Research

We study network security to make the Internet’s infrastructure more secure, reliable, and resilient.

Our work spans three areas: [1] data-driven security analysis (especially large-scale Internet measurement), [2] protocol design, and [3] threat mitigation.

Data-driven Security Analysis
Data-driven Security Analysis

We conduct large-scale and longitudinal measurements to understand real-world deployment failures and operational risks in Internet security.

Protocol Development and Optimization
Protocol Development and Optimization

We design deployable security mechanisms that improve efficiency while maintaining practical compatibility with today’s Internet infrastructure.

Threat Mitigation
Threat Mitigation

We analyze infrastructure-level attacks and protocol abuse at Internet scale and develop scalable defense mechanisms to improve resilience.


Our broader interest is in identifying and addressing systemic weaknesses that emerge at Internet scale. Much of our recent work has focused on widely deployed security protocols and Internet infrastructure, including (but not limited to):

  • Domain Name System (DNS)
  • Public Key Infrastructure (PKI)
  • Transport Layer Security (TLS)
  • Email security

Overall, we aim to:

  1. (1) Identify systemic vulnerabilities, misconfigurations, and security risks in critical Internet systems
  2. (2) Design deployable, data-driven solutions that improve the Internet’s security, reliability, and resilience