Last updated: 9/1/2017

Applied Computer Vision: I spoke at GTC 2017 about the Computer Vision program at Innit and gave an interview about using AI in the kitchen (in a time when most attention is focused on self-driving cars).

Neuroscience Meets Cryptography: USENIX Security 2012 paper on designing security primitives resistant to user coercion (a.k.a. "rubber hose cryptanalysis").

Secure Embedded Web Servers: USENIX Security 2011 paper about an Android web server designed with security in mind; a continuation of our earlier embedded web interface security project

Mobile ASLR: WISEC 2011 paper about Address Space Layout Randomization (ASLR) for mobile devices which requires no kernel changes in the system; in addition, we discuss Crash Stack Analysis: a novel technique for centrally identifying ASLR brute-forcing attacks

Cheap Smartphone Unlock Tokens: HOTMOBILE 2011 paper and slides about MagKey and MicKey: experimental hardware authentication tokens using a smartphone's compass and microphone as receivers; the main advantages of the design are low cost (less than $1 per token) and low power consumption, as well as broad applicability to existing smartphones

Web Security Education: CSET 2010 paper about Webseclab, a web security education tool I helped create

Password Management: ESORICS 2010 paper about designing loss-resistant password managers; the high-order bit: it is hard to make security work around irrational human beings; the original publication will appear in the conference proceedings, at

Insecurity of Embedded Web Interfaces: CCS 2009 paper and slides about XCS vulnerabilities and SiteFirewall, a Firefox extension that prevents XCS attacks from running to completion (this work was also featured in "Communications of the ACM", August 2010, Vol.53, No.8) (also see this BlackHat USA 2009 briefing on the same topic)

Modular Reconfigurable Robots: ICMAS 2000 paper on Multi-agent Control of Emergent Behaviors and ICRA 2000 paper on Emergent Structures in Modular Self-reconfigurable Robots