I am an Associate Professor in the College of Computer and Information Science at Northeastern University. I am a member of the Cybersecurity and Privacy Institute and the Director of the BS in Cybersecurity program in the College.
My research lies at the intersection of Big Data, security, and privacy. It draws on methods from computer, social, political, and economic sciences.
There is growing concern about the impact of powerful, opaque algorithms on our daily lives. In our work, we are focused on auditing algorithms: we use carefully controlled experiments to understand the data and algorithms used by companies, and assess the impact of these algorithms on normal people. Examples of our work include examining the "Filter Bubble" on Google Search, the geopolitics of online maps, online price discrimination, and Uber's surge price algorithm. Our ultimate goals are to make algorithmic systems more transparent to the public, and to develop tools that help users avoid unwanted or harmful systems. We are also actively collaborating with regulators like the European Commission to turn our research findings into practical policy outcomes.
More information about our algorithmic auditing research, including source code and data, can be found on the project website.
Tracking is ubiquitous on the Web today, and yet we have only the most basic understanding of who collects data about us, and how this data is shared with third-parties. We are currently delving inside the tracking ecosystem to answer these questions, including looking at how information collected about consumers in the offline world gets moved into online contexts. Based on our findings, we plan to empower users with tools to help protect their privacy. Our work on this topic has appeared at Usenix Security.
The SSL/TLS protocol is a critical element of online security that protects everything from online banking to e-commerce to health records. However, recent events like the Heartbleed vulnerability have demonstrated that SSL/TLS is vulnerable to both software and human-induced failures. We are working with researchers at University of Maryland, Duke, and Stanford to understand the threats to SSL/TLS on the modern Web, and develop novel systems to address these challenges. Our work on SSL/TLS has appeared at IMC 2014 and IMC 2015.
More information about our SSL/TLS research, including source code and data, can be found on the project website.
In Spring 2018, I will be teaching CS 2550: Foundations of Cybersecurity. In the past I have taught:
My work is currently supported by the National Science Foundation under the following grants:
In 2018, I am serving as co-General Chair of IMC '18, which will be held at Northeastern. I served as co-PC Chair of the inaugural Fairness, Accountability, and Transparency Conference (FAT*) 2018, and I continue to serve on the Executive Committee for FAT*.
Recently, I served on the WWW '17, IMC '18, and CSCW '18' Program Committees, as co-Chair of the Crowdsourcing Systems and Social Media Track at WWW '16, and on the Senior PC at ICWSM '16 and '17. I also regularly present our work to audiences outside academia.