Patrick Drew McDaniel
William L. Weiss Professor of Information and Communications Technology
: W329 Westgate Building Computer Science and Engineering Department
Pennsylvania State University University Park, PA 16802 (814) 863-3599
: firstname.lastname@example.org Homepage
William L. Weiss Professor of Information and Communications Technology, Pennsylvania State University
University Park, Pennsylvania January 2016-Present
Director, Institute for Networking and Security Research, Pennsylvania State University
University Park, Pennsylvania, August 2016-Present
Distinguished Professor, Pennsylvania State University
University Park, Pennsylvania January 2016-2017
Professor, Pennsylvania State University
University Park, Pennsylvania May 2011-December 2015
Pennsylvania State University
University Park, Pennsylvania July 2007-May 2011
Hartz Family Career Development Assistant Professor,
Pennsylvania State University
University Park, Pennsylvania August 2004-June 2007
Co-Director, Systems and Internet Infrastructure Security Laboratory, Pennsylvania State University
University Park, Pennsylvania, January 2005-August 2016
Adjunct Professor, Stern School of Business, New York
New York, NY, January 2003-2009
Research Assistant, University of Michigan
Ann Arbor, Michigan, September 2000-August 2001
Research Assistant, NASA Kennedy Space Center
Ann Arbor, Michigan, 1997-2000
Research Assistant, University of Michigan, Ann Arbor, MI,
Student on the NSA funded "Design and Implementation of Secure
Mobile Agent Services" research project.
University of Michigan, Ann Arbor
Ph.D., Computer Science and Engineering, October 2001
Dissertation: Policy Management in Secure Group Communication
Advisor: Dr. Atul Prakash
Ball State University
M.S., Computer Science, June 1991
B.S., Computer Science, August 1989
Senior Research Staff Member, AT&T Labs - Research,
Florham Park, NJ, September 2001-August 2004
Research staff member working in security management, network
security, multiparty communication, networking, web technologies,
and distributed systems.
Research Intern, AT&T Labs - Research, Florham Park,
NJ, Summer 1999
Working with Aviel Rubin, investigated the design space and
practical applications of certificate revocation
Robert J. Walls, Eric D. Kilmer, Nathaniel Lageman, and Patrick D. McDaniel. Measuring the Impact and Perception of Acceptable Advertisements.
Proceedings of the ACM 2015 Internet Measurement Conference (IMC), October 2015.
Damien Octeau, Daniel Luchaup, Matthew Dering, Somesh Jha, and Patrick McDaniel. Composite Constant Propagation: Application to Android Inter-Component Communication Analysis.
Proceedings of the 37th International Conference on Software Engineering (ICSE), May 2015.
William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones.
ACM Transactions on Computer Systems (TOCS), 32(2), June, 2014.
Damien Octeau, Patrick McDaniel, Somesh Jha, Alexandre Bartel, Eric Bodden, Jacques Klein, and Yves Le Traon. Effective Inter-Component Communication Mapping in Android: An Essential Step Towards Holistic Security Analysis.
Proceedings of the 22th USENIX Security Symposium, August 2013.
Thomas Moyer, Kevin Butler, Joshua Schiffman, Patrick McDaniel, and Trent Jaeger, Scalable Web Content Attestation.
IEEE Transactions on Computers, 61(5):686--699, April, 2011.
Stephen McLaughlin, Patrick McDaniel, and William Aiello. Protecting Consumer Privacy from Electric Load Monitoring.
The 18th ACM Conference on Computer and Communications Security (CCS), October 2011.
William Enck, Damien Octeau, Patrick McDaniel, and Swarat Chaudhuri. A Study of Android Application Security.
Proceedings of the 20th USENIX Security Symposium, August 2011.
San Francisco, CA.
Kevin Butler, Toni Farley, Patrick McDaniel, and J. Rexford, A Survey of BGP Security Issues and Solutions.
Proceedings of the IEEE, 2010(1):100-122, January, 2010.
Kevin Butler, Sunam Ryu, Patrick Traynor, and Patrick McDaniel, Leveraging Identity-based Cryptography for Node ID Assignment in Structured P2P Systems.
IEEE Transactions on Parallel and Distributed Systems (TPDS), 20(12):1803-1815, December, 2009.
Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta, Mitigating Attacks on Open Functionality in SMS-Capable Cellular Networks.
IEEE/ACM Transactions on Networking (TON), 17(1):40-53, 2009.
William Enck, Thomas Moyer, Patrick McDaniel, Shubho Sen, Panagiotis Sebos, Sylke Spoerel, Albert Greenberg, Yu-Wei Sung, Sanjay Rao, and William Aiello, Configuration Management at Massive Scale: System Design and Experience.
IEEE Journal on Selected Areas in Communications (JSAC), 27(3):323-335, 2009.
Vaibhav Rastogi, Northwestern University,
Robert Walls, University of Massachusetts, Amherst,
Past PhD Students
Wenhui Hu, Pennsylvania State University,
Fall 2016Devin Pohly, Pennsylvania State University,
Spring 2016, now
Damien Octeau, Pennsylvania State University,
Summer 2014, now
Software Engineer in Security
Steve McLaughlin, Pennsylvania State University,
Spring 2014, now
Senior Software Engineer
Samsung Research America
Thomas Moyer, Pennsylvania State University,
Summer 2011, now
Massachusetts Institute of Technology-Lincoln Labs
William Enck, Pennsylvania State University,
Spring 2011, now
North Carolina State University
Kevin Butler, Pennsylvania State University,
Summer 2010, now
University of Florida
Machigar Ongtang, Pennsylvania State University,
Summer 2010, now
Dhurakij Pundit University
Patrick Traynor, co-advisor, Pennsylvania State University,
Spring 2008, now
University of Florida
Fr. Boniface Hicks, Pennsylvania State University,
Fall 2007, now
St. Vincent College
Current PhD Students
Z. Berkay Celik, Pennsylvania State University,
Spring 2019Nicolas Papernot, Pennsylvania State University,
Past Masters Students
Nathan Lagerman, Pennsylvania State University,
Spring 2016Matthew Dering, Pennsylvania State University,
Spring 2014Phil Koshy, M.S. Pennsylvania State University,
Fall 2013Diana Koshy, M.S. Pennsylvania State University,
Fall 2013Steve McLaughlin, M.S. Pennsylvania State University,
Spring 2011Sergei Miadzvezhanka, M.S. Pennsylvania State University,
Spring 2011Adam Delozier, M.S. Pennsylvania State University,
Spring 2011Juliet Uhlott, M.Eng. Pennsylvania State University,
Fall 2010Damien Octeau, M.S. Pennsylvania State University,
Spring 2010Thomas Moyer, M.S. Pennsylvania State University,
Spring 2009Luke St. Clair, M.S. Pennsylvania State University,
Summer 2008Lisa Johansen, M.S. Pennsylvania State University,
Spring 2008Sunam Ryu, M.S. Pennsylvania State University,
Spring 2007Dhananjay Bapat, M.S. Pennsylvania State University (Electrical Engineering),
Fall 2006Jennifer Plasterr, M.Eng. Pennsylvania State University,
Summer 2006Adam Kerr, M.Eng. Pennsylvania State University,
Fall 2006William Enck, M.S. Pennsylvania State University,
Spring 2006Wesam Lootah, M.S. Pennsylvania State University,
Spring 2006Jon Hansford, M.Eng. Pennsylvania State University,
Fall 2005John van Bremer, M.Eng. Pennsylvania State University,
Past Undergraduate Honors Students
Tim Misiak, Schreyer Honors College, Pennsylvania State University,
Spring 2007Kiyan Ahmadizadeh, Schreyer Honors College, Pennsylvania State University,
CMPSC311 - Introduction to Systems Programming
Fall 2013, Fall 2014, Fall 2015, Fall 2016
CMPSC443 - Introduction to Computer and Network Security
CSE543 - Computer and Network Security
Fall 2004, Fall 2005, Fall 2008, Fall 2009, Fall 2011, Fall 2014
CSE544 - Advanced System Security
CSE545 - Advanced Network Security
Spring 2006, Spring 2008, Spring 2011
CSE597g - Principles, Analysis, and Applications of Computer Security
Security and Privacy of Machine Learning
Advanced Topics in the Security and Privacy of Machine Learning
CSE598 - Cell Phone Operating Systems
CSE598i - Web 2.0 Security
CSE598d - Topics in Applied Systems Security
CSE598e - Critical Infrastructure Security
Collaborators (last 48 months, alphabetical)
Last 48 months, alphabetical by last name
Z. Berkay Celik,
Eric D. Kilmer,
Patrick D. McDaniel,
Lorenzo De Carli,
Patrick Drew McDaniel,
Scott E. Brown,
Daniel E. Krych,
Lorrie Faith Cranor,
Ahmed Fathy Atya,
Charles J. Huber,
Devin J. Pohly,
Robert J. Walls,
T.F. La Porta,
Thomas La Porta,
Yves Le Traon,
Lisa M. Marvel,
Anmol N. Sheth,
Landon P. Cox,
Kevin R. B. Butler,
and Ritu Chadha,
A. Selcuk Uluagac,
Ananthram Swami Prasant Mohapatra,
Srikanth V. Krishnamurthy,
PI, 2017 SaTC PI Meeting, NSF (CNS), $99,999 (PSU award $50,230), 8/15/2016-3/31/2017, Collaborators: Antonakakis (GaTech), Mason (UIUC).
PI, TWC: Medium: Collaborative: Scaling and Prioritizing Market-Sized Application Analysis, NSF (CNS), $1,147,213 (PSU award $547,213), 7/01/2016-6/30/2020, Collaborators: Jha (Wisconsin).
PI, Student Travel Support for Symposium on Security and Privacy 2014, Army Research Office, $10,000, 5/1/14-5/1/15.
PI, Models for Enabling Continuous Reconfigurability of Secure Missions (MACRO) Cyber-Security Collaborative
Research Alliance (CRA), Army Research Laboratory, $24.1 million (\$48.2 million with renewal), 9/20/2013-9/19/2023 (renewable at 5 years), Collaborators: PSU, Carnegie Mellon, Indiana, UC Davis, UC Riverside, ARL, CERDEC.
PI, Google Faculty Research Award, Plotting a Map of Android Inter-App Communication, Google, $50,000, 3/1/2012-2/28/2013, Collaborators: PSU (McDaniel), TU Darmstadt (Bodden), University of Luxembourg (Traon), .
PI, Battelle BGP Security Study (Phase 2), Battelle, $102,815, 10/1/2012-9/30/2013, Collaborators: PSU (McDaniel), Oregon (Butler).
PI, TWC: Medium: Collaborative: Extending Smart-Phone Application Analysis, NSF (CNS), $1,386,518 (plus 16k REU supplement) (PSU award $534,748), 8/1/2012-7/31/2016, Collaborators: PSU (McDaniel), Wisconsin (Jha).
PI, Battelle BGP Security Study (Phase 1), Battelle, $94,400, 2/15/2012-9/30/2012, Collaborators: PSU (McDaniel).
co-PI, TC: Medium: Collaborative Research: Building Trustworthy Applications for Mobile Devices, NSF (CNS), $1,386,518 (PSU award $350,000), 8/1/2011-7/31/2014, Collaborators: PSU (McDaniel), Wisconsin (Banerjee, Jha, Swift).
PI, Closing the Loop on Security Testing and Security Requirements, Security and Software Engineering Research Center, $31,000, 8/1/2011-7/31/2012.
co-PI, Managing Security and Vulnerability Risks in the Smart Grid, Institute for CyberScience and The Penn State Institutes of Energy and the Environment, $31,000, 08/1/09-12/16/09, Collaborators: PSU (Blumsack, McDaniel).
PI, Smart Grid Cyber Security Research, Lockheed Martin, $250,000, 1/1/10-12/16/10.
PI, NSF HECURA: Collaborative Research: Secure Provenance in High-End Computing Systems, NSF (CCF), $1,000,000 (PSU award $307,073), 08/1/09-8/31/13, Collaborators: PSU (McDaniel), UIUC (Winslett), Stonybrook (Sion, Zadok).
PI, TC: Medium: Collaborative Research: Security Services in Open Telecommunications Networks, NSF (CNS), $1,386,518 (PSU award $594,941), 08/01/09-08/01/12, Collaborators: PSU (McDaniel, La Porta), UPenn (Blaze), Columbia (Schulzrinne).
PI, Characterizing and Mitigating Wireless Systems Vulnerabilities, Defense University Research Instrumentation Program (DURIP), Army Research Office (ARO), $150,000, 05/22/09-02/28/11, Collaborators: PSU (La Porta, McDaniel).
co-PI, Integrity Management for ICT Development, Bell Labs Network Reliability and Security Office, Alcatel-Lucent , $100,000, 11/30/08-11/30/09, Collaborators: PSU (La Porta, McDaniel).
PI, Utility Grid Automation and Risk Management, Lockheed Martin, $400,000, 11/30/08-12/16/09.
PI, EVEREST: Evaluation and Validation of Election-Related Equipment, Standards, and Testing, The State of Ohio, $716,336 (PSU award $332,066), 10/01/07-01/07/08, Collaborators: PSU (McDaniel), UPenn (Blaze), UCSB (Kemmerer, Vigna), Berkeley (Hall, Quilter).
Co-PI, Protecting Services for Emerging Wireless Telecommunications Infrastructure, NSF (CNS), $658,032, 09/01/07-08/31/11, Collaborators: PSU (La Porta, Jaeger, McDaniel).
Co-PI, Security for Internet/IMS Convergence, Cisco, $100,000, 9/1/07-8/31/08, Collaborators: PSU (La Porta, McDaniel).
Co-PI, System-Wide Information Flow Enforcement, BAA 06-11-IFKA, "National Intelligence Community Enterprise Cyber Assurance Program", $496,000, 2/1/07-8/1/08, Collaborators: PSU (Jaeger, McDaniel).
PI, CAREER: Realizing Practical High Assurance through Security-Typed Information Flow Systems, NSF (CNS), $400,000, 1/2/07-1/1/12.
Co-PI, CT-IS: Shamon: Systems Approaches for Constructing Distributed Trust, NSF (CNS), $400,000, 9/1/06-8/31/10, Collaborators: PSU (Jaeger, McDaniel).
Co-PI, Center of Excellence, Ben Franklin Technology Partners, $75,000, 01/01/07-07/01/07, Collaborators: PSU (Cao, Jaeger, La Porta, McDaniel, Smith).
Co-PI, Exploiting Asymmetry in Performance and Security Requirements for I/O in High-end Computing, NSF (CFF), $699,690, 9/1/06-8/31/10, Collaborators: PSU (McDaniel, Sivasubramaniam).
PI, Automated Configuration with the PRESTO Network Management Platform, AT\&T, $100,000, 6/1/06-5/31/07.
PI, Testbed for Network-Scale Countermeasure Evaluation, Cisco, $45,938, 9/1/05-8/31/06.
PI, Collaborative Research: CT-T: Flexible, Decentralized Information-flow Control for Dynamic Environments, NSF (CFF), $1,057,427 (PSU award $234,585), 8/1/05-7/31/08, Collaborators: PSU (McDaniel), UPenn (Zdancewic), Maryland (Hicks), GMU (Winsborough).
PI, Extending Developer Tools for Security-typed Languages, Software Engineering Research Center, Sponsor: Motorola, $23,200, 7/1/05-6/30/06.
PI, Student Travel Support for ACM SIGCOMM 2005 Conference, NSF, $19,620, 4/1/05-3/31/06.
Co-PI, NSF CyberTrust: Collaborative Research: Testing and
Benchmarking Methodologies for Future Network Security Mechanisms
(EMIST), NSF/DHS, $5,344,459 (PSU award $2,533,447), 8/1/04-8/31/06, Collaborators: PSU (Kesidis, Miller, Liu), Purdue (Fahmy, Rosenberg, Spafford, Shroff, Brodley), UCDavis (Wu, Levitt, Bishop, Rowe), ICSI/Berkeley (Paxson, Floyd, Weaver).
Honors, Awards and Keynote Addresses
Best Student Paper, 2017 ACM Symposium on SDN Research (SOSR)
with Stefan Achleitner, Thomas La Porta and Trent Jaeger, April 2017IEEE Technical Committee on Security and Privacy Outstanding Community Service Award
in recognition for leadership of the Technical Committee on Security and Privacy, May 2016ACM Fellow
for contributions to computer and mobile systems security, December 2015Science of Security Index of Significant Research in Cyber Security
acknowledging paper 'Toward a Science of Secure Environments', Science of Security Virtual Organization (SOS-VO), August 2015IEEE Fellow
for contributions to the security of mobile communications, November 2014Best Artifact Award, 20th International Symposium on the Foundations of Software Engineering (FSE)
with advisee Damien Octeau and collaborator Somesh Jha, November 2012Best Paper, 25th Annual Computer Security Applications Conference
with advisees Machigar Ongtang, Stephen McLaughlin, and William Enck, December 2009Faculty Marshal, College of Engineering
selected by student marshals for contributions to undergraduate education, leads procession into graduation ceremony, May 2009Penn State Engineering Society Outstanding Research Award
highly selective award by the Penn State Engineering Society given to faculty in the College of Engineering who have made significant contributions to knowledge in their field, March 2009Google Security and Product Safety Acknowledgement
in recognition of efforts in improving the security of Google Android cellular phone operating system, 2008Commendation for Exceptional Leadership and Achievement
in recognition of efforts as PI of the EVEREST study, from Ohio Secretary of State Jennifer Brunner, August 2008IEEE Technical Committee on Security and Privacy Outstanding Community Service Award
in recognition for technical program management of the IEEE Security and Privacy symposia, August 2008National Science Foundation CAREER Award
Faculty early career development grant, August 2007Penn State Computer Science and Engineering Outstanding Teaching Award
Given to best teacher in the department as selected by students, March 2007ACM Certificate of Meritorious Service
Certificate acknowledging exemplary service as associate editor of ACM Transactions on Internet Technologies, April 2007Best Student Paper, 22nd Annual Computer Security Applications Conference
as advisor, with Boniface Hicks and Kiyan Ahmadizadeh, December 2006Best Paper, Innovations and Commercial Applications of Distributed Sensor Networks Symposia
Awarded for best paper in conference, October 2005.Hartz Family Career Development Professor
Endowed Professorship, Pennsylvania State University, Fall 2004-2007Bang for the Buck Award, DARPA Dynamic Coalitions Program
Award for most feature-rich/useful software system, April 2002National Aeronautics and Space Administration, Kennedy Space Center Fellowship
Research Fellowship, September 1997 - August 2000Electrical Engineering and Computer Science Summer Fellowship Award
University of Michigan, June 1997Dean's Citation for Perfect Academic Record
Ball State University, June 1991
Tracing the Arc of Smartphone Application Security. 2017 ACM on International Workshop on Security And Privacy Analytics. Scottsdale, AZ, March, 2017.
Tracing the Arc of Smartphone Application Security. 12th International Conference on Information Systems Security, Jaipur, India, December, 2016.
The 25th International Conference on Computer Communication and Networks (ICCCN 2016), August, 2016, Waikoloa, Hawaii.
Learning from Ourselves: Where are we and where can we go in mobile systems security?. Mobile Security Technologies (MOST) 2016 Workshop, IEEE Computer Society Security and Privacy Workshops, San Jose, CA, May, 2016.
Eight Years of Mobile Smartphone Security. Center for Secure and Dependable Systems (CSDS) Cybersecurity Symposium, Coeur d'Alene, April, 2016.
The Importance of Measurement and Decision Making to a Science of Security, 2015 IEEE Conference on Communications and Network Security (CNS), September 2015, Florence, Italy.
The Importance of Measurement and Decision Making to a Science of Security. 3rd International Symposium on Resilient Cyber Systems, Philadelphia, PA, August, 2015.
The Importance of Measurement and Decision Making to a Science of Security, 2015 Symposium And Bootcamp on the Science of Security (Hotsos), April 2015, University of Illinois at Urbana-Champaign
Security and Science of Agility, ACM Workshop on Moving Target Defense (MTD 2014), November 2014, Scottsdale, AZ
A Secondary Internet Revolution: How the Smart Device has Changed the Information Security Landscape, IEEE New Technology Industry Seminar (NTIS `13), Everett WA, August, 2013
Permission-based Application Governance; A Step Forward or Backward?, 26th Annual WG 11.3 Conference on Data and Applications Security and Privacy (DBSec'12), Paris, France, July 2012.
Scalable Integrity-Guaranteed AJAX, The 14th Asia-Pacific Web Conference (APWeb), Kunming, China, April 2012.
Security Challenges and Solutions in Mobile Smartphone Applications, IEEE Computer Security Foundations (CSF 2011), Abbaye des Vaux de Cernay, France, June 2012.
Password Exhaustion: Predicting the End of Password Usefulness. 2nd International Conference on Information Systems Security, Kolkata India, December, 2006.
Physical and Digital Convergence: Where the Internet is the Enemy. Eighth International Conference on Information and Communications Security (ICICS '06), Raleigh, NC, December, 2006.
Tracing the Arc of Smartphone Application Security, University of Texas-Dallas Department of Computer Science, Dallas, TX, May 2017.
Tracing the Arc of Smartphone Application Security. Rochester Institute of Technology, College of Computing and Information Sciences, Rochester, NY, May 2017.
Tracing the Arc of Smartphone Application Security. University of California-Irvine, Computer Science Department, Irvine CA, March, 2017.
Tracing the Arc of Smartphone Application Security. The Ohio State University, Department of Computer Science and Engineering, Columbus, OH, March, 2017.
Tracing the Arc of Smartphone Application Security. Virginia Technical University, Department of Computer Science, Blacksburg, VA, March, 2017.
Six Years of Mobile Smartphone Security, CISPA Distinguished Lecture Series, Max Planck Institute/Saarland University, Saarbrucken Germany, July, 2015.
Six Years of Mobile Smartphone Security. Technische Universtat Darmstadt, Darmstadt Germany, July, 2015.
Security Challenges and Solutions in Mobile Smartphone Applications. Computer and Information Science Department, University of Oregon, Eugene, OR, April, 2011.
Security Challenges and Solutions in Mobile Smartphone Applications. Department of Software Information Systems College of Computing and Informatics, UNC Charlotte, Charlotte, NC, December, 2010.
U.S. Patent 8,732,293, System and method for tracking individuals on a data network using communities of interest, Patrick McDaniel, Subhabrata Sen, Oliver Spatschek, Jacobus E. Van de Merwe, May 20, 2014.
U.S. Patent 8,453,227, Reverse firewall with self-provisioning, William A. Aiello, Charles Robert Kalmanek, Jr., William J. Leighton, III, Patrick McDaniel, Subhabrata Sen, Oliver Spatscheck, Jacobus E. Van der Merwe, May 28, 2013.
U.S. Patent 7,975,044, Automated disambiguation of fixed-serverport-based applications from ephemeral applications, Oliver Spatscheck, Subhabrata Sen, Jacobus E. Van der Merwe, Patrick McDaniel, May 28, 2013.
Editorial Positions, Panels, and Boards
IEEE Technical Committee on Security and Privacy
Chair--January 2014-January 2016Vice Chair--January 2012-December 2014ACM Transactions on Internet Technology (TOIT)
Editor in Chief--September 2007-December 2012Associate Editor--April 2004-August 2007IEEE Security and Privacy Magazine
Area Editor, Secure Systems--January 2009-2015IEEE Transactions on Computers (TC)
Associate Editor--August 2008-2014ACM Transactions on Information and System Security (TISSEC)
Associate Editor--May 2007-May 2012IEEE Transactions on Software Engineering (TSE)
Associate Editor--January 2007-April 2012Guest Editor, Special Issue on Topics in Security--Fall 2006-April 2012IEEE Transactions on Parallel and Distributed Systems (TPDS)
Guest Editor, Special Issue on Trust, Security and Privacy in Parallel and Distributed
Systems--Fall 2012Elsevier Journal of Computer Networks
Guest Editor, Special Issue on Web Security--Fall 2003-Spring 2005Encyclopedia of Cryptography and Security
Editorial Board Member--Fall 2002-Spring 2005
Conference and Workshop Participation
IEEE Symposium on Security and Privacy
Technical Program Co-Chair--2007, 2008Program Committee--2011, 2012, 2013IEEE European Symposium on Security and Privacy
Steering Committee--2015-Program Committee--2016, 2017USENIX Security Symposium
Program Chair--2005Invited Talks Chair--2006, 2009Program Committee--2001, 2003, 2004, 2007, 2014ACM Conference on Computer and Communications Security (CCS)
Program Committee--2006, 2008, 2009, 2010, 2012Industry and Government Track Chair--2004, 2007Program Committee-Industry and Government Track--2003, 2005, 2006ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec)Network and Distributed System Security Symposium (NDSS)
Program Committee--2009, 2012, 2013, 2017Annual Computer Security Applications Conference (ACSAC)
Program Committee--2004, 2005, 2006, 2007, 2010, 2011Financial Cryptography
General Chair--2006Program Committee--2007, 2008, 2012Computer Security Foundations Symposium (CSF)European Symposium on Research in Computer Security (ESORICS)
Program Committee--2004, 2005International Symposium on Engineering Secure Software and Systems (ICISSP)IEEE Conference on Communications and Network Security (CNS)
Program Committee--2015, 2017ACM Annual International Conference on Mobile Computing and Networking (MobiCom)
Program Committee--2010, 2011, 2012ACM Annual International Conference on Mobile Systems, Applications, and Services (MobiSys)ACM Symposium on Access Control Models and Technologies
Program Committee--2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2011ACM Conference on ASIA Computer and Communications Security (ASIA CCS)ACM Conference on Electronic Commerce (ACM EC)International Conference on Applied Cryptography and
Network Security (ACNS)ACM Annual Digital Forensics ConferenceACM Workshop on Moving Target Defense (MTD)
Program Committee--2015, 2016IEEE ICNP Workshop on Secure Network Protocols
Program Committee--2005, 2006Conference on Decision and Game Theory for Security (GameSec)ACM Symposium on Applied Computing (SAC)
Program Committee, Information Security Research
and Applications --2010USENIX Annual Technical Conference
Program Committee--2002, 2003World Wide Web Conference (WWW)
Security and Privacy Track Vice-Chair--2005Security and Privacy Track Deputy Vice-Chair--2004Program Committee--2003, 2007, 2010, 2011International Conference on Emerging Trends in Information and Communication Security (ETRICS)International Conference On Distributed Computing Systems (ICDCS)IEEE INFOCOMIEEE GLOBECOMMILCOM
Program Committee--2015, 2016, 2017The Five Nines Workshop on Designing and Managing High Availability Internet Services (INM 2007)International Conference on Information Systems
Steering Committee--2007Program Co-Chair--2007Program Committee--2005, 2006, 2009, 2011International Conference on Parallel Processing
Program Committee-Network Security--2003USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)ACM Workshop on Networking, Systems, Applications on Mobile Handhelds (MobiHand)ACM Workshop on Cloud Computing Security
Program Committee--2009, 2010ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)
Program Committee--2011, 2012, 2013International Workshop on Security in Software Engineering
Founding General Co-Chair--2007USENIX Workshop On Offensive Technology (WOOT)ACM Storage Security and Survivability WorkshopACM SIGCOMM Workshop on Internet Network Management
Program Committee--2006, 2007Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec)
Program Committee--2006, 2007, 2008Workshop on Workshop on Telecommunications Infrastructure Protection and Security
(TIPS)USENIX Workshop on Hot Topics in Security (HotSec)
Program Chair--2011Program Committee--2007, 2008, 2009, 2010, 2012ACM Workshop TPC on Security and Privacy in Smartphones and Mobile DevicesInternational Workshop on Security (IWSEC)International Workshop on Systems and Network Security
Program Committee--2005, 2006
Other Professional Activities
IEEE Computer Society's Technical Committee on Security and Privacy
Chair--2014-2016Vice Chair--2012-2014Member, Technical Guideline Development Committee, U.S. Election Assistance CommissionNatural Sciences and Engineering Research Council of Canada, Internetworked Systems Security Network
Scientific Advisory Board--2008-2013Technology for Cyber Physical System Security Forum, Cyber Security Research and Development, (Senators Joseph I. Lieberman and Susan Collins, Chairs)
Speaker and Participant--September 2008ACM Student Organization Advisor
Penn State Computer Science and Engineering Department--2006-2012The Technology Collaborative
Penn State Representative (Pennsylvania economic development consortium)--2007-2008President's National Security Telecommunications Advisory Panel
Member, Next Generation Networks Task Force--2005-2006Abusable Technologies Awareness Center (ATAC)
Panelist--October 2003-2010AT\&T IP Services Security Council
Member--June 2003-August 2004AT\&T Internet Intellectual Property Review Team
Member--September 2001-May 2002ACM SIGCOMM Student Travel Grant CommitteeNational Science Foundation, Grant Review Panel
Member--2003, 2004, 2006, 2007, 2009, 2010, 2011, 2012, 2014, 2015, 2016, 2017Department of Energy SciDAC Review Panel
- Good Technology Corporation et al., v. AirWatch, LLC,
Expert for defense, United States District Court for the Northern District of California, Case no. 5-12-cv-05827.
- Inter Partes Review,
Expert for Duo Security Inc., United States Patent and Trademark Office, Case no. IPR2017-01041.
- Inter Partes Review,
Expert for Duo Security Inc., United States Patent and Trademark Office, Case no. IPR2017-01064.
- Frederick Whalen, et al., v. SEI/AARON'S, INC.,
Expert for defense, United States District Court for the Northern District of Georgia, Case no. 1:2014-cv-01209.
- Certain Portable Electronic Communications Devices, Including Mobile Phones and Components Thereof,
Expert for plaintiff, International Trade Commission.
- Secure Axcess, LLC v. Bank of America Corp., et al.,
Expert for defense, United States District Court for the Eastern District of Texas, Tyler Division, Case no. 6-10-cv-00670.
- Intellectual Ventures I LLC, v. Check Point et al.,
Expert for plaintiff, United States District Court for the District of Delaware, Case no. 1-10-cv-01067.
- NetMonitor LLC, v. Compuware et al.,
Expert for plaintiff, United States District Court for the District of Delaware, Case no. 1-10-cv-01061.
- Amdocs Ltd. v. Openet Telcom Ltd.,
Expert for defense, United States District Court for the Eastern District of Virginia, Alexandria Division, Case no. 1-10-cv-00910.
- PSI Systems Inc. v. Stamps.com,
Expert for defense, United States District Court for the Central District of California, Case no. 2-08-cv-05233.
- Stamps.com v. Endicia,
Expert for plaintiff, United States District Court for the Central District of California, Case no. 2-06-cv-07499.
- Kara Technologies v. Stamps.com,
Expert for defense, United States District Court for the Central District of California, Case no. 2-05-cv-01890.
- Coinstar Inc. v. Coinxchange,
Expert for defense, United States District Court for the Eastern District of Virginia, Richmond Division, Case no. 3-06-cv-00299.
- VCode Holdings Inc. v. Stamps.com,
Expert for defense, United States District Court for the Central District of California.
- Inter Partes Review,
Expert for Google Inc.,, United States Patent and Trademark Office, Case no. (Patent No. 8,489,868).
- Inter Partes Review,
Expert for Cisco Systems, Inc., , Case no. (Patent No. 7,536,598).
- Vir2us v. Cisco Systems, INC and Sourcefire, LLC,
Expert for defense, United States District Court for the Eastern District of Virginia, Case no. 51:16cv1095.
- Zito Vault, LLC V. International Business Machines Corporation, and Softlayer Technologies, Inc.,
Expert for defense, , Case no. 3:16-CV-962-M.
Software Developer, Applied Innovation, Inc., Columbus, OH,
Served as lead developer of the AppliedView network
management system, a hardware configuration and monitoring
Project Manager, Primary Access Corporation, San Diego, CA,
Technical lead for server-based network management platform for
rack-mounted network-mediation devices.
Software Developer, Primary Access Corporation, San
Diego, CA, 1991-1993
Developed UNIX-based server application that coordinates the
operation of remote network management terminals.
Software Developer, Integrated Technologies, Inc., Muncie,
Worked as a C programmer responsible for development and
maintenance of installation code for statistical process control
- Association for Computing Machinery (ACM)
- The Institute of Electrical and Electronics Engineers (IEEE), Fellow
- USENIX Advanced Computing Systems Association (USENIX)
- American Association for the Advancement of Science (AAAS)