PhD	Mathematics	Texas Tech University	1/89–5/92
		Lubbock, Texas
MS	Mathematics	Texas Tech University	8/86–8/88
		Lubbock, Texas
BS	Computer Science	Morningside College	8/79–5/83
		Sioux City, Iowa
	High School	Harlan Community High School	8/75–5/79
		Harlan, Iowa

• Assistant/Associate Professor (8/02–present)
  Department of Computer Science
  San Jose State University
  San Jose, California
  
  Responsibilities
  • Teach undergraduate classes
    • Information Security (CS 166)
    • Computer Networks (CS 158A)
    • Network Management (CS 158B)
    • Introduction to Programming in Java (CS 46A)
    • Introduction to Data Structures (CS 46B)
  • Teach graduate classes
    • Cryptography and Computer Security (CS 265)
    • Software Reverse Engineering (CS 286)
    • Distributed Computing (CS 249)
    • Applied Network Security (CS 286)
  • Research and publication in information security and related fields
  • Direct Master's and undergraduate student research projects
  
  
  
• Lecturer (Winter Quarter 2003)
  Department of Computer Science
  University of California, Santa Cruz
  Santa Cruz, California
  
  Responsibilities
  • Teach graduate Combinatorial Algorithms (CMPS 211)
  
  
  
• Chief Cryptologic Scientist (12/00–4/02)
  MediaSnap, Inc.
  San Jose, California
  
  Responsibilities
  • Design, analyze, implement, and test security features of digital rights management (DRM) system, including proprietary scrambling, key management, and software uniqueness algorithms
  • Cryptographic, statistical, and mathematical analysis in support of digital watermarking, software encryption, and anti-debugging techniques
  • Implement and verify correct usage of encryption algorithms including AES and RSA
  • Software development in Microsoft Windows Visual C++
  • Analyze competing DRM systems,including patent reviews
  • Supervise junior software engineers
  • Produce written documentation including patent disclosures, detailed system specifications, and user documentation
  
  
  
• Cryptologic Mathematician (5/93–12/00)
  National Security Agency
  Fort George G. Meade, Maryland
  
  Responsibilities
  • Classified research and development in the fields of cryptography, algorithms, and networks in support of signals intelligence (SIGINT)
  • Classified speech research and development in support of SIGINT
  • Applied supercomputing and distributed computing
  • Software development using C in a UNIX environment on DEC/Compaq, Sun, and HP workstations
  • Project supervisor
  
  
  
• Visiting Assistant Professor (8/92–5/93)
  Mathematical Sciences
  Worcester Polytechnic Institute
  Worcester, Massachusetts
  
  Responsibilities
  • Academic research and publication in cryptography, combinatorics, epidemiology, simulation, numerical analysis, and control theory
  • Teach undergraduate Calculus I, Calculus III, and Graph Theory
  
  
  
• Teaching/Research Assistant (1/86–8/92)
  Department of Mathematics
  Texas Tech University
  Lubbock, Texas
  
  Responsibilities
  • Research in cryptography, control theory, epidemiology, and numerical analysis in support of research grants
  • Teach undergraduate Business Mathematics and College Algebra
  
  
  
• Part-time Instructor (5/85–8/85)
  Private language schools
  Taiwan
  
  Responsibilities
  • Teach English conversation
  
  
  
• Instructor (1/85–5/85)
  Nebraska Indian Community College
  Winnebago, Nebraska
  
  Responsibilities
  • Teach Introduction to Computers

• Citizenship: United States
  
  
• Highest security clearance held: TS//SI

• Information security
  
  
• Digital rights management (DRM)
  
  
• Cryptanalysis and cryptography
  
  
• Algorithms
  
  
• Networks and routing
  
  
• Speech research
  
  
• Graph theory and combinatorics
  
  
• Applied statistics
  
  
• High-performance computing
  
  
• Software development
  
  
• Epidemiology
  
  
• Numerical analysis
  
  
• Simulation
  
  
• T_EX and L^AT_EX

• Association for Computing Machinery (ACM)
  
  
• IEEE Computer Society
  
  
• Mathematical Association of America (MAA)

• Engineering Applications of Artificial Intelligence
  
  
• IEEE Transactions on Computers
  
  
• International Journal of Multimedia Intelligence and Security
  
  
• Computers & Security
  
  
• Handbook of Research on Secure Multimedia Distribution
  
  
• Information Processing Letters
  
  
• Journal in Computer Virology
  
  
• Computer Communications
  
  
• Reviewed grant proposals for the Natural Sciences and Engineering Research Council of Canada (NSERC)
  
  
• IEEE Transactions on Image Processing
  
  
• The Handbook of Computer Networks
  
  
• Communications in Information and Systems
  
  
• Reviewed grant proposals for the United States Civilian Research & Development Foundation
  
  
• The Handbook of Information Security
  
  
• Journal of Systems and Software
  
  
• IEEE Computer
  
  
• IEEE Transactions on Information Theory
  
  
• Journal of Mathematical Systems, Estimation, and Control

• CloakX, LLC
  Consulted on security topics related to digital content protection (9/06)
  
  
• Institute for Defense Analysis (IDA)
  Information Security Technology Working Group (INFOSEC TWG)
  Consulted on various topics in information security (8/04–present)
  
  
• Internet Streaming Media Alliance (ISMA)
  Reviewed ISMACryp Draft Specification, Version 7.0 (8/03)
  
  
• SoftVault Systems, Inc.
  Consulted on DRM issues (6/03)
  
  
• Symantec Corporation
  Discussed plans for university research program (6/03)
  
  
• Health Technology Center (HealthTech)
  Consulted on impact of DRM and IT security in healthcare (10/02)
  
  
• Exploit Systems, Inc.
  Technical Advisory Board (5/02–8/04)

• Team for Research in Ubiquitous Secure Technology (TRUST), 2010–2011. Release time equivalent to one course per year.
  
  
• Collaborative Research Experience for Undergraduates (CREU), 2007–2008. Funding: $12,500.
  
  
• Team for Research in Ubiquitous Secure Technology (TRUST), 2006–2008. Release time equivalent to one course per year.
  
  
• Junior Faculty Development Grant, San Jose State University, Spring 2006. Release time equivalent to one course.

• 21st EICAR Annual Conference (EICAR2012), Lisbon, Portugal, May 7–8, 2012. Program committee.
  
  
• 20th USENIX Security Symposium (USENIX Security '11), San Francisco, California, August 8–12, 2011. Poster presentation: Robust Watermarking using Hidden Markov Models, M. Mungale (student).
  
  
• USENIX Workshop on Cyber Security Experimentation and Test (CSET '10), Washington, DC, August 9, 2010. Program committee.
  
  
• 20th EICAR Annual Conference (EICAR2011), Krems, Austria, May 9–10, 2010. Program committee.
  
  
• USENIX Workshop on Cyber Security Experimentation and Test (CSET '09), Montreal, Canada, August 10, 2009. Program committee.
  
  
• 2008 International Workshop on Multimedia Security in Communication (MUSIC '08), Hangzhou, China, August 25–28, 2008. Technical program committee
  
  
• USENIX Workshop on Cyber Security Experimentation and Test (CSET '08), San Jose, California, July 28, 2008. Program committee.
  
  
• 2008 International Conference on Security and Cryptography (SECRYPT 2008), Porto, Portugal, July 26–29, 2008. Program committee.
  
  
• 20th International Conference on Software Engineering and Knowledge Engineering (SEKE 2008), Redwood City, California, July 1–3, 2008. Track organizer: Security technology and systems.
  
  
• 2008 Information Assurance Capacity Building Program (IACBP), Summer Symposium, San Jose, California, June 12–13, 2008. Symposium chair and organizer.
  
  
• 2007 International Conference on Security and Cryptography (SECRYPT 2007), Barcelona, Spain, July 28–31, 2007. Program committee.
  
  
• 2007 Information Assurance Capacity Building Program (IACBP), Summer Symposium, San Jose, California, June 14–15, 2007. Symposium co-chair and organizer.
  
  
• Invited presentation: Analysis and detection of metamorphic malware, with W. Wong (student), Ironport Systems, Inc., San Bruno, California, April 27, 2007.
  
  
• Seminar presentation: Metamorphic software for good and evil, with W. Wong (student), Stanford University, Stanford, California, September 26, 2006.
  
  
• Symantec Research Labs, Santa Monica, California, September 13, 2006. Invited presentation: Hunting for metamorphic engines [PowerPoint 548KB], with W. Wong (student).
  
  
• Defcon 14, Las Vegas, Nevada, August 4–6, 2006. Contributed presentation: Hunting for metamorphic engines [PowerPoint 224KB], with W. Wong (student).
  
  
• 2006 International Conference on Security and Cryptography (SECRYPT 2006), Setubal, Portugal, August 7–10, 2006. Program committee.
  
  
• 2006 International Conference on Security & Management (SAM '06), Las Vegas, Nevada, June 26–29, 2006. Contributed presentation: Role based access control and the JXTA peer-to-peer framework [PowerPoint 220KB].
  
  
• Colloquium presentation: Network security for fun and profit, California State University, East Bay, Hayward, California, May 5, 2006.
  
  
• RSA Conference 2006, San Jose, California, February 13–17, 2006.
  
  
• 2005 International MultiConference in Computer Science & Computer Engineering, Las Vegas, Nevada, June 27–30, 2005. Tutorial presentation: Introduction to information security [Word 27KB].
  
  
• RSA Conference 2005, San Francisco, California, February 14–18, 2005.
  
  
• 2004 International MultiConference in Computer Science & Computer Engineering, Las Vegas, Nevada, June 21–24, 2004. Tutorial presentation: Digital rights management: the good, the bad, and the ugly [PDF 136KB].
  
  
• RSA Conference 2004, San Francisco, California, February 23–27, 2004. Read my trip report.
  
  
• Joint Mathematics Meetings, Phoenix, Arizona, January 7–10, 2004. Contributed presentation: The life and death of a Silicon Valley startup company [PowerPoint 44KB].
  
  
• New directions in control theory and applications (conference in Honor of Clyde Martin's 60th Birthday), Lubbock, Texas, November 14–15, 2003. Invited presentation: Hamptonese and hidden Markov models or when is a cipher not a cipher? [PowerPoint 811KB].
  
  
• Defcon 11, Las Vegas, Nevada, August 1–3, 2003. Read my trip report.
  
  
• Conference on Computer Science and its Applications, San Diego, California, July 1–2, 2003. Contributed presentation: The MediaSnap^® digital rights management system [PowerPoint 116KB].
  
  
• Colloquium presentation: Digital rights management in the real world, San Jose State University, May 8, 2003.
  
  
• Emerging Issues: Security, Mobility, Privacy, Stanford University, April 5, 2003.
  
  
• 2002 MEMS and Network Security Symposium, Santa Clara, California, September 7, 2002.
  
  
• RSA Conference 2002, San Jose, California, February 19–22, 2002. Read my trip report.
  
  
• Guest lecture: Classical and modern cryptanalysis, Cal Poly, San Luis Obispo, California, May 17, 2001.
  
  
• Information Hiding 2001, Pittsburgh, Pennsylvania, April 25–27, 2001.
  
  
• Mathematics 2000 Conference (M2K), National Security Agency, January 2000. Contributed presentation: Hitchhiker's guide to dynamic programming.
  
  
• Joint Mathematics Meetings, Washington, DC, January 2000.
  
  
• 1999 National Information Systems Security Conference (NISSC), Arlington, Virginia, October 18–21, 1999.
  
  
• Previous conferences and presentations can be found here.

1. Exploring hidden Markov models for virus analysis: A semantic approach, with T. H. Austin, E. Filiol, and S. Josse, submitted.
   
   
2. Efficient cryptanalysis of homophonic substitution ciphers, with A. Dhavare (student) and R. M. Low, submitted.
   
   
3. Opcode graph similarity and metamorphic detection, with N. Runwal (student) and R. M. Low, submitted.
   
   
4. Software similarity and metamorphic detection, with M. Mungale (student), submitted.
   
   
5. Masquerade detection using profile hidden Markov models, with L. Huang (student), Computers and Security, Vol. 30, Issue 8, November 2011, pp. 732–747.
   
   
6. Information Security: Principles and Practice, 2nd edition, Wiley, May 2011, ISBN: 978-0-470-62639-9.
   
   
7. Improved software activation using multithreading, with J. Zhang (student), submitted.
   
   
8. Hunting for undetectable metamorphic viruses, with D. Lin (student), Journal in Computer Virology, Vol. 7, No. 3, August 2011, pp. 201–214.
   
   
9. Detecting undetectable metamorphic viruses, with S. Venkatachalam (student), Proceedings of SAM '11, pp. 340–345.
   
   
10. A highly metamorphic virus generator, with P. Desai (student), International Journal of Multimedia Intelligence and Security, Vol. 1, No. 4, 2010, pp. 402–427.
    
    
11. iPhone security analysis, with V. Pandya (student), Journal of Information Security, Vol. 1, No. 2, October 2010, pp. 73–86.
    
    
12. Handbook of Information and Communication Security, editor, with P. Stavroulakis, Springer, March 2010, ISBN: 978-3-642-04116-7.
    
    
13. An introduction to software reverse engineering, with T. Cipresso (student), in Handbook of Information and Communication Security, Springer, March 2010.
    
    
14. QuickPay online payment protocol, with J. Dai (student), Proceedings of SEKE '08.
    
    
15. Profile hidden Markov models and metamorphic virus detection, with S. Attaluri (student) and S. McGhee (student), Journal in Computer Virology, Vol. 5, No. 2, May 2009, pp. 151–169.
    
    
16. Digital rights management for streaming media, with D. Brahmbhatt (student), Handbook of Research on Secure Multimedia Distribution, IGI Global, March 2009, ISBN: 978-1-60566-262-6.
    
    
17. Digital rights management for untrusted peer-to-peer networks, with P. Priyadarshini (student), Handbook of Research on Secure Multimedia Distribution, IGI Global, March 2009, ISBN: 978-1-60566-262-6.
    
    
18. An agent-based privacy enhancing model, with H.-H. Lee (student), Information Management & Computer Security, Vol. 16, No. 3, 2008, pp. 305–319.
    
    
19. P2PTunes: A peer-to-peer digital rights management system, with R. Venkataramu (student), Handbook of Research on Secure Multimedia Distribution, IGI Global, March 2009, ISBN: 978-1-60566-262-6.
    
    
20. SIGABA: Cryptanalysis of the full keyspace, with W. O. Chan (student), Cryptologia, Vol. 31, No. 3, July 2007, pp. 201–222.
    
    
21. P3P privacy enhancing agent, with H.-H. Lee (student), Proceedings of the 3rd ACM Workshop on Secure Web Services (SWS'06), Alexandria, Virginia, November 3, 2006, pp. 109–110.
    
    
22. Hunting for metamorphic engines, with W. Wong (student), Journal in Computer Virology, Vol. 2, No. 3, December 2006, pp. 211–229.
    
    
23. Applied Cryptanalysis: Breaking Ciphers in the Real World, with R. M. Low, Wiley-IEEE Press, April 2007, ISBN: 978-0-470-11486-5.
    
    
24. King and rook vs. king on a quarter-infinite board, with R. M. Low, Integers: The Electronic Journal of Combinatorial Number Theory, Vol. 6, Article G3, 2006, 8 pages.
    
    
25. Information theory, with D. Blockus, invited book chapter, The Handbook of Computer Networks, H. Bidgoli, editor, John Wiley & Sons, Inc., November 2007, ISBN: 978-0-471-64833-8.
    
    
26. Role based access control and the JXTA peer-to-peer framework, with A. Mathur (student) and S. Kim, Proceedings of 2006 International Conference on Security & Management (SAM'06), Las Vegas, Nevada, June 26–29, 2006.
    
    
27. Metamorphic software for buffer overflow mitigation, with X. Gao (student), Proceedings of 3rd Conference on Computer Science and its Applications, P. P. Dey and M. N. Amin, editors, San Diego, California, June 28–30, 2005.
    
    
28. On using mouse movements as a biometric, with S. Hashia (student) and C. Pollett, Proceedings of 3rd Conference on Computer Science and its Applications, P. P. Dey and M. N. Amin, editors, San Diego, California, June 28–30, 2005.
    
    
29. Stealthy ciphertext, with M. Simova (student) and C. Pollett, Proceedings of 3rd International Conference on Internet Computing (ICOMP'05), Las Vegas, Nevada, June 27–30, 2005.
    
    
30. Unpredictable binary strings, with R. M. Low, R. Craigen, and G. Faucher, Congressus Numerantium 177, 2005, pp. 65–75, MR2198651.
    
    
31. Information Security: Principles and Practice, Wiley Interscience, September 2005, ISBN: 0-471-73848-4.
    
    
32. Software watermarking via assembly code transformations, with S. Thaker (student), Proceedings of 2nd Conference on Computer Science and its Applications, P. P. Dey, M. N. Amin, and T. M. Gatton, editors, San Diego, California, June 2004, pp. 205–209.
    
    
33. Hamptonese and hidden Markov models, with E. Le (student), Lecture Notes in Control and Information Sciences, Vol. 321, Springer 2005, W. P. Dayawansa, A. Lindquist, and Y. Zhou, editors, pp. 367–378.
    
    
34. Enterprise digital rights management: Ready for primetime?, with E. J. Sebes, Business Communications Review, March 2004, pp. 52–55.
    
    
35. Risks of monoculture, Inside Risks 165, Communications of the ACM, Vol. 47, No. 3, March 2004, p. 120.
    
    
36. Multilevel security models, with A. Hushyar (student), invited chapter, The Handbook of Information Security, H. Bidgoli, editor, John Wiley & Sons, Inc., January 2006, ISBN: 0-471-64833-7.
    
    
37. A characterization of a class of discrete nonlinear feedback systems, with D. I. Wallace, and C. F. Martin, Communications in Information and Systems, Vol. 5, No. 3, 2005, pp. 305–310.
    
    
38. Solvable problems in enterprise digital rights management, with E. J. Sebes, Information Management & Computer Security, Vol. 15, No. 1, 2007, pp. 33–45.
    
    
39. Secure streaming media and digital rights management, with D. Holankar (student), Proceedings of the 2004 Hawaii International Conference on Computer Science, Honolulu, Hawaii, January 2004, pp. 85–97.
    
    
40. Digital rights management: For better or for worse?, ExtremeTech, May 20, 2003. Also appeared on eWEEK, May 1, 2003.
    
    
41. The MediaSnap^® digital rights management system, with P. Sabadra (student), Proceedings of Conference on Computer Science and its Applications, P. P. Dey, M. N. Amin, and T. M. Gatton, editors, San Diego, California, July 2003.
    
    
42. Software uniqueness: How and why, with P. Mishra (student), Proceedings of Conference on Computer Science and its Applications, P. P. Dey, M. N. Amin, and T. M. Gatton, editors, San Diego, California, July 2003.
    
    
43. Pokémon^® cards and the shortest common superstring, with A. E Stamp, Graph Theory Notes of New York XLVII, 2004, pp. 19–24, MR2134214.
    
    
44. Risks of digital rights management, Inside Risks 147, Communications of the ACM, Vol. 45, No. 9, September 2002, p. 120.
    
    
45. Digital rights management: The technology behind the hype, Journal of Electronic Commerce Research, Vol. 4, No. 3, 2003, pp. 102–112.
    
    
46. NSA paper, A stroll through WOK THROUGH, status unknown.
    
    
47. Rush Hour^® and Dijkstra's algorithm, with B. Engel (student), M. Ewell (student), and V. Morrow (student), Graph Theory Notes of New York XL, 2001, pp. 23–30, MR1823243. Expanded tables of results.
    
    
48. NSA paper, Let me count the ways..., status unknown.
    
    
49. NSA paper, Hitchhiker's guide to dynamic programming, status unknown.
    
    
50. NSA paper, STA PUF is no marshmallow, status unknown.
    
    
51. Random walks on wheels, with M. Lee (student), Graph Theory Notes of New York XXXIII, 1997, pp. 24–25.
    
    
52. NSA paper R51/TECH/038/93, S-243,676, November 1996: Title and subject classified.
    
    
53. NSA paper Z52 TSR-007-95, August 1995: Title and subject classified.
    
    
54. NSA paper Z21 TSR-21-94, December 1994: Title and subject classified.
    
    
55. NSA paper Z52 ITN-004-94, February 1994: Title and subject classified.
    
    
56. A model for the optimal control of a measles epidemic, with C. F. Martin, L. Allen, M. Jones, and R. Carpio, Computation and Control III: Proceedings of the Third Bozeman Conference, Progress in Systems and Control Theory, Vol. 15, K. Bowers and J. Lund, editors, Boston: Birkhäuser, 1993, MR1247482.
    
    
57. Urn model simulations of a sexually transmitted disease epidemic, with C. F. Martin, and L. J. S. Allen, Applied Mathematics and Computation, Vol. 71, 1995, pp. 179–199.
    
    
58. Pseudo-random sequences in secret key cryptography, with C. F. Martin, Proceedings of the 1992 International Computer Symposium, Vol. 1, Feng Chia University, Taichung, Taiwan, 1992, pp. 166–173.
    
    
59. Stochastic analysis of vaccination strategies, with L. Allen, T. Lewis, C. Martin, R. Carpio, M. Jones, G. Mundel, and A. Way, Stochastic Theory and Adaptive Control, Proceedings of a workshop held in Lawrence, Kansas, September 26–28, 1991, Lecture Notes in Control and Information Sciences 184, T. E. Duncan and B. Pasik-Duncan, editors, Springer-Verlag, 1992, pp. 1–11.
    
    
60. An analysis of the transmission of Chlamydia in a closed population, with C. F. Martin and L. J. S. Allen, Journal of Difference Equations and Applications, Vol. 2, No. 1, 1996, pp. 1–29, MR1375593.
    
    
61. An algorithm for the k-error linear complexity of binary sequences with period 2ⁿ, with C. F. Martin, IEEE Transactions on Information Theory, Vol. IT-39, No. 4, July 1993, pp. 1398–1401, MR1267161.
    
    
62. Gaussian quadrature and linear systems, with C. F. Martin, Computation and Control II: Proceedings of the Second Bozeman Conference, Progress in Systems and Control Theory, Vol. 11, K. Bowers and J. Lund, editors, Boston: Birkhäuser, 1991, pp. 263–277, MR1140027.
    
    
63. Analysis of a measles epidemic, with L. J. S. Allen, T. Lewis, C. F. Martin, G. Mundel, A. B. Way, C. K. Lo, and M. A. Jones, Statistics in Medicine, Vol. 12, 1993, pp. 229–239.
    
    
64. A note on the error in Gaussian quadrature, with C. F. Martin, Applied Mathematics and Computation, Vol. 47, 1992, pp. 25–35, MR1137059.
    
    
65. A generalized linear complexity, Ph.D. dissertation, Department of Mathematics, Texas Tech University, May 1992.
    
    
66. Analysis of infinite dimensional dynamic systems with nonlinear observation over a finite field, with C. F. Martin, Modeling, Estimation and Control of Systems with Uncertainty, Progress in Systems and Control Theory, Vol. 10, G. B. DiMasi, A. Gombani, and A. B. Kurzhansky, editors, Boston: Birkhäuser, 1991, pp. 301–323, MR1133379.
    
    
67. Discrete observability and numerical quadrature, with C. F. Martin and X. Wang, IEEE Transacations on Automatic Control, Vol. AC-36, No. 11, November 1991, pp. 1337–1340, MR1130511.
    
    
68. Mathematical analyses and simulations of a measles epidemic, with L. Allen, T. Lewis, C. Martin, M. Jones, C. Lo, G. Mundel, and A. Way Proceedings of the American Statistical Association Biometric Society-Eastern North American Region (ENAR) Spring Meeting, March 24–27, 1991, Houston, Texas.
    
    
69. A mathematical analysis and simulation of a localized measles epidemic, with L. J. S. Allen, T. Lewis, and C. F. Martin, Applied Mathematics and Computation, Vol. 39, 1990, pp. 61–77.
    
    
70. Classification and realization of pseudo-random number generators, with C. F. Martin, Systems and Control Letters, Vol. 14, 1990, pp. 169–175, MR1044323.
    
    
71. Constructing polynomials over finite fields, with C. F. Martin, Computation and Control: Proceedings of the Bozeman Conference, Progress in Systems and Control Theory, Vol. 1, K. Bowers and J. Lund, editors, Boston: Birkhäuser, 1989, pp. 233–252, MR1046854.
    
    
72. Constructing polynomials over finite fields, Master's thesis, Department of Mathematics, Texas Tech University, December 1988.

• Master's
  
  
  1. J. Sun, CrypTool implementation of homophonic substitution attack, in preparation.
     
     
  2. Y. Liu, ECC parallel implementation in CUDA, in preparation.
     
     
  3. G. Shanmugam, Simple substitution distance and metamorphic detection, in preparation.
     
     
  4. D. Baysa, Structural entropy and metamorphic malware, in preparation.
     
     
  5. A. Agrawal, User profiling in GUI based Windows systems for masquerade detection, in preparation.
     
     
  6. A. Mahajan, Masquerade detection based on UNIX commands, in preparation.
     
     
  7. S. Deshpande, Eigenvalue analysis for metamorphic detection, in preparation.
     
     
  8. J. Patil, Secure media streaming, in preparation.
     
     
  9. A. Kothari, Defeating masquerade detection, in preparation.
     
     
  10. C. Wong, Analysis of DPA and DEMA attacks on embedded systems, in preparation.
      
      
  11. S. Kazi, Hidden Markov models for software piracy detection, in preparation.
      
      
  12. K. Chang, Cryptanalysis of Typex, in preparation.
      
      
  13. S. M. Sridhara, Metamorphic worm that carries its own morphing engine, in preparation.
      
      
  14. S. Kumar, Online monitoring using Kismet, in preparation.
      
      
  15. P. K. Gone, Anti-reverse engineering of Java byte code, in preparation.
      
      
  16. M. Ai, CryptSim: Simulators for classic and modern ciphers, in preparation.
      
      
  17. A. Dhavare, Efficient attacks on homophonic substitution ciphers. Completed, Fall 2011. A technical report based on this master's project can be found here.
      
      
  18. N. Runwal, Graph technique for metamorphic virus detection. Completed, Fall 2011.
      
      
  19. A. Singh, Social networks for botnet command and control, in preparation.
      
      
  20. S. Anandan, Online application monitoring tool. Completed Fall 2010.
      
      
  21. A. Hii, Chi-squared distance and metamorphic detection, in preparation.
      
      
  22. M. Patel, Similarity tests for metamorphic virus detection. Completed Spring 2011.
      
      
  23. N. Manjunath, Stealthy email, in preparation.
      
      
  24. R. Muralidhar, Substitution cipher with non-prefix codes. Completed Spring 2011.
      
      
  25. S. Priyadarshi, Metamorphic detection via emulation. Completed Spring 2011.
      
      
  26. N. Buddhadev, User monitor and feedback mechanism for social scientific study on laptop energy reduction. Completed Spring 2011.
      
      
  27. M. Mungale, Robust watermarking using hidden Markov models. Completed Spring 2011.
      
      
  28. A. Patel, Decompiler and pseudo-code generation. Completed Spring 2011.
      
      
  29. N. Samant, Automated penetration testing. Completed Spring 2011.
      
      
  30. A. Sharma, Dynamic code checksum generator. Completed Spring 2011.
      
      
  31. A. Suvatne, Improved worm simulator and simulations. Completed Fall 2010.
      
      
  32. X. Zhang, ActiBot: A botnet to evade active detection. Completed Fall 2011.
      
      
  33. A. Shah, Approximate disassembly using dynamic programming. Completed Fall 2010.
      
      
  34. D. Mulani, How smart is your Android smartphone?. Completed Spring 2010.
      
      
  35. D. Kundu, JShield: A Java anti-reversing tool. Completed Spring 2011.
      
      
  36. F. Yang, Automatic execution path finding tool. Completed Fall 2010.
      
      
  37. L. Huang, A study on masquerade detection. Completed Fall 2010.
      
      
  38. J. Zhang, Improved software activation using multithreading. Completed Spring 2010.
      
      
  39. S. Venkatachalam, Detecting undetectable computer viruses. Completed Spring 2010.
      
      
  40. V. Luong, Intrusion detection and prevention system: SQL-injection attacks. Completed Fall 2010.
      
      
  41. R. Shah, Metatamorphic viruses with built-in buffer overflow. Completed Spring 2010.
      
      
  42. D. Radhakrishnan, Approximate disassembly. Completed Spring 2010.
      
      
  43. D. Lin, Hunting for undetectable metamorphic viruses. Completed Spring 2010.
      
      
  44. T. Aulakh, Intrusion detection and prevention system—CGI attacks. Completed Fall 2009.
      
      
  45. T. Cipresso, Software reverse engineering education. Completed Spring 2009.
      
      
  46. S. Samptur, Scalable end-to-end available bandwidth inference based on node-centric clusters. Completed Spring 2009.
      
      
  47. E. Benjamin, UNDO: A system for neutralizing nuisance attacks. Completed Spring 2010.
      
      
  48. J. Krishnaswamy, Wormulator: Simulator for rapidly spreading malware. Completed Fall 2009.
      
      
  49. G. Gokhale, WiSeNetor: A scalable wireless sensor network simulator. Completed Spring 2010.
      
      
  50. S. Govindaraj, Practical detection of metamorphic computer viruses. Completed Fall 2008.
      
      
  51. A. Panicker, Botnets and distributed denial of service attacks. Completed Fall 2008.
      
      
  52. P. Desai, Towards an undetectable computer virus. Completed Fall 2008.
      
      
  53. P. Basavaraju, Heuristic-search cryptanalysis of the Zodiac 340 cipher. Completed Fall 2009.
      
      
  54. V. Pandya, iPhone security analysis. Completed Spring 2008.
      
      
  55. H. Kwong, Cryptanalysis of the Sigaba cipher. Completed Fall 2008.
      
      
  56. A. Venkatesan, Code obfuscation and metamorphic virus detection. Completed Spring 2008.
      
      
  57. E. Patil, Analysis of rxbot. Completed Spring 2009.
      
      
  58. J. Morparia, P2P botnet analysis and detection. Completed Fall 2008.
      
      
  59. T. Dao, Analysis of the Zodiac 340-cipher. Completed Fall 2007.
      
      
  60. Y. Zhang, Single sign-on web portal based on Kerberos. Completed Spring 2008.
      
      
  61. S. McGhee, Pairwise alignment of metamorphic computer viruses. Completed Fall 2007.
      
      
  62. S. Attaluri, Profile hidden Markov models for metamorphic virus analysis. Completed Fall 2007.
      
      
  63. R. Philip, Securing wireless networks from ARP cache poisoning. Completed Spring 2007.
      
      
  64. K. V. Nguyen, Secure P2P transactions using a hierarchical TTP system. Completed Spring 2007.
      
      
  65. R. Venkataramu, Analysis and enhancement of Apple's Fairplay digital rights management. Completed Spring 2007.
      
      
  66. W. O. Chan, Cryptanalysis of SIGABA. Completed Spring 2007.
      
      
  67. S. S. Kim, Geometry-based detection of flash worms. Completed Fall 2006.
      
      
  68. P. Priyadarshini, P2PRM: a peer-to-peer rights management system. Completed Fall 2006.
      
      
  69. H.-H. Lee, P3P privacy enhancing agent. Completed Fall 2006.
      
      
  70. C. S. Lee, Bluetooth security protocol analysis and improvements. Completed Spring 2006.
      
      
  71. W. Wong, Analysis and detection of metamorphic computer viruses. Completed Spring 2006.
      
      
  72. J. Dai, QuickPay: an online payment protocol. Completed Spring 2006.
      
      
  73. M. Simova, Stealthy ciphertext. Completed Spring 2005.
      
      
  74. A. Mathur, Incorporating RBAC into the JXTA peer-to-peer infrastructure. Completed Spring 2005.
      
      
  75. J. Yang, APTPFS: anonymous peer-to-peer file sharing. Completed Spring 2005.
      
      
  76. X. Gao, Metamorphic software for buffer overflow mitigation. Completed Spring 2005.
      
      
  77. A. Hushyar, Network traffic clustering and visualization. Completed Fall 2009.
      
      
  78. N. D. Kashyap, A meaningful MD5 collision attack. Completed Fall 2006.
      
      
  79. T. T. Tsai, Hidden Markov model for text analysis. Completed Fall 2004.
      
      
  80. S. Thaker, Software watermarking via assembly code transformations. Completed Spring 2004.
      
      
  81. T. Tran, Document builder. Completed Spring 2010.
      
      
  82. S. Marwani, ARP cache poisoning detection and prevention. Completed Fall 2003.
      
      
  83. S. Parihar, Fraud tolerant distributed computing. Completed Fall 2003.
      
      
  84. D. Holankar, Streaming media security using digital rights management. Completed Spring 2004.
      
      
  85. K. Skachkov, Tamper-resistant software: design and implementation. Completed Fall 2003.
      
      
  86. P. Mishra, A taxonomy of software uniqueness transformations. Completed Fall 2003.
      
      
• Undergraduate
  
  
  1. T. Braginets, Cryptanalysis of the Zodiac 340 cipher, Spring 2012.
     
     
  2. P. Towyenis, SRE exercises based on an online game, 2009–2010.
     
     
  3. E. Bongso, A. Khera, F. Negandhi, and S. Quintero, Flash worm detection, 2007–2008.
     
     
  4. T. Stehle, Analysis of viruses that carry their metamorphic engine, Spring 2007.
     
     
  5. Y. Li, Anomaly based detection of flash worms, Fall 2005.
     
     
  6. T. Dao, Purple cipher: simulation and improved hill climb attack, Fall 2005.
     
     
  7. T. Nikl, Flash worm simulation and detection, Spring 2005.
     
     
  8. J. Olsen, Spyware detection for Mac OS X, Spring 2005.
     
     
  9. E. Le, A linguistic analysis of Hamptonese, Spring 2005.
     
     
  10. H. Ghorbani-Moghaddam, DNA sequence alignment, Fall 2003.
      
      
  11. E. Le, A hidden Markov model analysis of Hamptonese, Summer 2003.

1. Efficient cryptanalysis of homophonic substitution ciphers, 2011.
   
   
2. A revealing introduction to hidden Markov models, 2004.
   
   
3. Once upon a time-memory tradeoff, 2003.
   
   
4. Pokémon^® trading card sequences, with A. E Stamp, 2002.