I like studying things that go bump in the (virtual) night; lately I've been into JIT spraying attacks and hardening Just-In-Time compilers.
Prior to coming to UCSD, I earned my B.S. in Computer Science at the University of North Carolina at Chapel Hill in 2009. In 2013 and 2014, I earned my M.S. and C.Phil. at UCSD.
Nowadays, I'm a software engineer at Google, where I work on the Google Cloud Platform Team.
We show for the first time that the JIT spraying attack is feasible against the ARM architecture found in most handheld devices, describe our proof-of-concept attack, and offer tips for hardening.
In a large-scale ad-based study, we show that enabling DNSSEC for a domain will prevent one client (typically in Asia) from accessing the domain for every ten clients protected from tampering.
We measure how well pretty pictures can be used to visually distinguish the traffic patterns of various application protocols on the wire.
It's super effective!