I am an Assistant Professor in the College of Computing at Georgia Tech. My research focuses on the security of mobile systems, with a concentration on telecommunications infrastructure and mobile devices. My research has uncovered critical vulnerabilities in cellular networks, made the first characterization of mobile malware in provider networks and offers a robust approach to detecting and combatting Caller-ID scams. I am also interested in Internet security and the systems challenges of applied cryptography. Click to learn more information about my research, publications and citations.
I earned my Ph.D and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2008 and 2004, respectively, and my B.S. in Computer Science from the University of Richmond in 2002. I am currently a member of the Georgia Tech Information Security Center (GTISC) and a co-director of the Converging Infrastructure Security Laboratory (CISEC). I am also a co-founder of Pindrop Security.
Note: I am always looking for strong students with an interest in network security. Students must have a strong technical background, be comfortable with systems work and be prepared to work hard. If you are not a student at Georgia Tech and are interested in my research, please apply to the program.
December 3, 2013: Congratulations to my Ph.D. student, Chaitrali Amrutkar, who successfully defended her dissertation entitled "Towards Secure Web Browsing on Mobile Devices". Her work discovered a number of vulnerabilities in mobile browsers, problems with security indicators and new techniques to detect malicious mobile web pages. She will join Oracle in the spring.
October 22, 2013: Worried about mobile malware? Your worries may be misplaced! A study by Google confirms the results of our paper, The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers, which shows that infection rates for mobile devices are extremely low. Read our paper to learn more about the reality mobile threats. See the articles here!
October 21, 2013: The ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) has just posted its Call for Papers. As one of the Program Chairs, I strongly urge you to submit your top research!
October 9, 2013: I will be giving a talk entitled "Chasing Telephony Security: Where the Wild Things... Are?" at The University of Waterloo in Waterloo, Ontario as part of the CrySP Speaker Series on Privacy. Come hear about the reality of threats and solutions in this space if you are nearby.
July 25, 2013: I will be giving a talk entitled "Analyzing Malicious Traffic in Cellular Networks" at the GSM Association's Mobile Malware Community Workshop in Mountain View, CA.
June 4, 2013: I will be an invited speaker at the Federal Trade Commission's (FTC) panel entitled "Mobile Security: Potential Threats and Solutions". Come join us in Washington D.C., or tune in via the webcast!