Our security research includes foundations. It also includes systems built on provable properties. Besides such technologies, which provide demonstrable defense against concrete attacks, we also work on demonstrating security flaws in systems that are thought to be secure. In other words, we also like to break things.


  • Access control
    • Authorization models. Information flow control. Mandatory access control systems. 
  • Cryptography
  • Networking
    • Internet security services. Intrusion detection and prevention. Wireless security. 
  • Verification
    • Formal specification and verification of hardware and software. Network protocol design and verification. Design and verification of network elements. Mechanized theorem proving in support of verification. 
  • Systems
    • Secure storage systems. Dependable distributed systems. Virtual machines. Cyber-physical systems security. Securing concurrent systems. Assuring computational integrity using a hypervisor. Secure MapReduce. Trusted computing. Securing cloud computing. 
  • Privacy
    • Deanonymizing social networks.


  • CS346: Cryptography Undergraduate
  • CS361: Introduction to Computer Security
  • CS371D: Distributed Computing
  • CS378: A Formal Model of the Java Virtual Machine
  • CS378: Information Assurance and Security
  • CS378: Network Security and Privacy
  • CS380D: Distributed Computing I
  • CS380S: Theory and Practice of Secure Systems
  • CS386S: Network Protocol Security
  • CS388H: Cryptography Graduate
  • CS395T: Cyber-physical systems
  • CS395T: Design and Analysis of Security Protocols
  • CS395T: Topics in Automatic Theorem Proving
  • CS395T: Topics in Network Protocol Design
  • CS395T: Topics in Secure and Distributed Storage Systems

Research Groups: