I have the privilege of working with a team of extraordinary students, including both graduate
and undergraduate students. If you are a UVa undergraduate or graduate
student interested in joining my research group, please look over our
project pages (below), browse
our group blog, and send me email
to arrange a meeting or drop by my office
hours. If you are considering applying to our PhD program, please
read my advice for prospective
research students. If you think you are ready for graduate school,
you may also want to try our previous pre-qualification
exam [PDF].
Active Projects
Protects vulnerable programs by storing security-critical data in a
separate store that is protected by page-level hardware mechanisms,
except during short update periods.
Uses the disk processor to improve virus detection and response by
recognizing viruses by their disk-level activity.
The Helix self-regenerative architecture is designed to protect systems
from sophisticated and motivated adversaries by automatically and
continuously changing the attack surface of a running system.
RFID tags have already been widely deployed in security-sensitive
applications including public transportation tokens and access
cards. These applications raise important security and
privacy concerns, but current design methods are ad hoc and have proven
insufficient. We are
investigating new approaches to cryptography, protocol, and system
design to provide adequate security on minimal devices.
Mashups combine scripts from multiple sources and deliver them to
clients as a single page. We are investigating mechanisms that allow
clients to enforce meaningful security policies on untrusted content in
mashup web pages.
Explores a systems framework that uses structured artificial diversity
to provide high security assurances against large classes of attacks.
Q: How realistic is the depiction of SIS in the James Bond films?
James Bond, as Ian Fleming originally conceived him was based on
reality. But any author needs to inject a level of glamour and
excitement beyond reality in order to sell. By the time the filmmakers
focused on Bond the gap between truth and fiction had already
widened. Nevertheless, staff who join SIS can look forward to a career
that will have moments when the gap narrows just a little and the
certainty of a stimulating and rewarding career which, like Bond's, will
be in the service of their country.
Q: Why can't I download or write to you via this site?
SIS has kept this site browse only for security reasons.
Develops techniques for automatically inferring temporal properties of
real world software using dynamic analysis.
Social networking platforms integrate third-party content into the site
and give third-party developers access to user data. These open
interfaces pose serious privacy risks by exposing user data to
third-party developers. We are developing a privacy-by-proxy
design for a privacy-preserving API.
Recent Projects
Genesis
with Jack Davidson, John Knight, and Anh Nguyen-Tuong (DARPA)
Explores the potential for using automatically generated diversity at
various levels of abstraction to protect computer systems.
Reducing the cost and improves the scalability of program analysis using
lightweight static analysis ( Splint).
How computing in the physical world impacts security.
Getting sensible behavior from collections of unreliable, unorganized
components.
Recent and Upcoming Conferences
All it took was for a University of Virginia student to finally outsmart
the popular SMART cards... Falling into the wrong hands, this security
loophole can be and will surely be used in high profile heists and
break-ins, seemingly straight from a James Bond movie.
30th IEEE Symposium on Security and Privacy (Oakland 2009),
Program Committee Co-Chair
Ninth International
Conference on Information and Communications Security (ICICS 2007),
Program Committee Member
|