the
psychology of security not only of individuals, but also as a
function of group processes.
Tim Kelley combines
human experimentation with large scale modeling. His implements
complex systems models that integrate human behaviors as critical
variables. He is currently employed in a joint position at Indiana
University Department of Psychology and Crane Naval, continuing to
combine brain science with network science.
Vaibhav Garg on ecrime, risk communication, and usable security. His work brought perceived risk methods to the study of on-line risk, as well as pioneering applications of crime science from criminal justice to online crime. He is Director of Security Awareness at VISA.
Debin Liu on risk-based access control and usable security. His work included a mastery of quantitative tools combined with economic theories of security; such as applying contract theory to access control. After his time as a senior researcher at PayPal, he returned to China to built the country's first consumer credit rating agency.
Camilo Veicco on Tor. His redesign of TCP in Tor reduced delay, jitter, and prevented timing attacks. He is a senior scientist at Mozilla.
Alex Tsow on making programming easier, usable security. Alex combined programming languages with usability to make the creation of secure code easier for developers. Alex was a post-doctoral fellow rather than a doctoral student. He is now at MITRE.
J Duncan on user-centered design, with a focus on ethical design of security experiments. He is a lecturer at IU.
Warigia Bowman on ICT for development with an interdisciplinary dissertation
on Internet diffusion in East Africa. She is a professor at the University of Arkansas.
Allan Friedman on security and privacy. By combining game theory and social network modeling he was able to examine how information flowed across the combination of social and computing networks. His work pioneered the use of crowd-sourcing and peer production for diffusion of information sharing for community security and privacy (beyond open source communities). He is the Director of Cybersecurity Initiatives at National Telecommunications and Information Administration in the US Department of Commerce.
Somewhere between this and the next category lies
Christopher Soghoian on electronic civil liberties. He is currently the Principal Technologist with the Speech, Privacy, and Technology Project at the ACLU.
Doctoral Alumni, Joint Advisor or Committee
Xiaoyong Zhou on mobile security.
Rui Wang on malware and security in ecommerce.
Carlos Osorio on ICT for development, innovation, security and privacy.
Kristiina Karvonen for whom I was a doctoral opponent.
Serena Chan on reliability and hardening by using commodity computing in satellites.
Sabine
Schaffer on trust in the Internet.
Sara Wilford on
privacy.
Selected Excellent Nondoctoral Alumni
Nicolas Serrano has done breakthrough work in interdisciplinary understanding of
why PKI fails
Jonathan Schubauer examines the impact of regulation and organizational structure on privacy and permissions.
Gianpaolo
Russo combined technical excellence with his pursuit of a
JD. He is captain of the CTF team and deep into the bits in his
work on binary analysis in IoT.
Sanjay Pandey has spent his
career innovating for justice and transparency using ICTs in
India.
Greg Norcie the intersection of
public policy, traditional usability with security and privacy.
Farzaneh Asgharpour on mental models of security.
Ty Bross on mobile desvice security.
Alla Zollers on usable security and social trust, interaction designer on
on Net Trust.
Hillary Elmore on usable PGP.
Gayathri
Athreya on usable security.
Tony Moore
Taiyu Chen on ICT for development.
Brandon Stephens on usable security and Net Trust.