Our paper The Danger of Missing Instructions: A Systematic Analysis of Security Requirements for MCPS has been accepted for publication at the 3rd International IEEE/ACM Conference on Connected Health: Applications, Systems and Engineering Technologies: CHASE-MedSPT 2018.

Josephine Lamp, an undergraduate student working under my research mentorship, has accepted a position as a new PhD student at the Department of Computer Science of the University of Virginia. She has been awarded the prestigious and highly-competitive Jefferson Graduate Fellowship, which is given to candidates who demonstrate outstanding achievement and the highest promise as future scholars.

Our paper RiskPol: A Risk Assessment Framework for Preventing Attribute-Forgery Attacks to ABAC Policies has been accepted for publication at the 3rd ACM Workshop on Attribute-based Access Control (ABAC), hosted in conjunction with the 8th ACM Conference on Data and Application Security and Privacy (CODASPY) 2018.

Our paper Mutated Policies: Towards Proactive Attribute-based Defenses for Access Control has been accepted for publication at the 2017 Workshop on Moving Target Defense, hosted in conjunction with the 2017 ACM Conference on Computer and Communications Security (CCS).

Research Interests

My research interests lay at the intersection of Computer Security and Software Verification and Validation. Concretely, I have experience on the development of techniques for verifying the correct implementation of access control models at the source-code level using formal specifications. Recently, I have also explored approaches for enhancing the cybersecurity protection of mission-critical Energy Delivery Systems (EDS), by means of security assessment and monitoring techniques.

Current Affiliation

sefcom-gray I am currently affiliated with the Center for Cybersecurity and Digital Forensics, (CDF), as well as with the Laboratory of Secure Engineering for Future Computing (SEFCOM), which are directed by Dr. Gail-Joon Ahn, Dr. Adam Doupé and Dr. Ziming Zhao at Arizona State University. Our work focuses on a variety of topics related to computer security: access control, digital forensics, security for mobile frameworks (Android), moving target defense, etc., and has been sponsored by the US National Science Foundation, the US Department of Energy, Bank of America, Microsoft, Google, CISCO, among others. I am also a member of the Cyber Resilient Energy Delivery Consortium (CREDC), a multi-disciplinary and multi-organizational effort for protecting the mission-critical cyber-infrastructure of Energy Delivery Systems (EDS) against security vulnerabilities and threats.


Teaching Experience