I'm a Professor of Computer Science at Northeastern University.

I'm also the Senior Associate Dean for Academic Affairs.




177 Huntington Ave
Office 409
Khoury College of Computer Sciences
Northeastern University
Boston, MA 02115
Map Directions

Core Faculty, Cybersecurity and Privacy Institute
Affiliated Faculty, Global Resilience Institute

GPG public key
Google Scholar


My research interests revolve around understanding the security and privacy implications of emerging online services. We're interested in problems including algorithm auditing of large-scale systems, better understanding the (in)security of the SSL ecosystem, and how to better design cloud computing systems to meet end users' needs.

I work in the Networked Systems Research Group at Northeastern, which includes my collaborators Christo Wilson and Dave Choffnes, as well as a group of very talented students.

Our research is generously funded by the National Science Foundation, the Army Reseach Office, Narus, Google, the Data Transparency Lab, and Amazon Web Services.


I have served on the program committees of many conferences, including (most recently) NSDI'15, IMC'15, WWW'16, EuroSys'14, and COSN'15. I was also the Social Networks Track co-Chair for WWW'15, and am a Senior Program Committee Member for ICWSM'16.

I have also served on numerous NSF panels and on the Data Transparency Lab 2015 grant selection committee.


I've taught a number of courses, including CS 2500 Fundamentals of Computer Science 1, CS3700 Networks and Distributed Systems (and its precursor CS3600 Systems and Networks), CS4700/CS5700 Fundamentals of Computer Networks, CS5600 Computer Systems, and CS5750/IS4700 Social Computing.


I'm thrilled to have the opportunity to work with a number of talented students, postdocs, and research scientists. These include my current research scientist Piotr Sapieżyński, as well as Ph.D. students Avijit Ghosh, Muhammad Ali, Lulu Kiffer (co-advised with Rajmohan Rajaraman), and Giridhari Venkatadri.

I also had the pleasure of advising Taejoong Chung (now at Virginia Tech), Bimal Viswanath (co-advised with Krishna P. Gummadi; now at Virgina Tech), Ancsa Hannák (co-advised with David Lazer; now at University of Zurich), Yabing Liu (now at Twitter), Liang Zhang (now at Google), and Arash Molavi Kakhki (co-advised with Dave Choffnes; now at ThousandEyes).


I'm a sucker for nice data visualizations. I've worked on a few using Twitter data, including a visualization of the U.S. mood, and a a map of over 250 million geo-tags.

Active projects

Algorithmic Auditing

Our lives are increasingly influenced by algorithms, from online recommendations to banking decisions and even to predictive policing. While these systems are useful, most of them are "black boxes" with little visibility into how decisions are made, raising concerns of inadvertent discrimination, censorship, and disparate impact.

We are developing techniques to externally audit such systems, allowing policy makers and end users to better understand how input data is used and how it influences the output of these systems. We have successfully applied our techniques to study personalization in Google Search and E-commerce web sites, the surge pricing algorithm of Uber, and algorithmic pricing on the Amazon Marketplace. Our work has received significant press coverage and is funded by the NSF and the Knight Foundation.

SSL Ecosystem

SSL and the PKI secure Internet transactions such as banking, e-mail, and e-commerce by providing trusted identities and private communication. Unfortunately, the PKI that is in-use today is surprisingly brittle, and there have been numerous incidents where SSL certificates have been compromised or the PKI has been mis-managed.

We are trying to better understand the weaknesses of the current PKI, with the goal of developing tools and techniques to improve security for internet users. We have explored how sites (often failed to) respond to the Heartbleed bug and how browsers rarely bother to check the revocation status of certificates. Our work is in collaboration with researchers from Duke, UMD, and Stanford.

Traffic Differentiation

Middleboxes are commonly deployed by ISPs to implement traffic policies such as shaping, proxying, and transcoding. While middleboxes may be used for network management purposes, they may also be applied opaquely to limit access to (or degrade) services which compete with those offered by the network provider.

We are developing tools and techniques to better understand when such middleboxes are deployed, what traffic they are affecting, and what the ISP policies are. We have successfully presented an approach to detect traffic differentiation by mobile networks, and have released the Differentation Detector app to allow users to test their own ISPs.

Previous projects

Cloud Computing

Cloud computing has evolved to meet user demands, from arbitrary VMs offered by IaaS to the narrow application interfaces of PaaS. Unfortunately, there exists an intermediate point that not well met by today's offerings: users who wish to run arbitrary, already available binaries yet expect their applications to be long-lived but mostly idle.

We are exploring an alternative approach for cloud computation based on a process-like abstraction rather than a virtual machine abstraction, thereby gaining the scalability and efficiency of PaaS along with the generality of IaaS. We get the best of both worlds by enabling fast swapping of applications to and from cloud storage (since, by definition, applications are largely idle, we expect them to spend the majority of their time swapped out). Our work is in collaboration with Duke and UMD, and is generously funded by the NSF.

Peer-to-Peer Systems

Peer-to-peer systems offer the potential of failure resilience and organic scalability. However, most peer-to-peer systems have been designed as best-effort services without any strong guarantees of reliability.

We developed a number of approaches to increase the reliability of peer-to-peer systems, including increase autonomy, data resilience, and greater consistency. We demonstrated the appliciability of our techniques by developing and deploying the ePOST email system and reported our experience in using it as our primary email system for six months.

Social Networks

Every second, the thoughts and feelings of millions of people around the world are recorded on Twitter. Since Twitter's inception in 2006, we have been collecting a large sample of tweets; this data set is now over 65 billion tweets and counting.

We have used our large-scale Twitter data to uncover a number of interesting findings, including a study of the evolution of user behavior, the relationship between weather and mood, and how users behave across OSNs.

We have also used other OSN data to better understand the OSN ad market as well as users are valued by OSN provders; our first paper on measuring social networks won the 2017 ACM SIGCOMM Test of Time Award. Our work was funded by the NSF, the ARO, and Narus.

Sybil Attacks

Multiple identity (Sybil) attacks pose a fundamental problem in distributed systems, affecting sites ranging from online social networks to content rating sites. These attacks allow malicious users to obtain more privileges than they would otherwise have, leading to problems such as follower fraud on Twitter and manipulated votes on Yelp.

We have been developing approaches to better understand and prevent Sybil attacks. We developed a technique for designing systems that sidesteps Sybil attacks, and demonstrated how to design communication systems, content rating systems, online marketplaces, and social networks in this style. We have also developed techniques that can automatically identify suspicious users and suspicious groups of users without needing to know their attack strategy. Our work has been funded by the NSF and Google.

Press coverage

Our work has been fortunate enough to enjoy press coverage over the years; see a list below of a few of the highlights. To organize the list differently, use the buttons to the right.


Invited talks

I've been invited to give a few talks over the years; a comprehensive list is below.


Our work has been made possible due to the support of a number of funders. A comprehensive list of my group's funding is below. To organize the list differently, use the buttons to the right.



I have served on a number of different committees and in different roles; a comprehensive list is below.


Below is a comprehensive list of my publications, sorted by date. To organize the list differently, use the buttons to the right.