Research

This page lists a few of my major research interests.

 
 
 This is a microscopic image of the magnetic fields present on a magnetic stripe payment card. The spacing between fields can be used to detect counterfeit cards.

This is a microscopic image of the magnetic fields present on a magnetic stripe payment card. The spacing between fields can be used to detect counterfeit cards.

Payment Systems

Electronic payment systems power much of the world's financial infrastructure, including in developing countries where mobile money systems are the only alternative to cash.  As these systems have become more complex, consumers are shouldering more responsibility for their own security.  Our work in this area has not only uncovered major vulnerabilities in software apps; we have developed tools for consumers and merchants to better protect themselves from fraud.


Ransomware

Encrypting ransomware makes a victim's data unreadable unless a ransom is paid.  However, even paying the ransom does not guarantee the return of the files.  This attack results in millions of dollars per year in losses, and while most common advice is to avoid paying the attackers, often this is the only way to recover the data.  Our research has uncovered the basic principles that all ransomware must follow and produced a defense that relies on the changes in files rather than properties of the malware.  This work resulted in University of Florida's first cybersecurity startup, CryptoDrop.  

 Many ransomware defenses rely on known patterns of file access. We measured the file access patterns of hundreds of samples and some (as shown above) access files in unexpected ways. The shaded nodes in this figure show directories where a ransomware sample first accessed files.

Many ransomware defenses rely on known patterns of file access. We measured the file access patterns of hundreds of samples and some (as shown above) access files in unexpected ways. The shaded nodes in this figure show directories where a ransomware sample first accessed files.