if you are interested in working with me as a student, see my Grad info
page for graduate students. Note that I have limited bandwidth because of my administrative duties, so students working with me need to be very motivated and self-directed.
Graduated PhD Students
Here is a "genealogy" of my 26 graduated PhD students. Nine of the 26 have gone into academic positions, and several of them have produced Ph.D. grads of their own. I also include details on several of my notable MS students.
Current Students
Nicholas Harrell
Nick is a US Army officer studying in the INSC program. His focus is generally on issues of viral social media.
Andrew Rozema
Andrew is in the INSC program and has not yet selected an area of thesis research, although he is interested in cybersecurity education issues.
Selected Former Students
Here I've listed the students whose names you might find on research papers or software products out of my research projects. It is not a complete list of all the notable students who have worked with me, because the list would be too long to contain them all!
Sarika Agarwal
An MS thesis student, who worked with me in access control and trusted computing environments. She went on to become a senior engineer with Qualcomm in California.
Hiralal Agrawal
Hira received his PhD in 1991. He is now working at Peraton Labs (formerly Telcordia). His dissertation, Towards Automatic Debugging of Computer Programs, was done as part of the Spyder project in the SERC. Hira's co-advisor was Richard DeMillo.
Mohammed Almeshekah
Mohammed received his PhD in 2015, and was co-advised by Mike Atallah. His disserttion was on techniques and formalisms for using deception in cyber defense. He is now with Outliers Venture Capital in Saudi Arabia.
Taimur Aslam
Taimur received his MS degree in 1995 for his research with the COAST Project. His MS thesis, A Taxonomy of Security Faults in Operating Systems, explored how to classify faults in Unix that led to security compromises. The classification can be used for testing and software development. Taimur is a co-founder of Argole Systems, and Broadstone Technologies.
Jeff Avery
Jeff wast in CS, co-advised by Saurabh Bagchi. He graduated in 2017 and is now at Northrop Grumman. His thesis was on using deception to protect patching against reverse engineering.
Florian Buchholz
Received his PhD in August 2005 and is on the faculty of James Madison University. His dissertation was on embedding forensic support in a general-purpose OS file system, and was entitled Pervasive Binding of Labels to System Processes.
Serdar Cabuk
I was Serdar's co-advisor, with Carla Brodley at Tufts. His PhD dissertation involved exploration of how to create covert timing channels in the IP protocol, and how to discover those same types of channel. Serdar graduated in December, 2006. He is a partner with KPMG.
Brian Carrier
Brian received his PhD in spring 2006 for his dissertation on a formal framework for digital forensic investigations. He is SVP and CTO at Basis Technology.
Steve Chapin
Steve received his PhD in 1993.He did his dissertation, entitled Scheduling Support for an Internetwork of Heterogeneous, Autonomous Processors, as the core of the Messiahs Project.
Steve was an Associate Professor at Syracuse University. He was the first of my former students to produce Ph.D. graduates of his own. He is now at the Berkeley Research Group.
Mark Crosbie
Mark received his MS degree in 1995 working in the COAST Project. His research topic was in using "Artificial Life" to build active computer security defenses. He originated the idea of using numerous, autonomous agents for intrusion detection. Mark married Tanya Mastin, another former student. He is currently the data protection officer at Dropbox.
Thomas Daniels
Tom received his Ph.D. in December 2002 after completing his dissertation, Reference Models for the Concealment and Observation of Origin Identity in Store and Forward Networks. He is on the faculty of Iowa State University.
Boakye Dankwa
Boakye received his Ph.D. in CS in December 2024. He developed a novel system for anomaly detection and response for real-time systems with massive data rates. He is currently an engineer with Rolls Royce (the jet engine company, not the car company).
Bryn Dole
Bryn received his MS degree in 1995 while working in the COAST Project. He was involved with development of methods of testing security firewalls and screens in networks. After working for a while at Sun Microsystems, Bryn left to be one of the founders of the Open Directory Project and the TOPIX news site. He was one of the founders of Blekko, an innovative search engine firm.
Kevin Du
Kevin received his PhD in 2001. He is now on the faculty at Syracuse University. His thesis was entitled A Study Of Several Specific Secure Two-Party Computation Problems. His co-advisor was Mike Atallah.
James Early
Advised by myself and Professor Carla Brodley (formerly with Purdue ECE), Jim graduated in August 2005. His thesis was on detecting anomalies in network traffic, and his dissertation was entitled Behavioral Feature Extraction for Network Anomaly Detection. He is a senior engineer with Good Uncle.
Dan Farmer
Dan completed his undergraduate degree at Purdue in 1990. While at Purdue, he built the COPS static audit tool under my direction, and has achieved notoriety for many achievements since then, including being named to the ISSA Hall of Fame. He is currently a distinguished engineer with Mercedes-Benz R&D.
Rajeev Gopalakrishna
I was coadvisor for Rajeev with Jan Vitek. His thesis was about how to employ methods of static analysis to increase confidence in the secure operation of software. He received his Ph.D. in spring 2006. He initially joined the research staff at Intel Laboratories in Oregon, and is now an independent consultant in India.
Chris Gutierrez
Chris graduated in 2017. He was working in uses of deception in cyber defense, with a focus on protecting memory against wipers and ransomware. Saurabh Bagchi was co-advisor. Chris is now working at Intel.
Gene H. Kim
Gene completed his BS degree in 1993 and his MSCS at the University of Arizona. He worked with me on the Tripwire project through COAST, released on November 2, 1992. Gene is now CTO of Tripwire, Inc. Since 1999, Gene has been capturing and codifying how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common business objectives. This was codified in 2004, he co-wrote the Visible Ops Handbook, showing how IT organizations successfully transformed from good to great.
Gene was named as a 2007 Outstanding Alumnus by Purdue CS.
Ivan Krsul
Ivan completed his PhD on the topic of Software Vulnerability Analysis in 1998. He constructed a large-scale database of system vulnerabilities, and then used this to explore their characteristics. His research was part of the COAST Project. He is the founder and CEO of start-up company, Arte Xacta, in his native Bolivia.
Ivan also did his MS thesis under my direction, entitled Authorship Analysis: Identifying the Author of a Program.
Ivan is the only repeat winner of the Maurice Halsted Software Engineering Award, given at Purdue each year.
Sandeep Kumar
Sandeep received his Ph.D. in August, 1995. His dissertation, Classification and Detection of Computer Intrusions developed a new approach to intrusion detection. His research was part of the COAST Project. He is currently working as a teaching faculty member at Texas A&M University.
Benjamin (Kuperman) Bly
Ben graduated in August 2004 and then joined the faculty of Swarthmore College then the CS faculty of Oberlin College. He is now a Senior Manager of Software Development with Adobe. His dissertation was entitled A Categorization of Computer Security Monitoring Systems and the Impact on the Design of Audit Sources.
Steve Lodin
Steve received his MS degree in 1996 while at Purdue as a GM Fellow. He worked with the COAST group while here, and is credited with discovering the Kerberos random number generator vulnerability - one of the 10 worst software bugs in history.
Alex Master
Alex is an Army Major, stationed at the Army Futures Institute at West Point. His dissertation was via the INSC program and developed a reference model of Internet censorship systems.
Tanya Mastin
Tanya completed her BS degree in the spring of 1997. While at Purdue, she worked with COAST to redesign the entire on-line archive, including introducing a new database format to keep track of entries.
Tanya married Mark Crosbie, another former student, and the two now live in Ireland. Tanya is currently running her own award-winning photography business there, named "Giggles and Smiles."
Pascal Meunier
Pascal came to Purdue with a Ph.D. in biological sciences. He completed his M.S. under my direction, and worked as a research scientist with CERIAS for nearly a decade. He was a member of the technical staff for Information Technology at Purdue (ITaP) until recently, and now doing consulting work.
Michael McFail
Mike completed his MS work and is now on the technical staff at MITRE Corporation. He worked on botnet research while at Purdue.
Stephanie Miller Bansal
Finished a M.S. thesis in security policy and infrastructure for a statewide education project in 1999. She has worked at Accenture, Deloitte, and HP, but is now hard at work as a stay-at-home mom.
Kelly Misata
Kelly finished her PhD. in the interdisciplinary Information Security program. She is interested in a number of areas of policy, including privacy protections and protections of at-risk populations online. Her dissertation was an analysis of the security expertise present in organizations that work with at-risk populations. She is the Founder and CEO of Sightline Security.
Robert Morton
Rob received his Ph.D. in December of 2924 as a student in the interdisciplinary INSC program. His work involved causal modeling and metrics of information security. Rob is working at Google Cloud.
Sofie Nystrom
Sofie completed her MS degree while working with us on forensics and network security. She worked for a while in security and critical infrastructure protection in her native Norway. After some time a VP of security for Telenor in Norway, and head of the Center for Cyber and Information Security, she is now the CEO of Fortified Technologies..
Hsin (Sean) Pan
Sean received his PhD in 1993 and was co-founder and Executive Director of Rich House Global Technology Ltd., a company working in near-field communications. He is now a Senior Director at Foxconn. His dissertation, Debugging with Dynamic Instrumentation and Test-Based Information, was done as part of the Spyder project in the SERC. Hsin's co-advisor was Richard DeMillo.
Katherine Price
Kat completed an MS thesis in 1997 on the nature of audit trails in intrusion detection systems, entitled Host-based Misuse Detection and Conventional Operating Systems' Audit Data Collection. She is now a developer with SAS Institute in North Carolina.
Maja Pusara
I was Maja's co-advisor, with Carla Brodley at Tufts. Maja graduated in spring 2007 after completing a dissertation on the topic of dynamic reauthentication based on computer mouse activity. She is currently working for Ab Initio in Boston.
Christoph Schuba
Christoph's PhD topic involved the development of a reference model for firewalls, and an implementation of a proof-of-concept on native ATM technology. He received his PhD in 1997 for his dissertation On the Modeling, Design and Implementation of Firewall Technology. He was Head of Network Security Technology Strategy at Ericsson, and is now a Senior Security Architect at Apple Computer.
Christoph did his MS thesis under my direction, entitled Addressing Weaknesses in the Domain Name System.
Dannie Stanley
Dannie was co-advised by Dongyan Xu. His dissertation was on defenses against rootkits and unauthorized kernel modifications, and entitled Improved Kernel Security through Code Verification, Diversification, and Minimization. He graduated in 2013 and is now a research scientist with Peraton Labs.
Karyl Stein
Karyl completed his BS degree in 1998. While working with the COAST Project, he helped design our firewall testing testbed, as well as contributing to several other projects. He is currently a systems architect principal with FedEx.
Aurobindo (Robin) Sundaram
Robin completed his MS degree in 1997. He initially worked in corporate security for Schlumberger. He is currently the Vice President - Information Security Assurance & Data Protection at RELX Group.
Chonchanok Viravan
Nok received her PhD in 1994 for her dissertation Enhancing Debugging Technology. This was the final part of the Spyder project in the SERC. Nok has been President of IFBPW. She was named as a 2007 Outstanding Alumna by Purdue CS. Sadly, Nok passed away in 2022.
Keith Watson
Keith received his BS degree in 1997. He worked with me on developing methods of testing security software and firewalls. After a while at Sun Microsystem Labs, Keith left and came back to CERIAS as a senior research engineer, working on our intrusion detection and security architecture projects. He is currently the director of threat management at Optiv, Inc.
Steve Weeber
Steve received his MS in 1992 and then took a job with the CIAC at LLNL. He worked with me on several COAST projects, including software forensics and OPUS. He is currently working as an IP architect at Windstream Communications.
Paul Williams
Paul retired from the US Air Force as a lieutenant colonel in 2015. His dissertation was on using a co-processor to monitor security-related behavior of a running system. His dissertation was entitled CUPIDS: Increasing Information System Security Through the Use of Dedicated Co-Processing. He graduated from Purdue in 2005. He is now VP of Enterprise IT & Security for Enlyte.
Diego Zamboni
Diego received his Ph.D. in 2001. His dissertation was entitled Using Internal Sensors for Computer Intrusion Detection. He is currently working as an author, and as Governance CISO at Avaloq.