I am an Assistant Professor in the College of Computing at Georgia Tech. My research focuses on the security of mobile systems, with a concentration on telecommunications infrastructure and mobile devices. My research has uncovered critical vulnerabilities in cellular networks, made the first characterization of mobile malware in provider networks and offers a robust approach to detecting and combatting Caller-ID scams. I am also interested in Internet security and the systems challenges of applied cryptography. I received a CAREER Award from the National Science Foundation in 2010 and was named a Sloan Fellow in 2014. Click to learn more information about my research, publications and citations.
I earned my Ph.D and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2008 and 2004, respectively, and my B.S. in Computer Science from the University of Richmond in 2002. I am currently a member of the Georgia Tech Information Security Center (GTISC) and a co-director of the Converging Infrastructure Security Laboratory (CISEC). I am also a co-founder of Pindrop Security.
Note: I am always looking for strong students with an interest in network security. Students must have a strong technical background, be comfortable with systems work and be prepared to work hard. If you are not a student at Georgia Tech and are interested in my research, please apply to the program.
February 18, 2014: I have been named a 2014 Sloan Fellow. The Sloan Fellowship is one of the top honors bestowed upon young faculty across all of science and engineering. I am grateful to the Alfred P. Sloan Foundation for this tremendous honor.
January 27, 2014: An extended version of our paper, "Accountable Wiretapping -or- I Know They Can Hear You Now", has been accepted for publication in the Journal of Computer Security (JCS). This work, which provides the first secure auditing methods for legal wiretapping and helps prevent abuses of such systems, is the result of the partnership between four universities and experts in the fields of cellular networks, telephony, systems and cryptography.
December 3, 2013: Congratulations to my Ph.D. student, Chaitrali Amrutkar, who successfully defended her dissertation entitled "Towards Secure Web Browsing on Mobile Devices". Her work discovered a number of vulnerabilities in mobile browsers, problems with security indicators and new techniques to detect malicious mobile web pages. She will join Oracle in the spring.
October 22, 2013: Worried about mobile malware? Your worries may be misplaced! A study by Google confirms the results of our paper, The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers, which shows that infection rates for mobile devices are extremely low. Read our paper to learn more about the reality mobile threats. See the articles here!
October 21, 2013: The ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) has just posted its Call for Papers. As one of the Program Chairs, I strongly urge you to submit your top research!
October 9, 2013: I will be giving a talk entitled "Chasing Telephony Security: Where the Wild Things... Are?" at The University of Waterloo in Waterloo, Ontario as part of the CrySP Speaker Series on Privacy. Come hear about the reality of threats and solutions in this space if you are nearby.