This page lists a few of my major research interests.
Electronic payment systems power much of the world's financial infrastructure, including in developing countries where mobile money systems are the only alternative to cash. As these systems have become more complex, consumers are shouldering more responsibility for their own security. Our work in this area has not only uncovered major vulnerabilities in software apps; we have developed tools for consumers and merchants to better protect themselves from fraud.
Encrypting ransomware makes a victim's data unreadable unless a ransom is paid. However, even paying the ransom does not guarantee the return of the files. This attack results in millions of dollars per year in losses, and while most common advice is to avoid paying the attackers, often this is the only way to recover the data. Our research has uncovered the basic principles that all ransomware must follow and produced a defense that relies on the changes in files rather than properties of the malware. This work resulted in University of Florida's first cybersecurity startup, CryptoDrop.