I am an Associate Professor in the Department of Computer and Information Science and Engineering (CISE) at the University of Florida. My research focuses on the security of mobile systems, with a concentration on telecommunications infrastructure and mobile devices. My research has uncovered critical vulnerabilities in cellular networks, made the first characterization of mobile malware in provider networks and offers a robust approach to detecting and combatting Caller-ID scams. I am also interested in Internet security and the systems challenges of applied cryptography. I received a CAREER Award from the National Science Foundation in 2010 and was named a Sloan Fellow in 2014. Click to learn more information about my research, publications and citations.
I earned my Ph.D and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2008 and 2004, respectively, and my B.S. in Computer Science from the University of Richmond in 2002. After promotion and tenure in the School of Computer Science at Georgia Tech, I joined the University of Florida in 2014 as part of the UFRising Preeminence Hiring Program. I am currently the co-director of the Florida Institute for Cybersecurity (FICS) and am also a co-founder of Pindrop Security.
Note: The University of Florida is building a world-class program in information security, and we are always looking for strong students. Students must have a strong technical background, be comfortable with systems work and be prepared to work hard. If you are not a student at the University of Florida and are interested in information security research, please apply to the program.
May 13, 2016:Two of our papers, "AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels" and "Making USB Great Again with USBFILTER" have been accepted for publication at the 2016 USENIX Security Symposium.
May 8, 2016: Our paper, "Detecting SMS Spam in the Age of Legitimate Bulk Messaging" has been accepted to the 2016 ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec).
March 21, 2016: Our paper, "CryptoLock (and Drop It): Stopping Ransomware Attacks on User Data", has been accepted to the 2016 IEEE International Conference on Distributed Computing Systems (ICDCS).
February 7, 2016: Our paper, "Sending out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways", was accepted to the 2016 IEEE Symposium on Security and Privacy (S&P).
October 28, 2015: Our paper, "Frigate: A Validated, Extensible, and Efficient Compiler and Interpreter for Secure Computation", was accepted at the 2016 IEEE European Symposium on Security and Privacy (EuroS&P).
October 21, 2015: Congratulations to Hank Carter, who successfully defended his doctoral dissertation entitled, "Efficient Techniques for Secure Multiparty Computation on Mobile Devices".
August 11, 2015: Mobile money systems, also known as "Branchless Banking", brings much-needed financial services in the developing world. However, our work shows that many of these systems contain significant security weaknesses. Read our paper or coverage by the Wall Street Journal.