`
`Associate Professor
`Co-Director, Florida Institute for Cybersecurity (FICS) Research
`
`Department of Computer & Information Science & Engineering
`University of Florida
`E301 CSE Building, PO Box 116120
`Gainesville, FL 32611 USA
`traynor@cise.ufl.edu
`http://www.cise.ufl.edu/∼traynor
`
`Printed: November 1, 2017
`
`Modified: November 1, 2017
`
`Page 1 of 41
`
`IA1028
`
`Page 1 of 41
`
`
`
`Table of Contents
`
`EDUCATIONAL BACKGROUND
`
`EMPLOYMENT HISTORY
`
`CURRENT FIELDS OF INTEREST
`
`I. TEACHING
`.
`.
`.
`.
`.
`.
`.
`.
`A. Courses Taught
`.
`.
`.
`.
`B.
`Continuing Education .
`.
`.
`C. Curriculum Development .
`D.
`Individual Student Guidance .
`E.
`Teaching Honors and Awards
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`F.
`
`.
`
`4
`
`4
`
`4
`
`6
`6
`6
`6
`7
`11
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`II. RESEARCH AND CREATIVE SCHOLARSHIP
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`A.
`Thesis .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`B.
`Published Journal Papers (Refereed) .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`C.
`Published Books and Parts of Books .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`D.
`Edited Proceedings
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`E.
`Conference Presentations .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`E.1.
`Conference Presentations with Proceedings (Refereed) .
`E.2.
`Conference Presentations with Proceedings (Non-Refereed) .
`E.3.
`Conference Presentations without Proceedings
`.
`.
`.
`.
`.
`.
`.
`.
`.
`Other .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.1.
`Submitted Journal Papers
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.2.
`Refereed Research Reports .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.3.
`Software .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.4.
`Published Papers (Non-Refereed) .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.5.
`Books in Preparation .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.6. Workshops and External Courses .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`G. Research Proposals and Grants (Principal Investigator) .
`.
`.
`.
`.
`.
`.
`.
`H. Research Proposals and Grants (Contributor)
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`I.
`Research Honors and Awards
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`III.SERVICE
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`A.
`Professional Activities .
`A.1. Memberships and Activities in Professional Societies .
`A.2.
`Conference Committee Activities .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`B. On-Campus Committees .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`B.1.
`University of Florida .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`B.2.
`Georgia Tech .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`Special Assignments .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`C.
`Ph.D. Examining Committees
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`D.
`External Member of M.S. Examining Committee .
`.
`.
`.
`.
`.
`.
`.
`E.
`Consulting and Advisory Appointments .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`F.
`G. Civic Activities .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`IV. NATIONAL AND INTERNATIONAL PROFESSIONAL RECOGNITION
`A. Honors and Awards .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`B.
`Invited Conference Session Chairmanships .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`C.
`Professional Registration .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`D.
`Patents
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`E.
`Editorial and Reviewer Work for Technical Journals and Publishers .
`.
`F.
`Expert Witness Services .
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`V. OTHER CONTRIBUTIONS
`A.
`Seminar Presentations (Invited Papers and Talks at Meetings and Symposia) .
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`.
`
`.
`.
`.
`.
`.
`.
`
`.
`
`12
`12
`12
`13
`14
`14
`14
`18
`18
`18
`18
`18
`18
`18
`18
`19
`19
`21
`22
`
`23
`23
`23
`23
`24
`24
`24
`25
`25
`28
`29
`29
`
`30
`30
`30
`30
`30
`31
`33
`
`34
`34
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 2 of 41
`
`IA1028
`
`Page 2 of 41
`
`
`
`B.
`
`Special Activities .
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`.
`
`37
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 3 of 41
`
`IA1028
`
`Page 3 of 41
`
`
`
`EDUCATIONAL BACKGROUND
`Degree
`Year University
`
`Ph.D.
`
`M.S.
`
`B.S.
`
`2008 Pennsylvania State University
`State College, PA
`Dissertation: Characterizing the Impact of
`Ridigity on the Security of Cellular
`Telecommunications Networks
`Advisors: Thomas F. La Porta and Patrick
`D. McDaniel
`
`2004 Pennsylvania State University
`State College, PA
`
`2002 University of Richmond
`Richmond, VA
`Minors: Biology, Business Admin
`
`Field
`
`Computer Science & Engineering
`
`Computer Science & Engineering
`
`Computer Science
`
`EMPLOYMENT HISTORY
`
`Title
`
`Organization
`
`Years
`
`Associate Professor
`
`University of Florida
`
`August 2014–Present
`
`Associate Professor
`
`Georgia Institute of Technology
`
`March 2014–August 2014
`
`Assistant Professor
`
`Georgia Institute of Technology
`
`2008–March 2014
`
`Research Assistant
`
`Pennsylvania State University
`
`Teaching Assistant
`
`Pennsylvania State University
`
`2004–2008
`
`2004
`
`CURRENT FIELDS OF INTEREST
`
`My research focuses on the security of cellular/telephony networks and mobile systems. The security of
`these systems generally relies on their closed nature and trust in the honest behavior of users. However,
`with the recent disintegration of these assumptions and with over than six billion subscribers around the
`world, cellular and mobile systems represent the next great expansion in global critical infrastructure and,
`because of their unique characteristics, require new and different approaches to security.
`Recognizing this, my research focuses on three specific themes: (1) developing efficient techniques to
`allow telephony providers and customers to authenticate the origin of incoming calls; (2) measuring and
`improving the security of emerging mobile financial systems and (3) efficient and strong privacy-preserving
`techniques for mobile devices.
`This work is guided by the idea that the meeting of smart networks and smart devices, a scenario
`not seen in the traditional Internet, can lead to significant improvements in the security of users and the
`availability and integrity of services. I have a strong interest in solutions that can be deployed in both
`the short and long terms, and am actively engaging both industry and government in this capacity. My
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 4 of 41
`
`IA1028
`
`Page 4 of 41
`
`
`
`research, if successful, will help to not only improve the general security of networked devices, but also
`to maintain the historical reliability of telephony networks as they become the dominant digital access
`technology.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 5 of 41
`
`IA1028
`
`Page 5 of 41
`
`
`
`I. TEACHING
`
`A. Courses Taught
`
`Quarter/Year Course Number & Title
`
`Number of
`Students Comments
`
`Fall 2016
`Spring 2016
`Spring 2015
`Fall 2014
`Spring 2014
`Fall 2013
`Spring 2013
`
`Fall 2012
`
`Spring 2011
`Fall 2011
`
`Spring 2011
`
`Fall 2010
`
`Fall 2009
`Spring 2009
`Fall 2008
`
`CNT 5410 Computer and Network Security
`CNT 5410 Computer and Network Security
`CNT 5410 Computer and Network Security
`CNT 5410 Computer and Network Security
`CS 6262 Network Security
`CS 3251 Computer Networks I
`CS 6262 Network Security
`CS 8001 Information Security Seminar
`CS 8803 Cellular & Mobile Network Security
`CS 8001 Information Security Seminar
`CS 8001 Information Security Seminar
`CS 6262 Network Security
`CS 8001 Information Security Seminar
`CS 3251 Computer Networks I
`CS 8001 Information Security Seminar
`CS 8803/4803 Cellular & Mobile Network Security
`CS 8001 Information Security Seminar
`CS 6262 Network Security
`CS 3251 Computer Networks I
`CS 8003 Destructive Research
`
`60 New Topics
`13 New Topics
`12 New Topics
`30 New Course
`55 New Projects
`73 Expanded Syllabus
`65 All New Projects
`20 New Speakers
`17 New Topics
`20 New Speakers
`20 New Speakers
`27 Expanded Syllabus
`35 New Speakers
`61 Expanded Syllabus
`20 New Speakers
`16 New Course
`31 New Speakers
`55 Expanded Syllabus
`45 Expanded Syllabus
`10 New Course
`
`Guest lecturer for CS 4235 (Introduction to Information Security) and CS 8803 (e-Democracy) in Fall 2008.
`Advised ECE 4811/CS 4802 (Vertically Integrated Project) with Ed Coyle
`
`B. Continuing Education
`
`None.
`
`C. Curriculum Development
`
`CS 8803 Cellular and Mobile Network Security: Fall 2010. Developed an entirely new course around
`security issues facing cellular and mobile networks. Students learned about wireless basics, spectrum is-
`sues, core network architectures (GSM, ISDN, IMS, SIP), air interfaces (GSM, 3G), mobility management,
`authentication, mobile phone operating systems (Android, iPhone), Android security, congestion and de-
`nial of service, privacy and eavesdropping. Students also complete a research project and aim towards
`publishing this work at a major venue. My aim is for this class to become part of the regular offering of se-
`curity courses and receive a non-8803 number. Semester projects were also judged and encouraged using a
`“venture capital” model, in which students had to pretend as if they were pitching their ideas for a start-up
`company to potential investors.
`
`CS 6262 Network Security: Fall 2009. Totally rewrote the syllabus and slide material, giving the class its
`first major overhaul in a number of years. While many old themes remain, new lecture blocks including
`Web Security, Cellular Security and Social Engineering were developed from scratch. This new course
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 6 of 41
`
`IA1028
`
`Page 6 of 41
`
`
`
`material was made available to all other faculty members teaching this class, who have since used my
`slides and syllabus.
`
`CS 3251 Computer Networks I: Spring 2009. Modified undergraduate networking course to include a
`persistent focus on security at all layers of the protocol stack. I have also created new lectures focusing on
`the physical layer and cellular networks and new exams to include all of the abovementioned changes.
`
`CS 8803 Destructive Research: Fall 2008. Developed course based around understanding how so-called
`secure systems have been defeated by attackers. With such knowledge, students would have the context to
`develop the next generation of more secure systems. I delivered more than 1/3 of the lectures in this sem-
`inar course and paid special focus on vulnerabilities in cellular networks, analog telecommunications and
`electronic voting. Students were also instructed on techniques for performing research, writing technical
`papers and making conference and lecture-style presentations. I have offered these slides to future 7001
`classes to help impact a wider audience.
`
`D.
`
`Individual Student Guidance
`
`1. Research Scientists Supervised
`
`None.
`
`2. Ph.D. Students Supervised
`
`Hadi Abdullah University of Florida
`Fall 2016–Present
`Investigating problems of cellular and network security.
`
`Chaitrali Amrutkar Georgia Institute of Technology
`Fall 2009–Fall 2013
`Her research discovered vulnerabilities in mobile web browsers and developed techniques to de-
`tect malicious mobile web pages. Joined Oracle in Spring 2014.
`
`Logan Blue University of Florida
`Fall 2016–Present
`Investigating problems of cellular and network security.
`
`Jasmine Bowers University of Florida
`Fall 2015–Present
`Her research focuses on mobile applications, and the development of tools for building secure
`systems.
`
`Henry “Hank” Carter Georgia Institute of Technology
`Fall 2010–Spring 2016
`Developing techniques for secure function evaluation for privacy-preserving applications on con-
`strained mobile devices. Now: Assistant Professor, Villanova University
`
`Saurabh Chakradeo Georgia Institute of Technology
`Fall 2010–Spring 2013
`Research exploring malicious mobile applications. Left to join Facebook.
`
`Italo Dacosta Georgia Institute of Technology
`Fall 2008–Summer 2012
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 7 of 41
`
`IA1028
`
`Page 7 of 41
`
`
`
`Co-advised with Mustaque Ahamad. Research on scaling performance of SIP network compo-
`nents. Graduated Summer 2012, currently research scientist at EPFL.
`
`David Dewey Georgia Institute of Technology
`Fall 2011–Present
`Investigated compiler techniques to remove software vulnerabilities from code.
`
`Chaz Lever Georgia Institute of Technology
`Fall 2011–Spring 2014
`Developing techniques to measure the spread of malware in cellular networks. Left Georgia Tech
`to create a startup.
`
`Frank Park Georgia Institute of Technology
`Fall 2008–Spring 2010
`Research on multi-factor authentication using cellular phones. Left program after failing compre-
`hensive exam.
`
`Christian Peeters University of Florida
`Fall 2016–Present
`Develop strong authentication techniques for cellular networks.
`
`Brad Reaves University of Florida
`Fall 2014–Present
`Develop strong authentication techniques for cellular networks. Previously my Ph.D. student at
`Georgia Tech.
`
`Nolen Scaife University of Florida
`Fall 2014–Present
`Developing techniques for mitigation of retail fraud.
`
`Ferdinand Schober Georgia Institute of Technology
`Fall 2009–Summer 2010
`Developing mechanisms for smart networks and smart mobile devices to fight infection and pro-
`vide remote remediation. Returned to Microsoft.
`
`Luis Vargas University of Florida
`Fall 2016–Present
`Developing techniques for network-based detection and mitigation of malware in a healthcare
`environment.
`
`3. Ph.D. Special Problems Students
`
`Brendan Dolan-Gavitt Georgia Institute of Technology
`Spring 2009
`Research on using kernel type graphs to detect dummy structures.
`
`Eric (Yu) Liu Georgia Institute of Technology
`Fall 2008
`Research on the spread of malcode through cellular infrastructure.
`
`4. M.S. Students Supervised
`
`Chaitrali Amrutkar Georgia Institute of Technology
`Fall 2008–Spring 2009
`Research on improving performance of security critical functions in IMS cellular core. Completed
`her Ph.D with me at GT.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 8 of 41
`
`IA1028
`
`Page 8 of 41
`
`
`
`Logan Blue University of Florida
`Fall 2015–Spring 2016
`Investigated problems of cellular and network security.
`
`David Dewey Georgia Institute of Technology
`Fall 2009–Spring 2010
`Research on security issues caused by transitive trust assumptions in the Windows COM infras-
`tructure. Completed his Ph.D. with me at GT.
`
`Christopher Grayson Georgia Institute of Technology
`Fall 2012–Fall 2013
`Developed continuous authentication mechanisms using the multitude of sensors available on a
`mobile phone. Now at Bishop Fox Consulting (industry).
`
`Young Seuk Kim Georgia Institute of Technology
`Fall 2012–Fall 2013
`Performed research that compared the security vulnerabilities found in the traditional and mobile
`web.
`
`Daniel Komaromy Georgia Institute of Technology
`Fall 2008–Summer 2009
`Research on building a real-time streaming audio system using attribute-based crypto for broad-
`cast encryption.
`
`Nigel Lawrence Georgia Institute of Technology
`Fall 2011–Spring 2012
`Discovered hijacking attacks in SNMPv3, a widely used and thought to be secure network man-
`agement protocol. Now at Solute (industry).
`
`Philip Marquardt Georgia Institute of Technology
`Fall 2009–Present
`Research on developing an iPhone application to prevent individuals from being profiled by Shop-
`per Loyalty Programs. First with MIT Lincoln Labs, now with Raytheon SI.
`
`Rishikesh Naik Georgia Institute of Technology
`Fall 2008–Spring 2010
`Research on converting expensive cryptographic primitives (e.g., Secure Function Evaluation) into
`efficient applications for mobile phones. Now with Cisco Systems.
`
`Ashish Nautiyal CISE
`Fall 2015–Spring 2016
`Research on connecting telephone calls to the larger authentication infrastructure.
`
`Nilesh Nipane Georgia Institute of Technology
`Fall 2008–Spring 2010
`Research on creating provably anonymous networks on a base of secure function evaluation. Now
`with VMWare.
`
`Walter “Nolen” Sciafe Georgia Institute of Technology
`Spring 2012–Spring 2014
`Developed the OnionDNS architecture, which prevents domain delisting attacks by leveraging a
`Tor hidden service.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 9 of 41
`
`IA1028
`
`Page 9 of 41
`
`
`
`5. M.S. Special Problems Students
`
`Siddhant Deshmukh University of Florida
`Fall 2016–Present
`Developed tools for analysis of mobile digital financial services.
`
`Chinmay Gangakhedkar Georgia Institute of Technology
`Spring 2009
`Research on multi-factor authentication using mobile phones.
`
`Christopher Grayson Georgia Institute of Technology
`Spring 2013
`Research on continuous authentication using mobile phones.
`
`Aarushi Karnany University of Florida
`Fall 2016–Present
`Developed tools for analysis of mobile digital financial services.
`
`Rohit Matthews Georgia Institute of Technology
`Spring 2011
`Developed mobile phone-based tools for measuring performance and reachability throughout the
`Internet.
`
`Ashwin Narasimhan Georgia Institute of Technology
`Spring 2009
`Research on developing efficient security mechanisms for the IMS cellular core.
`
`Aamir Poonawalla Georgia Institute of Technology
`Spring 2010
`Helped develop a call provenance infrastructure, which included both networking and machine
`learning components. Conference: [14]
`
`Erin Reddick Georgia Institute of Technology
`Fall 2008–Fall 2009
`Research on IPTV security with GTRI.
`
`Lalanthika Vasudevan Georgia Institute of Technology
`Spring 2009
`Research on developing efficient security mechanisms for the IMS cellular core.
`
`6. Undergraduate Special Problems Students
`
`Ethan Shernan Georgia Institute of Technology
`Spring 2014
`Developed an infrastructure for detecting billing bypass fraud attacks.
`
`Young Seuk Kim Georgia Institute of Technology
`Fall 2011–Spring 2012
`Developed a mobile phone application for taking measurements of cellular networks.
`
`Dane Van Dyck Georgia Institute of Technology
`Summer 2009
`Research on virtualization support for mobile phones.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 10 of 41
`
`IA1028
`
`Page 10 of 41
`
`
`
`E. Teaching Honors and Awards
`
`1. Georgia Institute of Technology, CETL “Thanks For Being A Great Teacher” Award, Fall 2013.
`
`2. Georgia Institute of Technology, CETL “Thanks For Being A Great Teacher” Award, Fall 2012.
`
`3. United State Army Signal Corps, “Helmet” Award, 2010.
`
`4. Georgia Institute of Technology, CETL “Thanks For Being A Great Teacher” Award, Spring 2009.
`
`5. Pennsylvania State University CSE Graduate Student Teaching Award, 2005
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 11 of 41
`
`IA1028
`
`Page 11 of 41
`
`
`
`II. RESEARCH AND CREATIVE SCHOLARSHIP
`
`A. Thesis
`
`1. Patrick Gerard Traynor. Characterizing the Impact of Rigidity on the Security of Cellular Telecommuni-
`cations Networks. PhD thesis, The Pennsylvania State University, May 2008.
`
`B. Published Journal Papers (Refereed)
`
`1. Nolen Sciafe, Henry Carter, Rachel Jones, Lyrissa Lidsky, and Patrick Traynor. OnionDNS: A
`Seizure-Resistant Top-level Domain. International Journal of Information Security (IJIS), 2017.
`
`2. Bradley Reaves, Jasmine Bowers, Nolen Scaife, Adam Bates, Arnav Bharatiya, Patrick Traynor, and
`Kevin Butler. Mo(bile) Money, Mo(bile) Problems: Analysis of Branchless Banking Applications
`in the Developing World. ACM Transactions on Privacy and Seurity (TOPS), 2017.
`
`3. Henry Carter and Patrick Traynor. OPFE: Outsourcing Computation for Private Function Evalua-
`tion. International Journal of Information and Computer Security (IJICS), 2017.
`
`4. Stephan Heuser, Bradley Reaves, Praveen Kumar Pendyala, Henry Carter, Alexandra Dmitrienko,
`William Enck, Negar Kiyavash, Ahmad-Reza Sadeghi, and Patrick Traynor. Phonion: Practi-
`cal Protection of Metadata in Telephony Networks. Proceedings on Privacy Enhancing Technologies
`(PoPETs), 2017.
`
`5. Bradley Reaves, Jasmine Bowers, Sigmond A. Gorski III, Olabode Anise, Rahul Bobhate, Ray-
`mond Cho, Hiranava Das, Sharique Hussain, Hamza Karachiwala, Nolen Scaife, Byron Wright,
`Kevin Butler, William Enck, and Patrick Traynor. *droid: Assessment and Evaluation of Android
`Application Analysis Tools. ACM Computing Surveys (CSUR), 2016.
`
`6. Chaitrali Amrutkar, Young Seuk Kim, and Patrick Traynor. Detecting Mobile Malicious Webpages
`in Real Time. IEEE Transactions on Mobile Computing (TMC), To Appear 2016.
`
`7. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Outsourcing Secure Two-Party
`Journal of Security and Communication Networks (SCN), To Appear
`Computation as a Black Box.
`2016.
`
`8. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Secure Outsourced Garbled
`Circuit Evaluation for Mobile Devices. Journal of Computer Security (JCS), 24(2):137–180, 2016.
`
`9. Adam Bates, Kevin Butler, Micah Sherr, Clay Shields, Patrick Traynor, and Dan Wallach. Ac-
`countable Wiretapping -or- I Know They Can Hear You Now. Journal of Computer Security (JCS),
`23(2):167–195, 2015.
`
`10. Henry Carter, Chaitrali Amrutkar, Italo Dacosta, and Patrick Traynor. For Your Phone Only: Cus-
`tom Protocols for Efficient Secure Function Evaluation on Mobile Devices. Journal of Security and
`Communication Networks (SCN), 7(7):1165–1176, 2014.
`
`11. Chaitrali Amrutkar, Patrick Traynor, and Paul van Oorschot. An Empirical Evaluation of Security
`Indicators in Mobile Web Browsers. IEEE Transactions on Mobile Computing (TMC), 14(5), 2015.
`
`12. Andrew Harris, Seymour Goodman, and Patrick Traynor. Privacy and Security Concerns Associ-
`ated with Mobile Money Applications in Africa. Washington Journal of Law, Technology & Arts, 8(3),
`2013.
`
`13.
`
`Italo Dacosta, Saurabh Chakradeo, Mustaque Ahamad, and Patrick Traynor. One-Time Cookies:
`Preventing Session Hijacking Attacks with Stateless Authentication Tokens. ACM Transactions on
`Internet Technology (TOIT), 12(1), 2012.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 12 of 41
`
`IA1028
`
`Page 12 of 41
`
`
`
`14. Cong Shi, Xiapu Luo, Patrick Traynor, Mostafa Ammar, and Ellen Zegura. ARDEN: Anonymous
`netwoRking in Delay tolErant Networks. Journal of Ad Hoc Networks, 10(6):918–930, 2012.
`
`15. Patrick Traynor. Characterizing the Security Implications of Third-Party EAS Over Cellular Text
`Messaging Services. IEEE Transactions on Mobile Computing (TMC), 11(6):983–994, 2012.
`
`16.
`
`Italo Dacosta, Vijay Balasubramaniyan, Mustaque Ahamad, and Patrick Traynor. Improving Au-
`thentication Performance of Distributed SIP Proxies. IEEE Transactions on Parallel and Distributed
`Systems (TPDS), 22(11):1804–1812, 2011.
`
`17. Patrick Traynor, Chaitrali Amrutkar, Vikhyath Rao, Trent Jaeger, Patrick McDaniel, and Thomas La
`Porta. From Mobile Phones to Responsible Devices. Journal of Security and Communication Networks
`(SCN), 4(6):719 – 726, 2011.
`
`18. Matthew Pirretti, Patrick Traynor, Patrick McDaniel, and Brent Waters. Secure Attribute-Based
`Systems. Journal of Computer Security (JCS), 18(5):799–837, 2010.
`
`19. Patrick Traynor, Kevin Butler, William Enck, Kevin Borders, and Patrick McDaniel. malnets:
`Large-Scale Malicious Networks via Compromised Wireless Access Points. Journal of Security and
`Communication Networks (SCN), 2(3):102–113, 2010.
`
`20. Patrick Traynor. Securing Cellular Infrastructure: Challenges and Opportunities. IEEE Security &
`Privacy Magazine, 7(4), 2009.
`
`21. Kevin Butler, Sunam Ryu, Patrick Traynor, and Patrick McDaniel. Leveraging Identity-based
`IEEE Transactions on Paral-
`Cryptography for Node ID Assignment in Structured P2P Systems.
`lel and Distributed Systems (TPDS), 20(12):1803–1815, 2009.
`
`22. Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Mitigating Attacks On
`IEEE/ACM Transactions on Networking
`Open Functionality in SMS-Capable Cellular Networks.
`(TON), 17(1), 2009.
`
`23. Patrick Traynor, Michael Chien, Scott Weaver, Boniface Hicks, and Patrick McDaniel. Non-
`Invasive Methods for Host Certification. ACM Transactions on Information and System Security (TIS-
`SEC), 2008.
`
`24. Patrick Traynor, William Enck, Patrick McDaniel, and Thomas La Porta. Exploiting Open Func-
`Journal of Computer Security (JCS), 16(6):713–742,
`tionality in SMS-Capable Cellular Networks.
`2008.
`
`25. Patrick Traynor, Raju Kumar, Heesook Choi, Sencun Zhu, Guohong Cao, and Thomas La Porta.
`Efficient Hybrid Security Mechanisms for Heterogeneous Sensor Networks. IEEE Transactions on
`Mobile Computing (TMC), 6(6), 2007.
`
`C. Published Books and Parts of Books
`
`1. Andrew Harris, Frank S. Park, Seymour Goodman, and Patrick Traynor. Emerging Privacy and
`Security Concerns for Digital Wallet Deployment. Privacy in America: Interdisciplinary Perspectives.
`Scarecrow Press, July 2011.
`
`2. Kevin Butler, William Enck, Patrick Traynor, Jennifer Plasterr, and Patrick McDaniel. Privacy Pre-
`serving Web-Based Email. Algorithms, Architectures and Information Systems Security, Statistical
`Science and Interdisciplinary Research. World Scientific Computing, November 2008.
`
`3. Patrick Traynor, Patrick McDaniel, and Thomas La Porta. Security for Telecommunications Networks.
`Number 978-0-387-72441-6 in Advances in Information Security Series. Springer, August 2008.
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 13 of 41
`
`IA1028
`
`Page 13 of 41
`
`
`
`D. Edited Proceedings
`
`None.
`
`E. Conference Presentations
`
`E.1. Conference Presentations with Proceedings (Refereed)
`
`1. Christian Peeters, Hadi Abdullah, Nolen Scaife, Jasmine Bowers, Patrick Traynor, Bradley Reaves,
`and Kevin Butler. Sonar: Detecting SS7 Redirection Attacks Via Call Audio-Based Distance Bound-
`ing. In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2018. (Acceptance Rate:
`TBA).
`
`2. Tyler Ward, Joseph Choi, Kevin Butler, John M. Shea, Patrick Traynor, and Tan Wong. Privacy
`Preserving Localization Using a Distributed Particle Filtering Protocol. In IEEE MILCOM, 2017.
`(Acceptance Rate: 56%).
`
`3. Bradley Reaves and Logan Blue and Hadi Abdullah and Luis Vargas and Patrick Traynor and
`Thomas Shrimpton. AuthentiCall: Efficient Identity and Content Authentication for Phone Calls.
`In Proceedings of the USENIX Security Symposium (SECURITY), 2017. (Acceptance Rate: 16.3%).
`
`4.
`
`Jasmine Bowers and Bradley Reaves and Imani N. Sherman and Patrick Traynor and Kevin Butler.
`Regulators, Mount Up! Analysis of Privacy Policies for Mobile Money Applications. In Proceedings
`of the USENIX Symposium on Usable Privacy and Security (SOUPS), 2017. (Acceptance Rate: 26.5%).
`
`5. Bradley Reaves, Logan Blue, and Patrick Traynor. AuthLoop: End-to-End Cryptographic Au-
`thentication for Telephony over Voice Channels. In Proceedings of the USENIX Security Symposium
`(SECURITY), 2016. (Acceptance Rate: 15.5%).
`
`6. Dave Tian, Nolen Scaife, Adam Bates, Kevin Butler, and Patrick Traynor. Making USB Great Again
`with USBFILTER. In Proceedings of the USENIX Security Symposium (SECURITY), 2016. (Acceptance
`Rate: 15.5%).
`
`7. Bradley Reaves, Dave Tian, Logan Blue, Patrick Traynor, and Kevin Butler. Detecting SMS Spam in
`the Age of Legitimate Bulk Messaging. In Proceedings of the ACM Conference on Security and Privacy
`in Wireless and Mobile Networks (WiSec), 2016. (Acceptance Rate: 35.0%).
`
`8. Nolen Scaife, Henry Carter, Patrick Traynor, and Kevin Butler. CryptoLock (and Drop It): Stop-
`ping Ransomware Attacks on User Data. In IEEE International Conference on Distributed Computing
`Systems (ICDCS), 2016. (Acceptance Rate: 17.6%).
`
`9. Bradley Reaves, Nolen Scaife, Dave Tian, Logan Blue, Patrick Traynor, and Kevin Butler. Sending
`out an SMS: Characterizing the Security of the SMS Ecosystem with Public Gateways. In Proceed-
`ings of the IEEE Symposium on Security and Privacy (S&P), 2016. (Acceptance Rate: 13.0%).
`
`10. Benjamin Mood, Debayan Gupta, Henry Carter, Kevin Butler, and Patrick Traynor. Frigate: A Val-
`idated, Extensible, and Efficient Compiler and Interpreter for Secure Computation. In Proceedings
`of the IEEE European Symposium on Security and Privacy, 2016. (Acceptance Rate: 17.3%).
`
`11. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Outsourcing Secure Two-Party
`Computation as a Black Box. In Proceedings of the International Conference on Cryptology and Network
`Security, 2015. (Acceptance Rate: 52.9%).
`
`12. Nolen Sciafe, Henry Carter, and Patrick Traynor. OnionDNS: A Seizure-Resistant Top-level Do-
`main. In Proceedings of the IEEE Conference on Communications and Network Security (CNS), 2015.
`(Acceptance Rate: 28.1%).
`
`Patrick Traynor
`
`Curriculum Vitae – External
`
`Page 14 of 41
`
`IA1028
`
`Page 14 of 41
`
`
`
`13. Bradley Reaves, Nolen Scaife, Adam Bates, Patrick Traynor, and Kevin Butler. Mo(bile) Money,
`Mo(bile) Problems: Analysis of Branchless Banking Applications in the Developing World.
`In
`Proceedings of the USENIX Security Symposium (SECURITY), 2015. (Acceptance Rate: 15.7%).
`
`14. Bradley Reaves, Ethan Shernan, Adam Bates, Henry Carter, and Patrick Traynor. Boxed Out:
`Blocking Cellular Interconnect Bypass Fraud at the Network Edge. In Proceedings of the USENIX
`Security Symposium (SECURITY), 2015. (Acceptance Rate: 15.7%).
`
`15. David Dewey, Bradley Reaves, and Patrick Traynor. Uncovering Use-After-Free Conditions In
`Compiled Code. In Proceedings of the International Conference on Availability, Reliability and Security
`(ARES), 2015. (Acceptance Rate: 22%).
`
`16. Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor, and Kevin Butler. More Guidelines Than
`Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations. In Proceedings of the
`International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment (DIMVA),
`2015. (Acceptance Rate: 22.7%).
`
`17. Henry Carter, Charles Lever, and Patrick Traynor. Whitewash: Outsourcing Garbled Circuit Gen-
`eration for Mobile Devices. In Proceedings of the Annual Computer Security Applications Conference
`(ACSAC), 2014. (Acceptance Rate: 19.9%).
`
`18. Henry Carter, Benjamin Mood, Patrick Traynor, and Kevin Butler. Secure Outsourced Garbled Cir-
`cuit Evaluation for Mobile Devices. In Proceedings of the USENIX Security Symposium (SECURITY),
`2013. (Acceptance Rate: 16.2%).
`
`19. Chaitrali Amrutkar, Matti Hiltunen, Shobha Venkataraman, Kaustubh Joshi, Patrick Traynor,
`Trevor Jim, and Oliver Spatscheck. Why is My Smartphone Slow? On The Fly Diagnosis of Poor
`Performance on the Mobile Internet. In Proceedings of The 43rd Annual IEEE/IFIP International Con-
`ference on Dependable Systems and Networks, 2013. (Acceptance Rate: 19.6%).
`
`20. Saurabh Chakradeo, Brad Reaves, Patrick Traynor, and William Enck. MAST: Triage for Market-
`In Proceedings of the ACM Conference on Security and Privacy in
`scale Mobile Malware Analysis.
`Wireless and Mobile Networks (WiSec), 2013. (Acceptance Rate: 15.0%)(Best Paper).
`
`21. Charles Lever, Manos Antonakakis, Brad Reaves, Patrick Traynor, and Wenke Lee. The Core of
`the Matter: Analyzing Malicious Traffic in Cellular Carriers. In Proceedings of the ISOC Network &
`Distributed System Security Symposium (NDSS), 2013. (Acceptance rate: 18.8%).
`
`22. Chaitrali Amrutkar, Kapil Singh, Arunabh Verma, and Patrick Traynor. VulnerableMe: Measuring
`Systemic Weaknesses in Mobile Browser Security. In Proceedings of the International Conference on
`Informa