if you are interested in working with me as a student, see my
Grad info page for graduate students. Note that I have limited bandwidth because of my administrative duties, so students working with me need to be very motivated and self-directed.
Graduated PhD Students
Here is a "genealogy" of my 23 graduated PhD students. Eight of the 23 have gone into academic positions, and several of them have produced Ph.D. grads of their own. I also include details on several of my notable MS students.
Boakya is a PhD candidate in CS who is working on IDS and response in real-time systems with massive data rates.
Alex is an Army office in the INSC program investigating anti-censorship technologies for his dissertation.
Rob is working on measures of anomymity. He is a PhD candidate in the INSC program.
Doug is a new INSC student who is initially looking into how deception may be employed to protect industrial control systems.
Selected Former Students
Here I've listed the students whose names you might find on research papers or software products out of my research projects. It is not a complete list of all the notable students who have worked with me, because the list would be too long to contain them all!
An MS thesis student, who worked with me in access control and trusted computing environments. She went on to become a senior engineer with Qualcomm in California.
Hira received his PhD in 1991. He is now working at Peraton Labs (formerly Telcordia). His dissertation, Towards Automatic Debugging of Computer Programs, was done as part of the Spyder project in the SERC. Hira's co-advisor was Richard DeMillo.
Mohammed received his PhD in 2015, and was co-advised by Mike Atallah. His disserttion was on techniques and formalisms for using deception in cyber defense. He is now with Outliers Venture Capital in Saudi Arabia.
Taimur received his MS degree in 1995 for his research with the COAST Project. His MS thesis, A Taxonomy of Security Faults in Operating Systems, explored how to classify faults in Unix that led to security compromises. The classification can be used for testing and software development. Taimur is a co-founder of Argole Systems, and Broadstone Technologies.
Jeff wast in CS, co-advised by Saurabh Bagchi. He graduated in 2017 and is now at Northrop Grumman. His thesis was on using deception to protect patching against reverse engineering.
Received his PhD in August 2005 and is on the faculty of James Madison University. His dissertation was on embedding forensic support in a general-purpose OS file system, and was entitled Pervasive Binding of Labels to System Processes.
I was Serdar's co-advisor, with Carla Brodley at Tufts. His PhD dissertation involved exploration of how to create covert timing channels in the IP protocol, and how to discover those same types of channel. Serdar graduated in December, 2006. He is a partner with Deloitte, in England.
Brian received his PhD in spring 2006 for his dissertation on a formal framework for digital forensic investigations. He is SVP and CTO at Basis Technology.
Steve received his PhD in 1993.He did his dissertation, entitled Scheduling Support for an Internetwork of Heterogeneous, Autonomous Processors, as the core of the Messiahs Project.
Steve was an Associate Professor at Syracuse University. He was the first of my former students to produce Ph.D. graduates of his own. He is now a lead cybecybersecurity scientist at LLNL.
Mark received his MS degree in 1995 working in the COAST Project. His research topic was in using "Artificial Life" to build active computer security defenses. He originated the idea of using numerous, autonomous agents for intrusion detection. Mark married Tanya Mastin, another former student. He is currently the data protection officer at Dropbox.
Tom received his Ph.D. in December 2002 after completing his dissertation, Reference Models for the Concealment and Observation of Origin Identity in Store and Forward Networks. He is on the faculty of Iowa State University.
Bryn received his MS degree in 1995 while working in the COAST Project. He was involved with development of methods of testing security firewalls and screens in networks. After working for a while at Sun Microsystems, Bryn left to be one of the founders of the Open Directory Project and the TOPIX news site. He was one of the founders of Blekko, an innovative search engine firm.
Kevin received his PhD in 2001. He is now on the faculty at Syracuse University. His thesis was entitled A Study Of Several Specific Secure Two-Party Computation Problems. His co-advisor was Mike Atallah.
Advised by myself and Professor Carla Brodley (formerly with Purdue ECE), Jim graduated in August 2005. His thesis was on detecting anomalies in network traffic, and his dissertation was entitled Behavioral Feature Extraction for Network Anomaly Detection. He is on the CS faculty at SUNY Oswego and is a senior engineer with Good Uncle.
Dan completed his undergraduate degree at Purdue in 1990. While at Purdue, he built the COPS static audit tool under my direction, and has achieved notoriety for many achievements since then, including being named to the ISSA Hall of Fame. He is currently a distinguished engineer with Mercedes-Benz R&D.
I was coadvisor for Rajeev with Jan Vitek. His thesis was about how to employ methods of static analysis to increase confidence in the secure operation of software. He received his Ph.D. in spring 2006. He initially joined the research staff at Intel Laboratories in Oregon, and is now an independent consultant in India.
Chris graduated in 2017. He was working in uses of deception in cyber defense, with a focus on protecting memory against wipers and ransomware. Saurabh Bagchi was co-advisor. Chris is now working at Intel.
Gene H. Kim
Gene completed his BS degree in 1993 and his MSCS at the University of Arizona. He worked with me on the Tripwire project through COAST, released on November 2, 1992. Gene is now CTO of Tripwire, Inc. Since 1999, Gene has been capturing and codifying how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common business objectives. This was codified in 2004, he co-wrote the Visible Ops Handbook, showing how IT organizations successfully transformed from good to great.
Gene was named as a 2007 Outstanding Alumnus by Purdue CS.
Ivan completed his PhD on the topic of Software Vulnerability Analysis in 1998. He constructed a large-scale database of system vulnerabilities, and then used this to explore their characteristics. His research was part of the COAST Project. He is the founder and CEO of start-up company, Arte Xacta, in his native Bolivia.
Ivan also did his MS thesis under my direction, entitled Authorship Analysis: Identifying the Author of a Program.
Ivan is the only repeat winner of the Maurice Halsted Software Engineering Award, given at Purdue each year.
Sandeep received his Ph.D. in August, 1995. His dissertation, Classification and Detection of Computer Intrusions developed a new approach to intrusion detection. His research was part of the COAST Project. He is currently working for VMWare.
Benjamin (Kuperman) Bly
Ben graduated in August 2004 and then joined the faculty of Swarthmore College then the CS faculty of Oberlin College. He is now a Senior Manager of Software Development with Adobe. His dissertation was entitled A Categorization of Computer Security Monitoring Systems and the Impact on the Design of Audit Sources.
Steve received his MS degree in 1996 while at Purdue as a GM Fellow. He worked with the COAST group while here, and is credited with discovering the Kerberos random number generator vulnerability - one of the 10 worst software bugs in history.
Tanya completed her BS degree in the spring of 1997. While at Purdue, she worked with COAST to redesign the entire on-line archive, including introducing a new database format to keep track of entries.
Tanya married Mark Crosbie, another former student, and the two now live in Ireland. Tanya is currently running her own award-winning photography business there, named "Giggles and Smiles."
Pascal came to Purdue with a Ph.D. in biological sciences. He completed his M.S. under my direction, and worked as a research scientist with CERIAS for nearly a decade. He was a member of the technical staff for Information Technology at Purdue (ITaP) until recently, and now doing consulting work.
Mike completed his MS work and is now on the technical staff at MITRE Corporation. He worked on botnet research while at Purdue.
Stephanie Miller Bansal
Finished a M.S. thesis in security policy and infrastructure for a statewide education project in 1999. She has worked at Accenture, Deloitte, and HP, but is now hard at work as a stay-at-home mom.
Kelly finished her PhD. in the interdisciplinary Information Security program. She is interested in a number of areas of policy, including privacy protections and protections of at-risk populations online. Her dissertation was an analysis of the security expertise present in organizations that work with at-risk populations. She is the Founder and CEO of Sightline Security.
Sofie completed her MS degree while working with us on forensics and network security. She worked for a while in security and critical infrastructure protection in her native Norway. After some time a VP of security for Telenor in Norway, and head of the Center for Cyber and Information Security, she is now the Director General of the Norwegian National Security Authority.
Hsin (Sean) Pan
Sean received his PhD in 1993 and was co-founder and Executive Director of Rich House Global Technology Ltd., a company working in near-field communications. He is now a Senior Director at Foxconn. His dissertation, Debugging with Dynamic Instrumentation and Test-Based Information, was done as part of the Spyder project in the SERC. Hsin's co-advisor was Richard DeMillo.
Kat completed an MS thesis in 1997 on the nature of audit trails in intrusion detection systems, entitled Host-based Misuse Detection and Conventional Operating Systems' Audit Data Collection. She is now a developer with SAS Institute in North Carolina.
I was Maja's co-advisor, with Carla Brodley at Tufts. Maja graduated in spring 2007 after completing a dissertation on the topic of dynamic reauthentication based on computer mouse activity. She is currently working for Ab Initio in Boston.
Christoph's PhD topic involved the development of a reference model for firewalls, and an implementation of a proof-of-concept on native ATM technology. He received his PhD in 1997 for his dissertation On the Modeling, Design and Implementation of Firewall Technology. He was currently Head of Network Security Technology Strategy at Ericsson, and is now a Senior Security Architect at Apple Computer.
Christoph did his MS thesis under my direction, entitled Addressing Weaknesses in the Domain Name System.
Dannie was co-advised by Dongyan Xu. His dissertation was on defenses against rootkits and unauthorized kernel modifications, and entitled Improved Kernel Security through Code Verification, Diversification, and Minimization. He graduated in 2013 and is now an associate professor at Taylor University.
Karyl completed his BS degree in 1998. While working with the COAST Project, he helped design our firewall testing testbed, as well as contributing to several other projects. He is currently a systems architect principal with FedEx.
Aurobindo (Robin) Sundaram
Robin completed his MS degree in 1997. He initially worked in corporate security for Schlumberger. He is currently the Vice President - Information Security Assurance & Data Protection at RELX Group.
Nok received her PhD in 1994 for her dissertation Enhancing Debugging Technology. This was the final part of the Spyder project in the SERC. Nok has been President of IFBPW. She was named as a 2007 Outstanding Alumna by Purdue CS. She is currently President of Pathanasomdoon Co, Ltd. in Thailand.
Keith received his BS degree in 1997. He worked with me on developing methods of testing security software and firewalls. After a while at Sun Microsystem Labs, Keith left and came back to CERIAS as a senior research engineer, working on our intrusion detection and security architecture projects. He is currently the director of threat management at Optiv, Inc.
Steve received his MS in 1992 and then took a job with the CIAC at LLNL. He worked with me on several COAST projects, including software forensics and OPUS. He is currently working as an IP architect at Windstream Communications.
Paul retired from the US Air Force as a lieutenant colonel in 2015. His dissertation was on using a co-processor to monitor security-related behavior of a running system. His dissertation was entitled CUPIDS: Increasing Information System Security Through the Use of Dedicated Co-Processing. He graduated from Purdue in 2005. He is now Senior Vice President and Chief Security Officer, Teradata.
Diego received his Ph.D. in 2001. His dissertation was entitled Using Internal Sensors for Computer Intrusion Detection. He is currently working as an author, and as Senior Enterprise Architect with Swisscom.