My research focuses on the security of computer systems and networks. Recent work in my group has included understanding the security of portable storage and the USB interface, establishing the trustworthiness of data and maintaing its provenance, mobile phone security, protection of Internet traffic and the SSL infrastructure, and attacks and defenses against the cloud infrastructure. Some of my other research areas of interest include security in interdomain routing, propagation of malicious code through the Internet, applied cryptosystems, and using secure hardware to enforce systems security. I lead systems security research within the Florida Institute for Cybersecurity Research and am formerly co-director of the Southeastern Security for Enterprise and Infrastructure (SENSEI) Center at the University of Florida, which I joined in 2014 as part of the UF Rising to Preeminence Hiring Program. I received a National Science Foundation CAREER award in 2013, and am a Senior Member of the IEEE and ACM.
Note: We are building a world-class security research group at the University of Florida. I am looking for strong students with an interest in systems security. Students must have a strong technical background, be comfortable with systems work, and be willing to work hard. If you are not at student at the University of Florida and you are interested in my research, please apply to the program.
Our paper, "ATtention Spanned: Comprehensive Vulnerability Analysis of AT Commands within the Android Ecosystem", was accepted for publication at the 2018 USENIX Security Symposium.
Congraulations to my PhD students Grant Hernandez and Dave Tian for winning first and second place at the SEC Academic Conference's poster competition.
Congraulations to my former PhD student, Adam Bates, who won an NSF CAREER award. Adam also received the ACM SIGSAC Doctoral Dissertation Runner-Up Award in October for his outstanding thesis.
Our papers "SOK: ``Plug and Pray'' Today -- Understanding USB Insecurity in Versions 1 through C" and "Sonar: Detecting SS7 Redirection Attacks With Audio-Based Distance Bounding" were accepted for publication at the 2018 IEEE Symposium on Security and Privacy.
I am delighted to be serving as technical program co-chair of ACM WiSec 2018. Please send your excellent work in securing wireless and mobile networks and applications to WiSec: the deadline for submissions is March 1, 2018.
Our paper "FirmUSB: Vetting USB Device Firmware using Domain Informed Symbolic Execution Storage Devices" was accepted for publication at the 2017 ACM Conference on Computer and Communications Security (CCS).
Our paper "Transparent Web Service Auditing via Network Provenance Functions" was accepted for publication at the 2017 World Wide Web Conference (WWW).
Our paper "ProvUSB: Block-level Provenance-Based Data Protection for USB Storage Devices" was accepted for publication at the 2016 ACM Conference on Computer and Communications Security (CCS).
Our paper "Making USB Great Again with USBFILTER" was accepted for publication at the 2016 USENIX Security Symposium.
Congratulations to my first two graduating PhD students, Benjamin Mood and Adam Bates. Adam will be Assistant Professor of Computer Science at the University of Illinois at Urbana-Champaign this fall, while Benjamin will be Assistant Professor of Computer Science at Point Loma Nazarene University.More News
"You must be the change you wish to see in the world."
— Mohandas Gandhi