I am an Associate Professor in the Khoury College of Computer Sciences at Northeastern University. I am a member of the Cybersecurity and Privacy Institute and the Director of the BS in Cybersecurity program in the College.
I am a faculty associate at the Berkman Klein Center for Internet & Society at Harvard University, and an affiliate member of the Center for Law, Innovation and Creativity at Northeastern University School of Law.
My research seeks to investigate the sociotechnical systems that shape our lives using a multi-disciplinary approach. I believe that by increasing transparency we can also improve accountability of these systems. If you're interested in my research, here is a brief video about algorithm auditing, here is a longer video about our investigation of bias in hiring algorithms, and here is a video discussing the role of algorithm auditing in AI regulation.
Along with my co-PIs, I am currently working to launch the National Internet Observatory. This NSF-funded project seeks to gather data about the online habits of a large, representative panel of US residents and then make it available to qualified researchers around the world.
There is growing concern about the impact of powerful, opaque algorithms on our daily lives. In our work, we are focused on auditing algorithms: we use carefully controlled experiments to understand the data and algorithms used by companies, and assess the impact of these algorithms on normal people. Examples of our work include:
This work has appeared in IMC, CSCW, CHI, and WWW. More information, including source code and data, can be found on the project website.
Tracking is ubiquitous on the Web today, and yet we have only the most basic understanding of who collects data about us, and how this data is shared with third-parties. We are currently delving inside the tracking ecosystem to answer these questions, including:
Public Key Infrastructure is the root of trust and security on the internet.Prominent examples include the SSL/TLS and DNSSEC PKIs. However, recent events like the Heartbleed vulnerability have demonstrated that critical PKIs are vulnerable to both software and human-induced failures. We are working to understand the threats to modern PKIs, and develop novel systems to address these challenges. Examples of our research include:
This work has appeared at IEEE S&P, CCS, Usenix Security, and IMC. More information about our SSL/TLS research, including source code and data, can be found on the project website.
In Fall 2022 I will be teaching one section of CS 3700 - Networks and Distributed Systems. In the past I have taught:
My work is currently supported by the National Science Foundation under the following grants:
I recently served as co-General Chair of the Privacy Law Scholars Conference (PLSC) '22. I served as co-Program Committee Chair of the inaugural Fairness, Accountability, and Transparency Conference (FAT*) 2018 (subsequently renamed to ACM FAccT) and I continue to serve on the Steering Committee for FAccT.
Recently, I served on the PETS '22, IEEE S&P '20, and IMC '18 Program Committees. I also regularly present our work to audiences outside academia.