Computer Science Division
University of California, Berkeley
Administrative. I currently serve as the Associate Chair for EECS and Division Chair for Computer Science at UC Berkeley.
Research interests. Computer security, systems security, usable security, and program analysis for security. I am currently working on security for wearable devices, smartphone security, and other topics in computer security. I have worked on software security, electronic voting, wireless security, sensor network security, and applied cryptography.
Projects. I'm part of Berkeley's security research group. I was previously PI for SCRUB, the Intel Science and Technology Center for Secure Computing, and the DHOSA project, and I was a member of the TRUST, ACCURATE, Science of Security, and ISAAC projects.
Publications. My technical papers and publications are all available online. Some of my technical talks are also available, too.
Teaching. See my past teaching.
Students. I'm lucky to have the chance to work with a group of outstanding graduate students and postdocs: Yizheng Chen, Norman Mu, Julien Piet, and Chawin Sitawarin. See also the students I've graduated.
Contacting me. See my contact information for my address and other details.
Professional activities. I currently serve as head of the CS Division and Associate Chair for EECS at UC Berkeley. I serve on the program committee of NDSS 2015, Usenix Security 2015, MObile Security Technologies (MoST) 2015, Symposium On Usable Privacy and Security (SOUPS) 2015, NDSS 2016, WWW 2016 Security and Privacy track, and I'm serving on the committee for the NSA Award for the Best Scientific Cybersecurity Paper (please send us your nominations!), on the CACM Research Highlights editorial board (I welcome your suggestions!), and on the editorial board for the Journal of Election Technology and Systems (JETS). Join me in committing to support open-access publication venues.
Software. Our group releases code for many of our recent papers on Github. Also available: OpenCount, a tool to help with auditing of elections conducted using optical-scan paper ballots; AuditBear, a web application for analyzing audit logs from ES&S iVotronic voting machines; Joe-E, a Java-based programming language for secure programming; html-sanitizer-testbed, a suite of tests to probe the security of a HTML sanitizer; and CQual++, a tool for type inference analysis of C and C++ code.
Recruiting. I am looking for a strong postdoc with interests in applications of machine learning to security or in adversarial machine learning, starting in 2022 or early 2023.