My research interests lie broadly in security and privacy, but lately I've been looking at the security of Just-In-Time compilers.
Prior to coming to UCSD, I earned my B.S. in Computer Science at the University of North Carolina at Chapel Hill in 2009. In 2013 and 2014, I earned my M.S. and C.Phil. at UCSD.
We show for the first time that the JIT spraying attack is feasible against the ARM architecture found in most handheld devices, describe our proof-of-concept attack, and offer tips for hardening.
In a large-scale ad-based study, we show that enabling DNSSEC for a domain will prevent one client (typically in Asia) from accessing the domain for every ten clients protected from tampering.
We measure how well pretty pictures can be used to visually distinguish the traffic patterns of various application protocols on the wire.
It's super effective!