Comcast endowed professor for security innovation
Dept. of Computer Science and Engineering
University of Connecticut
Teaching, advising and students:
I like teaching and advising students. I teach intro to cyber security (CSE3400), usually in fall term, and Network security (CSE4402; see syllabus), usually in spring term (incl. spring'19). I sometimes teach a seminar (on `bleeding edge' research in cyber security). I use UConn's HuskyCT extensively for providing materials and communicating with students.
See information on advising and students, including info for potential students, tips for students and list of previous and current students.
I am interested in security and privacy of networked systems. Security and privacy may be breached in many ways - it only takes one weak link to break the chain. I want to understand different threats and tools, and combine analysis and proofs with implementations, economics, and even human, legal, ethical and psychological aspects. Specific areas:
- Internet security: infrastructure (routing, DNS, DoS) and applications (web, phishing).
- Security for IoT and other emerging networks (e.g., of sensors, drones, stealthy-bots).
- Applied provable cryptography, esp. resiliency to exposures, cryptanalysis, side-channels, leakage.
- Privacy, anonymity and covert communication.
- Usable security and social-engineering attacks, and defenses - esp. for naive users.
- Financial cryptography, i.e., using cryptography to innovate financial systems, protocols and networks.
Positions and calls:
- I am on search committee of the CSE department, for the position of Synchrony-Financial Endowed Chair in Cybersecurity, a tenure-track faculty position at the associate or full professor level. Contact me for details, or see details and apply. The department also have additional searches, including in machine learning, a lecturer track position, and more.
- I am co-chair of the TPC of the IEEE CNS'19 conference, June 10-12 in Washington, DC. Deadline: Jan 4, 2019. See CFP.
- I am in the steering committee of the CANS conference.
- I serve on editing board of the PoPETS conference/journal hybrid.
- I served on many program committees, editing boards etc. [but I try to avoid it this year to focus on CNS]
I keep downloadable copies of most of my publications in my researchgate page. I apologize, but I don't keep an updated full list of publications; you may see (most) additional publications in online services such as DBLP or Scholar.
I am currently in the process of writing Cyber-Security Foundations (see online draft). Currently, it contains mostly part I, basic principles and cryptography. This part covers the basics of applied cryptography, and the basic principles of cyber-security, mainly teaching adversarial thinking, protecting against arbitrary attacker strategies rather than assuming a specific attack. The text seems already quite useful, and I appreciate feedback. The presentations are also available (in powerpoint - see also in researchgate). I also provide few exams, questions and solutions in network security , which will be the focus of the second part of the text. I'm teaching this course on sprint term 2019; I hoped to have much of the text for the 2nd part ready but I'm afraid it'll be `work in progress' during this term - there is simply not enough time... and/or I'm too slow. And surely not focused enough.
Personal and Opinions:
I an interested and opinionated in many topics such as politics, religions, history and science. In particular I'm very interested in social-technical, ethical and legal issues. See Cyber Security & Centralized Data, What Could Go Wrong?, an interview by the Institute for New Economic Thinking on the importance of privacy for society and economics, and the need for (self-)controls on at least some forms of cyber-warfare. See interview (in Hebrew) where I explain the risks of biometric repository which is being piloted in Israel.
I like discussing and arguing about these and other topics. And I also like reading, music, hikes, gardening, dogs, movies, and gym.
I'm best reachable by email: firstname.lastname@example.org. If I don't reply in reasonable time, send reminder, your message may have got lost (in spam... or just forgotten due to overload, sorry!).