Stefan Savage

Professor

Department of Computer Science and Engineering

University of California, San Diego


Office: EBU3B 3106
Email: savage AT cs.ucsd.edu
ssavage AT ucsd.edu
Mail:

UCSD Dept of CSE

9500 Gilman Drive, MC 0404,

La Jolla, CA  92093-0404

Voice (858)-822-4895
FAX (858)-534-7029
Systems and Networking Group

Security Group


Recent publications

Unfiltered: Measuring Cloud-based Email Filtering Bypasses, Sumanth Rao, Enze Liu, Grant Ho, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the Web Conference (WWW), Singapore, May 2024.

An Empirical Analysis of Enterprise-Wide Mandatory Password Updates, Ariana Mirian, Grant Ho, Stefan Savage, and Geoffrey M. Voelker, Proceedings of Annual Computer Security Applications Conference (ACSAC), Austin, TX, December 2023.

Understanding the Viability of Gmail's Origin Indicator for Identifying the Sender, Enze Liu, Lu Sun, Alex Bellon, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Imani N. S. Munyaka, Proceedings of the Symposium on Useable Privacy and Security, Anaheim, CA, August 2023.

In the Line of Fire: Risks of DPI-triggered Data Collection, Ariana Mirian, Alisha Ukani, Ian Foster, Gautam Akiwate, Taner Halicioglu, Cindy Moore, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage, Proceedings of Workshop on Cyber Security Experimentation and Test (CSET), Marina del Rey, CA, August 2023.

No Privacy Among Spies: Assessing the Functionality and Insecurity of Consumer Android Spyware Apps, Enze Liu, Sumanth Rao, Sam Havron, Grant Ho, Stefan Savage, Geoffrey M. Voelker, and Damon McCoy, Proceedings of the 23rd Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, July 2023.

Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy, Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the IEEE European Symposium on Security and Privacy, Delft, The Netherlands, July 2023, pages 373-391. (Best paper award).

WaVe: a Verifiably Secure WebAssembly Sandboxing Runtime, Evan Johnson, Evan Laufer, Zijie Zhao, Shravan Narayan, Stefan Savage, Deian Stefan, and Fraser Brown, Proceedings of the IEEE Symposium on Security and Privacy, May 2023. (Distinguished Paper Award).

Ransomware Attack Associated With Disruptions at Adjacent Emergency Departments in the US, Christian Dameff, Jeffrey Tully, Theodore C. Chan, Edward M. Castillo, Stefan Savage, Patricia Maysent, Thomas M. Hemmen, Brian J. Clay, and Christopher A. Longhurst, JAMA Network Open 6(5):e2312270-e2312270, 2023.

The Challenges of Blockchain-based Naming Systems for Malware Defenders, Audrey Randall, Wes Hardaker, Aaron Schulman, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), November 2022, pages 1-14. (Best Student Paper).

Retroactive Identification of Targeted DNS Infrastructure Hijacking, Gautam Akiwate, Raffaele Sommese, Mattijs Jonker, Zakir Durumeric, kc Claffy, Geoffrey M. Voelker, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022, pages 14-32.

Where .ru? Assessing the Impact of Conflict on Russian Domain Infrastructure, Mattijs Jonker, Gautam Akiwate, Antonia Affinito, kc Claffy, Alessio Botta, Geoffrey M. Voelker, Rolan van Rijswijk-Deij, and Stefan Savage, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022, pages 159-165.

Measuring UID Smuggling in the Wild, Audrey Randall, Peter Snyder, Alisha Ukani, Alex C. Snoeren, Geoffrey M. Voelker, Stefan Savage, and Aaron Schulman, Proceedings of the ACM Internet Measurement Conference (IMC), Nice, France, October 2022, pages 230-243.

Measuring Security Practices, Louis F. DeKoven, Audrey Randall, Ariana Mirian, Gautam Akiwate, Ansel Blume, Lawrence K. Saul, Aaron Schulman, Geoffrey M. Voelker, and Stefan Savage, Communications of the Association for Computing Machinery 65(9):93-102, September 2022.

Domain Name Lifetimes: Baseline and Threats, Antonia Affinito, Raffaele Sommese, Gautam Akiwate, Stefan Savage, KC Claffy, Geoffrey M. Voelker, Alessio Botta, and Mattijs Jonker, Proceedings of the 6th Network Traffic Measurement and Analysis Conference (TMA), June 2022, pages 10-18.

More...

Research  

I'm part of the Systems & Networking and Security research groups. My interests are all over the map, ranging from the economics of e-crime, to automotive and aviation systems, to routing protocols and data center virtualization and back again. I have very broad interests (i.e. try me if you have a crazy idea).

Students  
Evan Johnson
Enze "Alex" Liu
Elisa Luo
Sumanth Rao

Ariana Miran (Ph.D., 202e) → Censys
Audrey Randall (Ph.D. 2023) → Google
Gautam Akiwate (Ph.D., 2022) → Stanford postdoc
Guo "Vector" Li (Ph.D., 2020) → Google
Louis Dekoven (Ph.D., 2019) → Facebook
Wilson Lian (Ph.D., 2016) → Google
Neha Chachra (Ph.D., 2015) → Facebook
Matthew Der (Ph.D., 2015) → Notch → Capital One
Tristan Halvorson (Ph.D., 2015) → Google
Ian Foster (BS/MS, 2015) → Salesforce
He Liu (Lonnie) (Ph.D., 2015) → Google
David Wang (Ph.D, 2014) → Google → Etsy
Sarah Meiklejohn (Ph.D., 2014) → University College London
Daniel Turner (Ph.D., 2013) →TurboSquid → Shopify
Andreas Pitsillidis (Ph.D., 2013) → Google
Chris Kanich (Ph.D., 2012) → University of Illinois, Chicago
Damon McCoy (postdoc 2009-2011) → George Mason University → NYU
Marti Motoyama (Ph.D., 2011) → FitBit
Michael Vrable (Ph.D., 2011) → Google
Sushma Bannur (M.S., 2011) → Microsoft → Facebook
Kourosh Derakshan (M.S., 2011) → Qualcomm
Justin Ma (Ph.D., 2010) → Berkeley Postdoc → Google
Ge "Grace" Wang (M.S., 2010) → Qualcomm
Ryan Roemer (M.S., 2009) → Microsoft → IP Street → Curiosity Media → Formidable Labs
Kirill Levchenko (Ph.D., 2008) → UCSD Research Scientist → Illinois
David Moore (2008) → Cisco → Google
Varun Almaula (M.S., 2008) → Cisco
Yu-Chung Cheng (Ph.D., 2007) → Google
Alper Mizrak (Ph.D., 2007) → VmWare
John Bellardo (Ph.D., 2006) → Cal Poly SLO
Sumeet Singh (2006) → NetSift → Cisco → Microsoft → AppFormix
Chris Tuttle (M.S., 2006) → Google
Ishwar Ramani (M.S., 2005) → Juniper Networks → VUDU → Lab126
Ranjita Bhagwan (Ph.D., 2004) → IBM Research → Microsoft Research
Doug Brown (M.S., 2003) → NYU Law School → Asst U.S. Attorney → Chapin Fitzgerald LLP → Abelson Herron Halpern LLP
Recent teaching  
Winter 24: CSE291-C Cybercrime (grad, co-taught with Alex Gantman)
Fall 23: CSE 127 Computer Security (undergrad)
Spring 23: CSE291-B Security, Privacy and US Law (grad)
Winter 23: CSE291/DSC291 Information Manipulation: Trustworthiness of Information in Cyberspace (grad, co-taught w/Molly Roberts)
Fall 22: CSE 127 Computer Security (undergrad)
Winter 22: GPA 477 Cyber Security (grad policy course -- materials on Canvas, co-taught w/Peter Cowhey)
Winter 22: CSE 291-6 Ransomware (grad)
Fall 21: CSE 227 Computer Security (grad)
Spring 21: GPA 477 Cyber Security (grad policy course -- materials on Canvas, co-taught w/Peter Cowhey)
Spring 21: CSE 127 Computer Security (undergrad)
Winter 21: CSE291-C Security, Privacy and US Law (grad)
Spring 20: GPA 477 Cyber Security (grad policy course -- materials on tritonEd, co-taught w/Peter Cowhey)
Spring 20: CSE 127 Computer Security (undergrad)
Professional Activities
ACM CCS Steering Committee, 2015-present
USENIX Enigma Steering Committee, 2016-2021
Program Co-chair, 2016 USENIX Security Symposium
Progrm Committee, 2015 ACM SIGCOMM
Program Committee, 2012 USENIX Symposium on Operating System Design and Implementation (OSDI)
Program Committee, 2011 ACM SIGCOMM Conference
Program Committee, 2011 USENIX LEET Workshop
Program Committee, 2010 USENIX Networked Systems Design and Implementation (NSDI)
Program Committee, 2010 USENIX LEET Workshop
Program Committee, 2009 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2009 IEEE Symposium on Security and Privacy
Program Co-chair, 2008 ACM SIGCOMM Conference
Steering Committee,
2008-present USENIX LEET Workshop
Program Committe, 2008 USENIX WOWCS Workshop
Member, NSF GENI Science Council, 2007-2008
Program Co-chair, 2007 ACM HotNets Workshop
Program Committee, 2007 ACM Workshop on Recurring Malcode (WORM)
Program Committee, 2007 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2007 ACM SIGCOMM Conference
Program Committee, 2006 IEEE Symposium on Security and Privacy
NRC/CSTB Study: Improving Cybersecurity Research in the United States (2004-2005)
Program Committee, 2005 USENIX Networked Systems Design and Implementation (NSDI)
Program Committee, 2005 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2004 ACM Workshop on Rapid Malcode (WORM)
Program Co-chair, 2004 USENIX/ACM Networked Systems Design and Implementation (NSDI)
Co-Organizer, 2003 DIMACS Workshop on Large-Scale Internet Attacks
Program Chair, 2003 ACM Workshop on Rapid Malcode (WORM)
Program Committee, 2003 ACM Symposium on Operating System Principles (SOSP)
Program Committee, 2003 ACM SIGCOMM Conference
Program Committee, 2003 DISCEX Conference
Program Committee, 2003 ACM HotNets Workshop
Program Committee, 2002 ACM SIGCOMM Conference
Program Committee, 2001 Global Internet Symposium
Internet2 Network Research Liason Council, 2002-2004.
CSTB Research Horizons: Networking Research Workshop, 2001
DARPA ISAT Member, 2001-2004.
Misc

I got my undergrad degree in Applied History from CMU and my Ph.D. from the University of Washington (courtesy Brian Bershad and Tom Anderson). I was Co-founder and Chief Scientist at Asta Networks (now kaput), served on the Strategy Advisory Council of Rendition Networks (since acquired by OpsWare) and helped develop some of the technology used by Netsift (since acquired by Cisco). I do other consulting here and there.