I am a Senior Researcher in the Networking and Security Group at the International Computer Science Institute, an independent non-profit research institute affiliated with the University of California, Berkeley. I am also an affiliate member of the Advanced Computing for Science Department at the Lawrence Berkeley National Laboratory, and I work with the Lab's cyber security team. I am leading the development for Bro, an open-source network security monitor, and I am a co-founder of Broala. Before coming out to Berkeley, I was part of Anja Feldmann's group at TU München, Germany (now at TU Berlin). Before that, I received a diploma in Computer Science from University of Paderborn, Germany.
My research focuses on network security, with a particular emphasis on high-performance network monitoring in operational settings. More generally, I'm interested in understanding the capabilities and limitations of network technology as well as the characteristics of real-world Internet traffic.
Please see the seperate list of publications.
General Chair IEEE S&P 2013
Vice Chair IEEE S&P 2012
Treasurer IEEE S&P 2011
Program Chair DIMVA 2007
Program Committee ACSAC 2014
Program Committee CLHS 2013
Program Committee HotMiddlebox 2013
Program Committee SAC 2010 - INFSEC Track
Program Committee CoNGN 2008
Program Committee ICISS 2008
Program Committee IEEE MCN 2008
Program Committee CRITIS 2007
My implementation of a hook script for git to send out notification emails, git-notifier.
A set of scripts, BTest, providing a simple framework for shell-based unit tests.
A Python script, trace-summary, which generates summaries of network traffic from either libpcap traces or Bro connection logs.
The Python module PySubnetTree provides an efficient data structure for doing longest-prefix CIDR lookups.
A small tool called capstats to collect real-time statistics from a network interface.
A Linux kernel patch for capturing network packets by non-roots.