Deian Stefan

Associate Professor
Computer Science and Engineering
UC San Diego
Office: CSE 3126
Email: deian@cs.ucsd.edu
Interests: security, programming languages, systems.
| CryptoSec | ProgSys ]

About Me

I am an associate professor in the UCSD CSE Department. I like building principled and practical secure systems. I am interested in research that spans security, programming languages, and systems. My students and I work on on secure systems (from Web frameworks, to new browser designs, sandboxing, and runtime systems), language-based security (constant-time programming, memory safety, and information flow control), verification for security, and (static and symbolic) program analysis tools. I spend a lot of my time thinking about WebAssembly and JavaScript JITs.

I was a co-founder and the Chief Scientist at Intrinsic a web-security startup (acquired by VMWare). I also spent a bit of time on the W3C WebAppSec and Node.js Security Working Groups.

I completed my PhD in Computer Science at Stanford under David Mazières, John C. Mitchell and Alejandro Russo. Prior to Stanford, I obtained a BE and ME in Electrical Engineering at Cooper Union.

Program Committtees

2023:
Security, HotOS,
2022:
Security, PLDI,
2021:
PriSC (PC co-chair), Security, S&P, CCS, HotOS
2020:
PriSC (PC co-chair), Security, S&P, SecDev, PLAS
2019:
SOSP, Security, S&P, PriSC, TheWebConf
2018:
S&P, PLDI, SecDev CSF, FCS
2017:
CCS, Security, Euro S&P, SEC@SAC, WWW, SecDev (Tutorial track)
2016:
SEC@SAC, POST, Security, PLAS (PC co-chair) , SecDev
2015:
FCS, HiW

Teaching

Spring 2024:
CSE 291: Blockchain Security (with Stefan Savage)
Spring 2022:
CSE 227: Graduate Computer Security
Winter 2022:
CSE 291: JIT Security
Fall 2021:
CSE 127: Computer Security
Spring 2021:
CSE 291: Trustworthy Browsers // Secure Compilation using WebAssembly
CSE 227: Graduate Computer Security
Fall 2020:
CSE 127: Computer Security
Spring 2020:
CSE 227: Graduate Computer Security
Winter 2020:
CSE 127: Computer Security
Fall 2019:
CSE 127: Computer Security
Spring 2019:
CSE 227: Graduate Computer Security (largely for PhD students)
Winter 2019:
CSE 127: Computer Security
Fall 2018:
CSE 227: Graduate Computer Security
Winter 2018:
CSE 130: Programming Languages: Principles and Paradigms
CSE 291: Language-based Security
Winter 2017:
CSE 130: Programming Languages: Principles and Paradigms
Fall 2016:
CSE 291: Building Secure Systems using Programming Languages and Analysis
CSE 290: Early Papers in Computer Security (co-taught with Hovav Shacham)

Prior to UCSD, I was also an instructor and teaching assistant for several courses at Stanford and Cooper.

Stanford

Fall 2014:
CS242: Programming Languages (co-taught with Edward Z. Yang)
Fall 2013:
CS242: Programming Languages (co-taught with Edward Z. Yang)
Winter 2013:
CS240: Advanced Topics in Operating Systems (assistant)
Fall 2011:
CS242: Programming Languages (assistant)

Cooper Union

Summer 2010:
Advanced Programming in Java (retraining program instructor)
Spring 2010:
Programming in Java (retraining program instructor)
Spring 2009:
ECE403: Selected Topics in Probability and Stochastic Processes (assistant)
Spring 2007:
ECE150: Digital Logic Design (assistant)
Fall 2006:
ECE150: Digital Logic Design (assistant)

Publications

Below you will find most papers I've worked on. DBLP has a slightly more complete list.

Papers

  • Evan Johnson, Evan Laufer, Zijie Zhao, Dan Gohman, Shravan Narayan, Stefan Savage, Deian Stefan, and Fraser Brown. WaVe: a verifiably secure WebAssembly sandboxing runtime. In Proceedings of Symposium on Security and Privacy, IEEE. May, 2023. Distinguished paper award.
    [ paper | bibtex ]
  • Hosein Yavarzadeh, Mohammadkazem Taram, Shravan Narayan, Deian Stefan, and Dean Tullsen. Half&Half: Demystifying Intel's Directional Branch Predictors for Fast, Secure Partitioned Execution. In Proceedings of Symposium on Security and Privacy, IEEE. May, 2023.
    [ paper | bibtex ]
  • Shravan Narayan, Tal Garfinkel, Mohammadkazem Taram, Joey Rudek, Daniel Moghimi, Evan Johnson, Chris Fallin, Anjo Vahldiek-Oberwagner, Michael LeMay, Ravi Sahita, Dean Tullsen, and Deian Stefan. Going beyond the Limits of SFI: Flexible and Secure Hardware-Assisted In-Process Isolation with HFI. In Proceedings of Architectural Support for Programming Languages and Operating Systems, ACM. March, 2023. Distinguished paper award.
    [ paper | bibtex ]
  • Alexandra E. Michael, Anitha Gollamudi, Jay Bosamiya, Evan Johnson, Aidan Denlinger, Craig Disselkoen, Conrad Watt, Bryan Parno, Marco Patrignani, Marco Vassena, and Deian Stefan. MSWasm: Soundly Enforcing Memory-Safe Execution of Unsafe Code. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2023.
    [ paper | bibtex | arXiv ]
  • Michael Smith, Peter Snyder, Moritz Haller, Ben Livshits, Deian Stefan, and Hamed Haddadi. Blocked or Broken? Automatically Detecting When Privacy Interventions Break Websites. In Proceedings of Privacy Enhancing Technologies Symposium (PoPETS) July, 2022.
    [ paper | bibtex | arXiv ]
  • Sunjay Cauligi, Craig Disselkoen, Daniel Moghimi, Gilles Barthe, and Deian Stefan. SoK: Practical Foundations for Software Spectre Defenses. In Proceedings of Symposium on Security and Privacy, IEEE. May, 2022.
    [ paper | bibtex | arXiv ]
  • Matthew Kolosick, Shravan Ravi Narayan, Evan Johnson, Conrad Watt, Michael LeMay, Deepak Garg, Ranjit Jhala, and Deian Stefan. Isolation Without Taxation: Near Zero Cost Transitions for WebAssembly and SFI. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2022.
    [ paper | bibtex | arXiv ]
  • Klaus von Gleissenthall, Rami Gökhan Kıcı, Deian Stefan, and Ranjit Jhala. Solver-Aided Constant-Time Hardware Verification In Proceedings of ACM Conference on Computer and Communications Security (CCS). October, 2021.
    [ paper | bibtex ]
  • Michael Smith, Peter Snyder, Ben Livshits, and Deian Stefan. SugarCoat: Programmatically generating privacy-Preserving, Web-compatible resource replacements for content blocking. In Proceedings of ACM Conference on Computer and Communications Security (CCS). October, 2021.
    [ paper | bibtex | code ]
  • Shravan Narayan, Craig Disselkoen, Daniel Moghimi, Sunjay Cauligi, Evan Johnson, Zhao Gang, Anjo Vahldiek-Oberwagner, Ravi Sahita, Hovav Shacham, Dean Tullsen, and Deian Stefan. Swivel: Hardening WebAssembly against Spectre. In Proceedings of USENIX Security Symposium. August, 2021.
    [ paper | bibtex | arXiv | code ]
  • Nico Lehmann, Rose Kunkel, Jordan Brown, Jean Yang, Niki Vazou, Nadia Polikarpova, Deian Stefan, and Ranjit Jhala. STORM: Refinement Types for Secure Web Applications. In Proceedings of Symposium on Operating Systems Design and Implementation (OSDI), USENIX. July, 2021.
    [ paper | bibtex | code ]
  • John Renner, Alex Sanchez-Stern, Fraser Brown, Sorin Lerner, and Deian Stefan. Scooter & Sidecar: A Domain-Specific Approach to Writing Secure Database Migrations. In Proceedings of Conference on Programming Language Design and Implementation (PLDI), ACM SIGPLAN. June, 2021.
    [ paper | bibtex | code ]
  • Evan Johnson, David Thien, Yousef Alhessi, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, and Deian Stefan. Доверя́й, но проверя́й: SFI safety for native-compiled Wasm. In Proceedings of Network and Distributed System Security Symposium (NDSS), Internet Society. February, 2021. (VeriWasm)
    [ paper | bibtex | code ]
  • Marco Vassena, Craig Disselkoen, Klaus v. Gleissenthall, Sunjay Cauligi, Rami Gökhan Kıcı, Ranjit Jhala, Dean Tullsen, and Deian Stefan. Automatically Eliminating Speculative Leaks from Cryptographic Code with Blade. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2021. Distinguished paper award.
    [ paper | bibtex | arXiv | code ]
  • Tal Garfinkel, Shravan Narayan, Craig Disselkoen, Hovav Shacham, and Deian Stefan. The Road to Less Trusted Code: Lowering the Barrier to In-Process Sandboxing. USENIX ;login: Winter, 2020, Vol. 45, No.5.
  • Nadia Polikarpova, Deian Stefan, Jean Yang, Shachar Itzhaky, Travis Hance, Armando Solar-Lezama. Liquid Information Flow Control. In Proceedings of International Conference on Functional Programming (ICFP), ACM SIGPLAN. August, 2020. Distinguished paper award. SIGPLAN research highlight.
  • Fraser Brown, Deian Stefan, and Dawson Engler. Sys: a Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code. In Proceedings of USENIX Security Symposium. August, 2020.
    [ paper | bibtex | code ]
  • Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, and Deian Stefan. Retrofitting Fine Grain Isolation in the Firefox Renderer. In Proceedings of USENIX Security Symposium. August, 2020. (RLBox) Distinguished paper award. First place at CSAW 2020 for applied research. IEEE Cybersecurity Award for Practice 2022.
    [ paper | arXiv | bibtex | site ]
  • Fraser Brown, John Renner, Andres Nöetzli, Sorin Lerner, Hovav Shacham, and Deian Stefan. Towards a verified range analysis for JavaScript JITs. In Proceedings of Conference on Programming Language Design and Implementation (PLDI), ACM SIGPLAN. June, 2020.
    [ paper | bibtex | code ]
  • Sunjay Cauligi, Craig Disselkoen, Klaus v. Gleissenthall, Dean Tullsen, Deian Stefan, Tamara Rezk, and Gilles Barthe. Constant-Time Foundations for the New Spectre Era. In Proceedings of Conference on Programming Language Design and Implementation (PLDI), ACM SIGPLAN. June, 2020.
    [ paper | bibtex | arXiv | code ]
  • Klaus von Gleissenthall, Rami Gökhan Kıcı, Deian Stefan, and Ranjit Jhala. IODINE: Verifying Constant-Time Execution of Hardware. In Proceedings of USENIX Security Symposium. August, 2019.
    [ paper | bibtex | code ]
  • Sunjay Cauligi, Gary Soeller, Brian Johannesmeyer, Fraser Brown, Riad S. Wahby, John Renner, Benjamin Gregoire, Gilles Barthe, Ranjit Jhala, and Deian Stefan. FaCT: A DSL for timing-sensitive computation. In Proceedings of Conference on Programming Language Design and Implementation (PLDI), ACM SIGPLAN. June, 2019.
    [ paper | bibtex | code ]
  • Craig Disselkoen, John Renner, Conrad Watt, Tal Garfinkel, Amit Levy, and Deian Stefan. Position Paper: Bringing Memory Safety to WebAssembly. In Proceedings of Hardware and Architectural Support for Security and Privacy (HASP). June, 2019.
    [ paper | bibtex ]
  • Marco Vassena, Gary Soeller, Peter Amidon, Matthew Chan, John Renner, and Deian Stefan. Foundations for parallel information flow control runtime systems. In Proceedings of Conference on Principles of Security and Trust (POST), Springer. April, 2019.
    [ paper | bibtex ]
  • Conrad Watt, John Renner, Natalie Popescu, Sunjay Cauligi, and Deian Stefan CT-Wasm: Type-Driven Secure Cryptography for the Web Ecosystem. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2019.
    [ paper | bibtex | code ]
  • Klaus von Gleissenthall, Rami Gökhan Kıcı, Alexander Bakst, Deian Stefan, and Ranjit Jhala. Pretend Synchrony: Synchronous Verification of Asynchronous Distributed Programs. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2019.
    [ paper | bibtex ]
  • Marco Vassena, Alejandro Russo, Deepak Garg, Vineet Rajani, and Deian Stefan. From Fine- to Coarse-Grained Dynamic Information Flow Control and Back. In Proceedings of ACM SIGPLAN Symposium on Principles of Programming Languages (POPL). January, 2019. Distinguished paper award.
    [ paper | bibtex ]
  • Craig Disselkoen, Tal Garfinkel, Deian Stefan, and Conrad Watt. Trestle: Bridging the Performance and Safety Divide in WebAssembly. In Workshop on Principles of Secure Compilation (PriSC). January, 2019.
  • Marc Andrysco, Andres Nöetzli, Fraser Brown, Ranjit Jhala, and Deian Stefan. Towards Verified, Constant-time Floating Point Operations. In Proceedings of ACM Conference on Computer and Communications Security (CCS). October, 2018.
    [ paper | bibtex ]
  • Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, and Deian Stefan. Browser history re:visited. In Proceedings of USENIX Workshop on Offensive Technologies (WOOT). August, 2018.
    [ paper | bibtex ]
  • John Renner, Sunjay Cauligi, and Deian Stefan. Constant-Time WebAssembly. In Workshop on Principles of Secure Compilation (PriSC). January, 2018.
    [ paper | bibtex ]
  • Sunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, and Deian Stefan. FaCT: A Flexible, Constant-Time Programming Language. In Proceedings of Cybersecurity Development (SecDev), IEEE. September, 2017.
    [ paper | bibtex ]
  • Gary Soeller and Deian Stefan. Multi-core IFC: Securing the space-time continuum. In Workshop on Foundations of Computer Security (FCS). August, 2017.
    [ paper | bibtex ]
  • Fraser Brown, Shravan Narayan, Riad S. Wahby, Dawson Engler, Ranjit Jhala, and Deian Stefan. Finding and Preventing Bugs in JavaScript Bindings. In Proceedings of Symposium on Security and Privacy, IEEE. May, 2017.
    [ paper | bibtex | code ]
  • Daniel B. Giffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John Mitchell, and Alejandro Russo. Hails: Protecting Data Privacy in Untrusted Web Applications Journal of Computer Security, IOS Press. Volume 25, Issue 4-5, 2017.
  • Deian Stefan, Alejandro Russo, David Mazières, and John C. Mitchell. Flexible Dynamic Information Flow Control in the Presence of Exceptions. Journal of Functional Programming, Cambridge University Press. Volume 27, 2017.
  • Stefan Heule, Devon Rifkin, Deian Stefan, and Alejandro Russo. The Most Dangerous Code in the Browser. In Proceedings of Workshop on Hot Topics in Operating Systems (HotOS), USENIX. May, 2015.
    [ paper | bibtex | slides ]
  • Stefan Heule, Deian Stefan, Edward Z. Yang, John C. Mitchell, and Alejandro Russo. IFC Inside: Retrofitting Languages with Dynamic Information Flow Control. In Proceedings of Conference on Principles of Security and Trust (POST), Springer. April, 2015.
  • Deian Stefan, Edward Z. Yang, Petr Marchenko, Alejandro Russo, Dave Herman, Brad Karp, and David Mazières. Protecting Users by Confining JavaScript with COWL. In Proceedings of Symposium on Operating Systems Design and Implementation (OSDI), USENIX. October, 2014.
    [ paper | bibtex | slides | video ]
  • Pablo Buiras, Deian Stefan, and Alejandro Russo. On Dynamic Flow-sensitive Floating-Label Systems. In Proceedings of Computer Security Foundations Symposium (CSF), IEEE. July, 2014.
    [ paper | bibtex ]
  • Deian Stefan, Pablo Buiras, Edward Z. Yang, Amit Levy, David Terei, Alejandro Russo, and David Mazières. Eliminating Cache-based Timing Attacks with Instruction-based Scheduling. In Proceedings of European Symposium on Research in Computer Security (ESORICS), Springer. September, 2013.
    [ paper | bibtex | slides ]
  • Pablo Buiras, Amit Levy, Deian Stefan, Alejandro Russo, and David Mazières. A Library for Removing Cache-Based Attacks in Concurrent Information Flow Systems. In Proceedings of Trustworthy Global Computing (TGC), Springer. August, 2013.
  • Edward Yang, Deian Stefan, John Mitchell, David Mazières, Petr Marchenko, and Brad Karp. Toward Principled Browser Security. In Proceedings of Workshop on Hot Topics in Operating Systems (HotOS), USENIX. May, 2013.
    [ paper | bibtex | slides ]
  • Daniel B. Giffin, Amit Levy, Deian Stefan, David Terei, David Mazières, John Mitchell, and Alejandro Russo. Hails: Protecting Data Privacy in Untrusted Web Applications. In Proceedings of Symposium on Operating Systems Design and Implementation (OSDI), USENIX. October, 2012.
    [ paper | bibtex | slides | video ]
  • Deian Stefan, Alejandro Russo, Pablo Buiras, Amit Levy, John C. Mitchell, and David Mazières. Addressing Covert Termination and Timing Channels in Concurrent Information Flow Systems. In Proceedings of International Conference on Functional Programming (ICFP), ACM SIGPLAN. September, 2012. Most Influential Paper Award at ICFP 2022
    [ paper | bibtex | slides | video ]
  • John C. Mitchell, Rahul Sharma, Deian Stefan, and Joe Zimmerman. Information-flow control for programming on encrypted data. In Proceedings of Computer Security Foundations Symposium (CSF), IEEE. June, 2012.
    [ paper | bibtex ]
  • Deian Stefan, Xiaokui Shu, and Danfeng (Daphne) Yao. Robustness of keystroke-dynamics based biometrics against synthetic forgeries. Computers & Security, Elsevier. 31(1) 2012.
    [ paper | bibtex ]
  • Kui Xu, Huijun Xiong, Chehai Wu, Deian Stefan, and Danfeng Yao. Data-Provenance Verification For Secure Hosts. Transactions on Dependable and Secure Computing, IEEE. 2012.
    [ paper | bibtex ]
  • Deian Stefan, Alejandro Russo, David Mazières, and John C. Mitchell. Disjunction Category Labels. In Proceedings of Nordic Conference on Security IT Systems (NordSec), Springer. October, 2011.
    [ paper | bibtex | slides ]
  • Deian Stefan, Alejandro Russo, John C. Mitchell, and David Mazières. Flexible Dynamic Information Flow Control in Haskell. In Proceedings of Haskell Symposium, ACM SIGPLAN. September, 2011.
    [ paper | bibtex | slides ]
  • Deian Stefan and Danfeng Yao. Keystroke-dynamics authentication against synthetic forgeries. In Proceedings of Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), IEEE. October, 2010. Best paper award.
    [ paper | bibtex ]
  • Joppe W. Bos and Deian Stefan. Performance analysis of the SHA-3 candidates on exotic multi-core architectures. In Proceedings of Cryptographic Hardware and Embedded Systems (CHES), Springer. August, 2010.
    [ paper | bibtex ]
  • Shahram Khazaei, Simon Knellwolf, Willi Meier, and Deian Stefan. Improved Linear Differential Attacks on CubeHash. In Proceedings of International Conference on Cryptology (AFRICACRYPT), Springer. May, 2010. Awarded the 2010.01 Prize by DJB.
    [ paper | bibtex ]
  • Dag Arne Osvik, Joppe W. Bos, Deian Stefan, and David Canright. Fast software AES encryption. In Proceedings of International Workshop on Fast Software Encryption (FSE), Springer. February, 2010.
    [ paper | bibtex ]
  • Deian Stefan. Hardware Framework for the Rabbit Stream Cipher. In Proceedings of International Conference on Information Security and Cryptology (INSCRYPT), Springer. December, 2009.
    [ paper | bibtex ]
  • Jared Harwayne-Gidansky, Deian Stefan, and Ishaan L. Dalal. FPGA-based SoC for real-time network intrusion detection using counting bloom filters. In Proceedings of SoutheastCon, IEEE. March, 2009.
    [ paper | bibtex ]
  • Ishaan L. Dalal, Deian Stefan, and Jared Harwayne-Gidansky. Low discrepancy sequences for Monte Carlo simulations on reconfigurable platforms. In Proceedings of International Conference on Application-Specific Systems, Architectures and Processors (ASAP), IEEE. July, 2008.
    [ paper | bibtex ]
  • Deian Stefan, David B. Nummey, Jared Harwayne-Gidansky, and Ishaan L. Dalal. On Parallelizing the CryptMT Stream Cipher. In Proceedings of Vehicular Technology Conference (VTC Spring), IEEE. May, 2008.
    [ paper | bibtex ]
  • Ishaan L. Dalal and Deian Stefan. A hardware framework for the fast generation of multiple long-period random number streams. In Proceedings of International Symposium on Field Programmable Gate Arrays (FPGA), ACM. February, 2008.
    [ paper | bibtex ]
  • Deian Stefan and Christopher Mitchell. On the Parallelization of the MICKEY-128 2.0 Stream Cipher. In Proceedings of The State of the Art of Stream Ciphers (SASC), Springer. February, 2008.
    [ paper | bibtex ]

Specifications

  • Deian Stefan. Confinement with Origin Web Labels. World Wide Web Consortium, First Public Working Draft WD-COWL-20151015. October, 2015.
    [ spec | bibtex | site ]

Demos

  • Deian Stefan, Amit Levy, Alejandro Russo, and David Mazières. Building Secure Systems with LIO. In Proceedings of Haskell Symposium, ACM SIGPLAN. September, 2014.
    [ paper | bibtex | slides | video | code ]
  • Amit Levy, David Terei, and David Mazières. Making Web Applications -XSafe. In Proceedings of Haskell Symposium, ACM SIGPLAN. September, 2014.
    [ paper | bibtex ]
  • Deian Stefan and David Mazières. Building Secure Systems with LIO. In Proceedings of Workshop on Programming Languages and Analysis for Security (PLAS), ACM SIGPLAN. July, 2014. Invited talk.
    [ paper | bibtex | slides | code ]

Non-refereed/Unpublished

  • Shravan Narayan, Tal Garfinkel, Sorin Lerner, Hovav Shacham, and Deian Stefan. Gobi: WebAssembly as a Practical Path to Library Sandboxing. In arXiv preprint arXiv:1912.02285. December, 2019.
    [ arXiv ]
  • Jean Pierre Talpin, Jean Joseph Marty, Shravan Narayan, Deian Stefan, and Rajesh Gupta. Towards verified programming of embedded devices. In Proceedings of IEEE Design, Automation and Test in Europe (DATE). March, 2019. Invited paper.
    [ paper | bibtex ]
  • Fraser Brown, Ariana Mirian, Atyansh Jaiswal, Andres Nöetzli, Deian Stefan. SPAM: a Secure Package Manager. April, 2017.
    [ paper | bibtex ]
  • Daniel B. Giffin, Stefan Heule, Amit Levy , David Mazières, John Mitchell, Alejandro Russo, Amy Shen, Deian Stefan, David Terei, and Edward Z. Yang. Security and the average programmer. In Proceedings of Conference on Principles of Security and Trust (POST), Springer. April, 2014. Invited paper.
    [ paper | bibtex ]
  • Alex Bain, John Mitchell, Rahul Sharma, Deian Stefan, and Joe Zimmerman. A Domain-Specific Language for Computing on Encrypted Data. In Proceedings of Foundations of Software Technology and Theoretical Computer Science (FSTTCS), LIPIcs. December, 2011. Invited paper.
  • Deian Stefan and John C. Mitchell. Analysing Object-Capability Patterns With Murφ. April, 2011.
    [ paper | bibtex ]

Theses

  • Deian Stefan. Principled and Practical Web Application Security. Ph.D. Thesis, Stanford University. December, 2015.
    [ thesis | bibtex ]
  • Deian Stefan. Analysis and Implementation of eSTREAM and SHA-3 Cryptologic Algorithms. M.Eng. Thesis, Cooper Union. May, 2011.
    [ thesis | bibtex ]

The documents distributed by this server have been provided as a means to ensure timely dissemination of scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that the works are offered here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be distributed without the explicit permission of the copyright holder.

Application Materials

Below you can find my curriculum vitae, research statement, and teaching statement. My curriculum vitae contains the contact information for my references.

The following three papers are representative: