Current Research

Oak Ridge National Laboratory: I am currently working on automating host-based digital forensic analysis by differentiating states of endpoints over time, developing new techniques for user behavioral anomaly detection across large-scale networks of diverse end users, and investigating the current state of vehicle security.

University of Tennessee Computer Security Laboratory: My current focus is on enhancing the resiliency of the current internet routing infrastructure against large-scale attacks (such as the recent DDoS attack on DynDNS from the Mirai botnet) and reducing inclement network “weather” by utilizing novel techniques that manipulate the behavior of existing inter-AS routing protocols like BGP.

Future Research and Collaboration

I am deeply interested in conducting research in applying the more recent and ongoing advances in machine learning and artificial intelligence to the domain of cyber security, starting with simply exploring the effectiveness of existing ML algorithms on a variety of security data (TCP/IP, Software Defined Radio, host logs, network logs, vehicle communications, etc.).

I am also interested in exploring novel ways to enhance and/or break current privacy and censorship-circumvention mechanisms, including investigating the effects of ongoing government regulation and policies on Internet privacy.

Finally, I am interested in applying existing bodies of research in security and developing new techniques to protecting the vast amounts of “Internet of Things” devices we are putting on the public internet every day. We seem to be repeating the mistakes of the 1990’s in terms of leaving vital products prone to simple flaws, and I believe there is much work to be done, both technical and political, to enhance the protection of the increasing amount of consumer and industrial-devices on the Internet today.


  • Internet Routing Security and DDoS
  • Internet Privacy and Censorship
  • Applying Machine Learning to Cyber Security
  • Host and Network Digital Forensics
  • Critical Infrastructure and IoT Security
  • Automated Malware Analysis Techniques


I collaborate extensively with a number of entities academia, government, and industry, ranging from the Intelligence Community (U.S. Department of Homeland Security, FBI, and NSA) to Universities and Research Institutions (UTK, MIT Lincoln Lab, Sandia National Laboratory, MITRE, WPI) to private companies and organizations (Cisco Systems, Inc.). I am always looking for new collaborators. Please reach out to me on the contact page if you are interested in connecting.