vitae - Department of Computer Science

ANDREW M. WHITE
[email protected] (919)960-1706
https://www.cs.unc.edu/~amw
Brooks Computer Science Building
201 S. Columbia Street, Chapel Hill, NC 27599-3175
INTERESTS
· network and distributed systems security
· machine learning, data mining, and statistics
· privacy and anonymity
· integrity of distributed computations
E D U C AT I O N
University of North Carolina at Chapel Hill Chapel Hill, North Carolina
August 2015
May 2011
Doctor of Philosophy in Computer Science (expected)
Thesis:
Practical Analysis of Encrypted Network Traffic
Advisor:
Professor Fabian Monrose
Master of Science in Computer Science
University of Richmond Richmond, Virginia
May 2008
May 2008
Fall 2008–present
Fall 2004–Spring 2008
Bachelor of Science in Computer Science cum laude; departmental honors
Bachelor of Arts in Mathematics cum laude
University of St Andrews St Andrews, Scotland, United Kingdom
Fall 2006
AWA R D S
University of North Carolina at Chapel Hill
2015
Recognition for Outstanding Teaching Service (Introduction to Computer Security)
Research Community
2012
2011
2011
PET Award for Outstanding Research in Privacy Enhancing Technologies [C6]
NYU-Poly AT&T Best Applied Security Paper Award [C6]
Best Paper Award, IEEE Symposium on Security and Privacy [C6]
University of Richmond
2008
2008
2008
2008
2005
2004–2008
Mary Church Kent and Joseph F. Kent Computer Science Prize
Outstanding Student in Computer Science Award
Pi Mu Epsilon Mathematics Honor Society
Phi Beta Delta International Scholar Honor Society
Summer Undergraduate Research Fellowship
Mary Richardson Scholarship
T E C H N I C A L E X P E RT I S E
communication
programming
tools
platforms
data
Award-winning writing ability [C6]; excellent presentation and discussion skills
Python; R; C/C++; {ba,z}sh
Git, Subversion; LATEX, Markdown; MySQL; SCons
Bro, Snort; GitHub, GitLab; OS X, Linux; VMware, VirtualBox
Live (10Gbps) network traffic; large-scale networking datasets
RESEARCH EXPERIENCE
University of North Carolina at Chapel Hill Chapel Hill, North Carolina
Research Assistant
Professor Fabian Monrose
Fall 2008–present
› Inference from Encrypted Website Visits: Investigated the extent to which destination information
can be inferred about website visits conducted through encrypted connections; designed and im-
Andrew M. White
2 of 5
plemented a software library and set of tools for performing statistically robust experiments and
analyses on data representing such connections; compared a new approach with more than ten prior
approaches in a new evaluation scenario as well in those used by previous work [W1, P1]
› Pronounceable Passwords: Explored the security, usability, and linguistic challenges of using pronounceable tokens, and particularly lexical blends (i.e., portmanteaus), as passwords; developed
methods and software for rating the pronounceability of word-like strings [C2, C1]
› Opaque Traffic: Designed and analyzed multiple techniques for fast identification of opaque, i.e., compressed or encrypted, network traffic; evaluated techniques using the Bro and Snort intrusion detection systems on two high-speed campus networks [C3, P2]
› Compromising Reflections: Explored extent to which automated techniques can reconstruct typed
input from compromising reflections captured by commodity video cameras [C5, J1, C4]
› Information Leaks in VoIP: Demonstrated the severity of previously under-estimated information
leaks in encrypted VoIP conversations; designed and implemented a software library for sequence
classification, including an implementation of profile hidden Markov models [C6]
› Understanding Domain Registrations: Analyzed domain-name registrations to assess extent of speculation, tasting and front-running; designed and implemented a distributed system for measuring
front-running [C7, J2]
IBM Research Hawthorne, New York
Research Summer Intern, Network & Device Cybersecurity Analytics
Mihai Christodorescu and Reiner Sailer
Summer 2012
› Inference from Encrypted Website Visits: Explored and evaluated approaches for providing security
and forensic analysis engines with a viewpoint into encrypted network traffic; designed and implemented techniques for inferring details overlooked by previous work [W1, P1]
SRI International Menlo Park, California
Student Associate, Computer Science Laboratory
Vinod Yegneswaran and Phil Porras
Summer 2010
› Opaque Traffic: Investigated fast methods for identifying encrypted traffic [C3, P2]
› Encrypted Botnet C&C Traffic: Analyzed real-world encrypted botnet command-and-control traffic;
explored methods for automatically detecting such traffic
University of Richmond Richmond, Virginia
Honors Student
Professor Barry Lawson
Fall 2007–Spring 2008
› Integrity in Distributed Computations: Investigated integrity assurance for distributed volunteer
computations; utilized genetic algorithms to find optimal redundancy strategies for task assignment;
explored various task distribution topologies [M1]
Independent Study Student
Professor Arthur Charlesworth
Fall 2007–Spring 2008
› Solving Logic Puzzles: Explored methods for automated solving of logic puzzles; designed and
implemented forward-chaining expert system framework
› Basic AI: Investigated core artificial intelligence concepts such as search algorithms (e.g., A*) and
forward/backward chaining
Undergraduate Research Assistant
Professors Barry Lawson and Douglas Szajda
Fall 2005, Summers 2006–2008
› Integrity in Distributed Computations: Analyzed and developed methods for ensuring computation
integrity in distributed volunteer computing platforms
Updated May 13, 2015 at 1:22pm
Andrew M. White
3 of 5
› Malicious Behavior in Distributed Computations: Investigated the use of machine learning techniques to detect malicious behavior by participants in distributed volunteer computations
› Prototype Applications: Designed and implemented prototype applications for a campus-wide volunteer distributed computing initiative; prepared, tested, and administered server and 5–10 clients,
including Ubuntu Linux, Mac OSX, Windows XP
Summer Undergraduate Research Fellow
Professors Barry Lawson and Douglas Szajda
Summer 2005
› Malicious Behavior in Distributed Computations: Explored potential applications of clustering, selforganizing maps, and similar techniques to securing distributed volunteer computing platforms
TEACHING AND WORK EXPERIENCE
Department of Computer Science University of North Carolina at Chapel Hill, Chapel Hill, North Carolina
Co-Instructor (with Professor Fabian Monrose) and Lab Instructor
Introduction to Computer Security
Spring 2013
› Delivered lecture series on basic cryptography
› Administered weekly lab session
› Developed new lab modules; updated and improved existing lab modules
› Prepared new programming assignments; converted existing lab modules to graded assignments
› Graded both written reading responses and programming assignments
Technology Learning Center University of Richmond, Richmond, Virginia
Instructional Technology Consultant
Instructional Technology Associate
Instructional Technology Assistant
May 2006–May 2008
February 2006–May 2006
August 2005–February 2006
› Instructed and assisted faculty, staff and students with projects incorporating audio, video, print and
web media for classroom and research use
› Designed and implemented web-based computer lab management, scheduling and checkout system
P U B L I C AT I O N S A N D M A N U S C R I P T S
Works in Preparation
[W1] White, A. M., M. P. Stoecklin, X. Hu, T. Wang, D. L. Schales, R. Sailer, M. Christodorescu, and F. Monrose,
“Toward scalable real-time identification of web pages in encrypted traffic,” in preparation.
Refereed Conference and Workshop Publications
[C1] Shaw, K. E., A. M. White, E. Moreton, and F. Monrose, “Emergent faithfulness to morphological and
semantic heads in lexical blends,” in Proceedings of the 2013 Meeting on Phonology, Linguistic Society of
America, Mar. 2014.
[C2] White, A. M., K. E. Shaw, F. Monrose, and E. Moreton, “Isn’t that fantabulous: Security, linguistic and usability challenges of pronounceable tokens,” in Proceedings of the 2014 Workshop on New Security Paradigms,
acceptance rate: 32%, Sep. 2014.
[C3] White, A. M., S. Krishnan, M. Bailey, F. Monrose, and P. Porras, “Clear and present data: Opaque traffic
and its security implications for the future,” in Proceedings of the 20th Annual Network and Distributed System
Security Symposium, acceptance rate: 18%, Feb. 2013.
[C4] Xu, Y., J. Heinly, A. M. White, F. Monrose, and J.-M. Frahm, “Seeing double: Reconstructing obscured
typed input from multiple compromising reflections, around the corner,” in Proceedings of the 20th ACM
Conference on Computer and Communications Security, acceptance rate: 20%, Nov. 2013.
Updated May 13, 2015 at 1:22pm
Andrew M. White
4 of 5
[C5] Raguram, R., A. M. White, D. Goswami, F. Monrose, and J.-M. Frahm, “Ispy: Automatic reconstruction
of typed input from compromising reflections,” in Proceedings of the 18th ACM Conference on Computer and
Communications Security, acceptance rate: 14%, Oct. 2011.
[C6] White, A. M., A. R. Matthews, K. Z. Snow, and F. Monrose, “Phonotactic reconstruction of encrypted
VoIP conversations: Hookt on fon-iks,” in Proceedings of the 32nd IEEE Symposium on Security and Privacy,
acceptance rate: 11%, May 2011.
[C7] Coull, S. E., A. M. White, T.-F. Yen, F. Monrose, and M. K. Reiter, “Understanding domain registration
abuses,” in Proceedings of the 25th IFIP International Information Security Conference, acceptance rate: 25%,
Sep. 2010.
Refereed Journal Publications
[J1] Raguram, R., A. M. White, Y. Xu, J.-M. Frahm, P. Georgel, and F. Monrose, “On the privacy risks of virtual
keyboards: Automatic reconstruction of typed input from compromising reflections,” IEEE Transactions on
Dependable and Secure Computing, vol. 10, no. 3, pp. 154–167, 2013.
[J2] Coull, S. E., A. M. White, T.-F. Yen, F. Monrose, and M. K. Reiter, “Understanding domain registration
abuses,” Computers & Security, vol. 31, no. 7, Oct. 2012.
Patents and Patent Applications
[P1] Christodorescu, M., X. Hu, D. Schales, R. Sailer, M. Stoecklin, T. Wang, and A. M. White, “Identification
and classification of web traffic inside encrypted network tunnels,” U.S. pat. app. 13/862,601, Apr. 15,
2013; U.S. pat. app. 14/025,098, Sep. 12, 2013.
[P2] White, A. M., F. Monrose, S. Krishnan, P. Porras, and M. Bailey, “Methods, systems, and computer readable media for rapid filtering of opaque data traffic,” U.S. pat. app. 14/387,967, Sep. 25, 2014; WO pat.
app. PCT/US2013/031,044, Mar. 13, 2013; U.S. prov. pat. app. 61/618,648, Mar. 30, 2012.
Manuscripts
[M1] White, A. M., Securing distributed volunteer computations: Investigating techniques for effective and efficient task
assignment, University of Richmond Honors Thesis, 2008.
C O N F E R E N C E P R E S E N TAT I O N S , I N V I T E D TA L K S , A N D G U E S T L E C T U R E S
Conference and Workshop Presentations
September 2014 Isn’t that Fantabulous: Security, Linguistic and Usability Challenges of Pronounceable Tokens [C2]
New Security Paradigms Workshop
February 2013 Clear and Present Data: Opaque Traffic and its Security Implications for the Future [C3]
Network and Distributed System Security Symposium
May 2011 Hookt on Foniks: Phonotactic Reconstruction of Encrypted VoIP Conversations [C6]
IEEE Symposium on Security & Privacy
Invited Talks
November 2011 Hookt on Foniks: Phonotactic Reconstruction of Encrypted VoIP Conversations [C6]
Math & Computer Science Department Colloquium, University of Richmond
Host: Professor Barry Lawson
Guest Lectures
Spring 2012, 2013
November 2012
Introduction to Computer Security, University of North Carolina at Chapel Hill
Host: Professor Fabian Monrose
Computer Security, University of Richmond
Host: Professor Douglas Szadja
Updated May 13, 2015 at 1:22pm
Andrew M. White
5 of 5
S E RV I C E
Research Community
Program Committee Member
2015 New Security Paradigms Workshop (NSPW)
2014 IEEE International Workshop on Big Data Security and Privacy (BDSP)
2013 International Conference on Cryptology and Network Security (CANS)
External Reviewer
2010, 2011, 2013, 2014 ACM Conference on Computer and Communications Security (CCS)
2014 Research in Attacks, Intrusions and Defenses Symposium (RAID)
2013 USENIX Security Symposium
2012 Digital Forensics Research Conference (DFRWS)
2011 USENIX Workshop on Large-scale Exploits and Emergent Threats (LEET)
Judge
2012–2013 CSAW Applied Security Research Best Paper Competition
Proceedings Chair
2011–2013 Network and Distributed System Security Symposium (NDSS)
Department of Computer Science University of North Carolina at Chapel Hill
Spring 2011 Graduate Curriculum and Planning Committee
Spring 2011, 2012 Teaching Tune-Up Committee
Updated May 13, 2015 at 1:22pm