Our security research includes foundations. It also includes systems built on provable properties. Besides such technologies, which provide demonstrable defense against concrete attacks, we also work on demonstrating security flaws in systems that are thought to be secure. In other words, we also like to break things.


  • Access control
    • Authorization models. Information flow control. Mandatory access control systems. 
  • Cryptography
  • Networking
    • Internet security services. Intrusion detection and prevention. Wireless security. 
  • Verification
    • Formal specification and verification of hardware and software. Network protocol design and verification. Design and verification of network elements. Mechanized theorem proving in support of verification. 
  • Systems
    • Secure storage systems. Dependable distributed systems. Virtual machines. Cyber-physical systems security. Securing concurrent systems. Assuring computational integrity using a hypervisor. Secure MapReduce. Trusted computing. Securing cloud computing. 
  • Privacy
    • Deanonymizing social networks.


  • CS346: Cryptography Undergraduate
  • CS356: Networks
  • CS361: Introduction to Computer Security
  • CS361S: Network Security and Privacy
  • CS371D: Distributed Computing
  • CS378: Real World Information Security
  • CS378: Ethical Hacking
  • CS380D: Distributed Computing I
  • CS388H: Cryptography
  • CS395T: Cyber-physical systems
  • CS396M Advanced Networking Protocols

Research Groups: