if you are interested in working with me as a student, see my Grad info
page for graduate students. Note that I have limited bandwidth because of my administrative duties, so students working with me need to be very motivated and self-directed.
Graduated PhD Students
Here is a "genealogy" of my 27 graduated PhD students. Seventeen of the 27 have spent time in academic faculty positions, and several of them have produced Ph.D. grads of their own. I also include details on several of my notable MS students.
Current Students
Andrew Rozema
Andrew is in the INSC program and has not yet selected an area of thesis research, although he is interested in cybersecurity education issues.
Selected Former Students
Here I've listed the students whose names you might find on research papers or software products out of my research projects. It is not a complete list of all the notable students who have worked with me, because the list would be too long to contain them all!
Sarika Agarwal
An MS thesis student, who worked with me in access control and trusted computing environments. She went on to become a senior engineer with Qualcomm in California.
Hiralal Agrawal
Hira received his PhD in 1991. He is now retired. His research was done as part of the Spyder project in the Software Engineering Research Center (SERC). Hira's co-advisor was Richard A. DeMillo (formerly with Purdue CS).
His Ph.D. dissertation was entitled "Towards automatic debugging of computer programs."
Mohammed Almeshekah
Mohammed received his PhD in 2015, and was co-advised by Mike Atallah. His Ph.D. dissertation, "Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses," was on techniques and formalisms for using deception in cyber defense.
Mohammed is a Founder and General Partner with Outliers Venture Capital in Saudi Arabia.
Taimur Aslam
Taimur received his MS degree in 1995 for his research with the COAST Project. His MS thesis, A Taxonomy of Security Faults in Operating Systems, explored how to classify faults in Unix that led to security compromises. The classification can be used for testing and software development. Taimur is a co-founder of Argole Systems, and Broadstone Technologies.
Jeff Avery
Jeff was in CS, co-advised by Saurabh Bagchi. He graduated in 2017 and is now at Northrop Grumman. His thesis was on using deception to protect patching against reverse engineering. He is a Program Manager and Tech Fellow at Northrop Grumman.
His Ph.D. dissertation was entitled "The Application of Deception to Software Security Patching."
Benjamin (Kuperman) Bly
Ben graduated in August 2004 and then joined the faculty of
Swarthmore College then the CS faculty of Oberlin College. He is now a Senior Manager of Software Engineering with Adobe. His Ph.D. dissertation was entitled "A Categorization of Computer Security Monitoring Systems and the Impact on the Design of Audit Sources."
Florian Buchholz
Received his PhD in August 2005 and is a professor and director at James Madison University. His Ph.D. dissertation, "Pervasive Binding of Labels to System Processes," was on embedding forensic support in a general-purpose OS file system.
Serdar Cabuk
I was Serdar's co-advisor, with Carla Brodley (formerly with Purdue ECE, now at Northeastern University). His dissertation work involved exploration of how to create covert timing channels in the IP protocol, and how to discover those same types of channel. Serdar graduated in December 2006. He is a partner with KPMG.
His Ph.D. dissertation was entitled "Network covert channels: Design, analysis, detection, and elimination."
Brian Carrier
Brian received his PhD in spring 2006 for his dissertation on a formal framework for digital forensic investigations. He is SVP and CTO at Basis Technology.
Brian's Ph.D. dissertation was entitled "A hypothesis-based approach to digital forensic investigations."
Steve Chapin
Steve received his PhD in 1993. His Ph.D. dissertation, "Scheduling Support for an Internetwork of Heterogeneous, Autonomous Processors," was the core of the Messiahs Project.
Steve was an Associate Professor at Syracuse University. He was the first of my former students to produce Ph.D. graduates of his own. He is now a Director with the Berkeley Research Group.
Mark Crosbie
Mark received his MS degree in 1995 working in the COAST Project. His research topic was in using "Artificial Life" to build active computer security defenses. He originated the idea of using numerous, autonomous agents for intrusion detection. Mark married Tanya Mastin, another former student. He is currently a Vice President and data protection officer at Dropbox.
Thomas Daniels
Tom received his Ph.D. in December 2002. His Ph.D. dissertation was entitled "Reference Models for the Concealment and Observation of Origin Identity in Store and Forward Networks." He is an associate teaching professor on the faculty of Iowa State University.
Boakye Dankwa
Boakye received his Ph.D. in CS in December 2024. He developed a novel system for anomaly detection and response for real-time systems with massive data rates. He is currently a systems security researcher with Rolls-Royce (the jet engine company, not the car company).
Boayke's Ph.D. dissertation was entitled "Anomaly Detection in Hard Real-Time Embedded Systems"
Bryn Dole
Bryn received his MS degree in 1995 while working in the COAST Project. He was involved with development of methods of testing security firewalls and screens in networks. After working for a while at Sun Microsystems, Bryn left to be one of the founders of the Open Directory Project and the TOPIX news site. He was one of the founders of Blekko, an innovative search engine firm. He is currently an independent advisor and developer.
Wenliang Kevin Du
Kevin received his PhD in 2001. He is the Laura J. and L. Douglas Meredith Professor of Teaching Excellence at Syracuse University. His Ph.D. dissertation, "A Study Of Several Specific Secure Two-Party Computation Problems." was co-advised with Mike Atallah.
James Early
Advised by myself and Carla Brodley (formerly with Purdue ECE, now at Northeastern University). Jim graduated in August 2005. His Ph.D. dissertation, "Behavioral Feature Extraction for Network Anomaly Detection," was on detecting anomalies in network traffic. He is a Professor at SUNY Oswego.
Dan Farmer
Dan completed his undergraduate degree at Purdue in 1990. While at Purdue, he built the COPS static audit tool under my direction, and has achieved notoriety for many achievements since then, including being named to the ISSA Hall of Fame. He was most recently a distinguished engineer with Mercedes-Benz R&D.
Rajeev Gopalakrishna
I was coadvisor for Rajeev with Jan Vitek. His Ph.D. dissertation, "Improving software assurance using lightweight static analysis," was about how to employ methods of static analysis to increase confidence in the secure operation of software. He received his Ph.D. in spring 2006. He initially joined the research staff at Intel Laboratories in Oregon, and is the founder of Secureum.
Chris Gutierrez
Chris graduated in 2017. He was working in uses of deception in cyber defense, with a focus on protecting memory against wipers and ransomware. Saurabh Bagchi was co-advisor. Chris is now a research scientist at Intel. His Ph.D. dissertation was entitled "Deceptive Memory Systems"
Nicholas Harrell
Nick is a US Army Major, stationed at the Army Futures Institute at West Point. I was his advisor in the INSC program with co-advisor J. Eric Dietz in CIT. His Ph.D. dissertation, "The Mechanisms of Virality in Online Public Discourse" was on the factors involved in causing social media posts to go viral.
He is generally interested in issues of information operations.
Gene H. Kim
Gene completed his BS degree in 1993 and his MSCS at the University of Arizona. He worked with me on the Tripwire project through COAST, released on November 2, 1992. Gene is now CTO of Tripwire, Inc. Since 1999, Gene has been capturing and codifying how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common business objectives. This was codified in 2004, he co-wrote the Visible Ops Handbook, showing how IT organizations successfully transformed from good to great.
Gene was named as a 2007 Outstanding Alumnus by Purdue CS.
Ivan Krsul
Ivan completed his Ph.D. dissertation, "Software Vulnerability Analysis" in 1998. He constructed a large-scale database of system vulnerabilities and then used this to explore their characteristics. His research was part of the COAST Project. He is the founder and CEO of Arte Xacta, in his native Bolivia.
Ivan also did his MS thesis under my direction, entitled Authorship Analysis: Identifying the Author of a Program.
Ivan is the only repeat winner of the Maurice Halsted Software Engineering Award, given at Purdue each year.
Sandeep Kumar
Sandeep received his Ph.D. in August, 1995. His Ph.D. dissertation, "Classification and Detection of Computer Intrusions" developed a new approach to intrusion detection. His research was part of the COAST Project. He is currently working as an associate professor of practice at Texas A&M University.
Steve Lodin
Steve received his MS degree in 1996 while at Purdue as a GM Fellow. He worked with the COAST group while here, and is credited with discovering the Kerberos random number generator vulnerability - one of the 10 worst software bugs in history.
Alex Master
Alex is a US Army Major, stationed at the Army Futures Institute at West Point. He completed his Ph.D. dissertation, "Modeling and Characterization of Internet Censorship Technologies" as a reference model of Internet censorship systems. I was his advisor in the INSC program with co-advisor J. Eric Dietz in CIT.
Tanya Mastin
Tanya completed her BS degree in the spring of 1997. While at Purdue, she worked with COAST to redesign the entire on-line archive, including introducing a new database format to keep track of entries.
Tanya married Mark Crosbie, another former student, and the two now live in Ireland. Tanya is currently running her own award-winning photography business there, named "Giggles and Smiles."
Pascal Meunier
Pascal came to Purdue with a Ph.D. in biological sciences. He completed his M.S. under my direction, and worked as a research scientist with CERIAS for nearly a decade. He was a member of the technical staff for Information Technology at Purdue (ITaP) until recently, and an independent consultant.
Michael McFail
Mike completed his MS work and was on the technical staff at MITRE Corporation. He worked on botnet research while at Purdue.
Stephanie Miller Bansal
Finished a M.S. thesis in security policy and infrastructure for a statewide education project in 1999. She has worked at Accenture, Deloitte, and HP, but is now hard at work as a stay-at-home mom.
Kelly Misata
Kelly finished her PhD in 2016. She is interested in a number of areas of policy, including privacy protections and protections of at-risk populations online. Her dissertation was an analysis of the security expertise present in organizations that work with at-risk populations. I was her advisor in the INSC program with co-advisor Marc Rogers in CIT.
Kelley is the Founder and CEO of Sightline Security.
Kelley's Ph.D. dissertation was entitled "Gap analysis identifying the current state of information security within organizations working with victims of violence"
Robert Morton
Rob received his Ph.D. in December of 2024. His work involved causal modeling and metrics of information security. Rob is Head of Risk and Cyberanalytics at Google Cloud.
His Ph.D. dissertation was entitled "Measuring Data Protection: A Causal Artificial Intelligence Modeling Approach" I was his advisor in the INSC program with co-advisor Marc Rogers in CIT.
Sofie Nystrom
Sofie completed her MS degree while working with us on forensics and network security. She worked for a while in security and critical infrastructure protection in her native Norway. After some time as VP of security for Telenor in Norway, and head of the Center for Cyber and Information Security, she is now the CEO of Fortified Technologies..
Hsin (Sean) Pan
Sean received his PhD in 1993 and was co-founder and Executive Director of Rich House Global Technology Ltd., a company working in near-field communications. He is now with a start-up company, Face Heart. His Ph.D. dissertation, "Software Debugging with Dynamic Instrumentation and Test-Based Information," was done as part of the Spyder project in the SERC. Hsin's co-advisor was Richard A. DeMillo (formerly with Purdue CS).
Katherine Price
Kat completed an MS thesis in 1997 on the nature of audit trails in intrusion detection systems, entitled Host-based Misuse Detection and Conventional Operating Systems' Audit Data Collection. She is now a developer with SAS Institute in North Carolina.
Maja Pusara Jankovic
I was Maja's co-advisor, with Carla Brodley (formerly with Purdue ECE, now at Northeastern University). Maja graduated in spring 2007 after completing a dissertation on the topic of dynamic reauthentication based on computer mouse activity. She is currently working for Ab Initio in Boston.
Maja's Ph.D. dissertation was entitled "An examination of user behavior for user re-authentication."
Christoph Schuba
Christoph's PhD topic involved the development of a reference model for firewalls, and an implementation of a proof-of-concept on native ATM technology. He received his PhD in 1997 for his Ph.D. dissertation, "On the Modeling, Design and Implementation of Firewall Technology." He was Head of Network Security Technology Strategy at Ericsson, and is now a Senior Security Architect at Apple Computer.
Christoph also completed his MS thesis under my direction, entitled Addressing Weaknesses in the Domain Name System.
Dannie Stanley
Dannie was co-advised by Dongyan Xu. His Ph.D. dissertation, "Improved Kernel Security through Code Verification, Diversification, and Minimization" was on defenses against rootkits and unauthorized kernel modifications. He graduated in 2013 and is now a Director of Research Science with Peraton Labs.
Karyl Stein
Karyl completed his BS degree in 1998. While working with the COAST Project, he helped design our firewall testing testbed, as well as contributing to several other projects. He is currently a systems architect principal with FedEx.
Aurobindo (Robin) Sundaram
Robin completed his MS degree in 1997. He initially worked in corporate security for Schlumberger. He is currently the Vice President -- Information Security Assurance & Data Protection at RELX Group.
Chonchanok Viravan
Nok received her degree in 1994 for her Ph.D. dissertation entitled "Enhancing Debugging Technology." This was the final part of the Spyder project in the SERC. Nok was President of IFBPW for several years. She was named as a 2007 Outstanding Alumna by Purdue CS. Sadly, Nok passed away in 2022.
Keith Watson
Keith received his BS degree in 1997. He worked with me on developing methods of testing security software and firewalls. After a while at Sun Microsystem Labs, Keith left and came back to CERIAS as a senior research engineer, working on our intrusion detection and security architecture projects. He is currently the director of threat management at Optiv, Inc.
Steve Weeber
Steve received his MS in 1992 and then took a job with the CIAC at LLNL. He worked with me on several COAST projects, including software forensics and OPUS. He is currently working as an IP architect at Windstream Communications.
Paul Williams
Paul retired from the US Air Force as a lieutenant colonel in 2015. His dissertation was on using a co-processor to monitor security-related behavior of a running system. His Ph.D. dissertation was entitled "CUPIDS: Increasing Information System Security Through the Use of Dedicated Co-Processing." He graduated from Purdue in 2005. He is now VP of Enterprise IT & Security for Enlyte.
Diego Zamboni
Diego received his Ph.D. in 2001. His Ph.D. dissertation was entitled "Using Internal Sensors for Computer Intrusion Detection." He is currently working as an author, and as Governance CISO at Avaloq.