Amir Herzberg

Comcast endowed professor for security innovation

Dept. of Computer Science and Engineering

University of Connecticut

Teaching, advising and students:

I like teaching and advising students. I teach intro to cyber security (CSE3400; see syllabus), usually in fall term, and Network security (CSE4402; see syllabus), usually in spring term (incl. spring'20). I sometimes teach a seminar (on `bleeding edge' research in cyber security). I use UConn's HuskyCT extensively for providing materials and communicating with students.

See information on advising and students, including info for potential students, tips for students and list of previous and current students.

Research Areas:

I am interested in security and privacy of networked systems. Security and privacy may be breached in many ways - it only takes one weak link to break the chain. I want to understand different threats and tools, and combine analysis and proofs with implementations, economics, and even human, legal, ethical and psychological aspects. Specific areas:

  • Internet security: infrastructure (routing, DNS, DoS) and applications (web, phishing).
  • Security for IoT and other emerging networks (e.g., of sensors, drones, stealthy-bots).
  • Applied provable cryptography, esp. resiliency to exposures, cryptanalysis, side-channels, leakage.
  • Privacy, anonymity and covert communication.
  • Usable security and social-engineering attacks, and defenses - esp. for naive users.
  • Financial cryptography, i.e., using cryptography to innovate financial systems, protocols and networks.

Positions and calls:

  • I am in the steering committee of the CANS conference.
  • I serve on editing board of the PoPETS conference/journal hybrid.
  • I served on many program committees, editing boards etc. [but I try to avoid it this year to focus on CNS]


I keep downloadable copies of most of my publications in my researchgate page. I apologize, but I don't keep an updated full list of publications; you may see (most) additional publications in online services such as DBLP or Scholar.

I am currently in the process of writing Cyber-Security Foundations (see online draft). Currently, it contains mostly part I, basic principles and cryptography. This part covers the basics of applied cryptography, and the basic principles of cyber-security, mainly teaching adversarial thinking, protecting against arbitrary attacker strategies rather than assuming a specific attack. The text seems already quite useful, and I appreciate feedback. The presentations are also available (in powerpoint - see also in researchgate). I also have the beginning of part II, network security ; see also few exams, questions and solutions in network security .

Personal and Opinions:

I an interested and opinionated in many topics such as politics, religions, history and science. In particular I'm very interested in social-technical, ethical and legal issues. See Cyber Security & Centralized Data, What Could Go Wrong?, an interview by the Institute for New Economic Thinking on the importance of privacy for society and economics, and the need for (self-)controls on at least some forms of cyber-warfare. See interview (in Hebrew) where I explain the risks of biometric repository which is being piloted in Israel.

I like discussing and arguing about these and other topics. And I also like reading, music, hikes, gardening, dogs, movies, and gym.


I'm best reachable by email: If I don't reply in reasonable time, send reminder, your message may have got lost (in spam... or just forgotten due to overload, sorry!).

Support and funding:

  • I am currently funded by two NSF awards, Comcast and Eversource Energy. Many thanks!
  • I am grateful for the following freely-provided research services: DeterLab, CREATE and CAIDA