I am a professor for Software Security in the Faculty of Computer Science at Ruhr-University Bochum (RUB) in Bochum, Germany.

My research focuses on software and Internet security, including vulnerability discovery and mitigation, how software is being deployed and used, and how it affects security and privacy on the Internet. That is, through my work, I aim to improve the security and privacy of networked software systems. For example, this includes identifying and preventing large-scale Internet abuse, discovering and defending against new attacks (on applications or enabled by network and protocol interactions), and developing techniques to conduct security-relevant measurements (like enabling Internet-wide measurements for IPv6; or, investigating how new security features affect the Internet at large). Sometimes, I dabble in related topics, like understanding security misconfigurations, or governance and policy.

I am an advocate for open science and open code/data because it is crucial to improve the reproducibility of research. The GitHub organization for my research group at RUB is rub-softsec. Some of my earlier research is available through the GitHub repositories of the UCSB SecLab and the UChicago NOISE Lab, where I spent some time in my academic career.

When time permits, which is admittedly quite rare, I enjoy participating in Security Capture the Flag competitions with Shellphish. Previously, I won third place with the Shellphish CGC team in the autonomous DARPA Cyber Grand Challenge.

My full academic CV is available here.

For more details or if you have any questions, please send me an email.

My GPG fingerprint is: D875 7632 D7A4 180B E614 C8DE 37FC DD83 88A9 9ED6

Physical Mailing Address: