Teaching

Courses

TU

CS 5/7143 Security Economics

Introduces economics as a tool for understanding and managing information security. Reviews key information security challenges and technologies in order to reason about the topics economically. Students are introduced to techniques of analytic and empirical modeling. Economic concepts reviewed include rationality, markets, and information. Models and metrics of security investment are presented, along with cost-benefit analysis techniques. Security games are designed to capture the strategic interaction between defenders, as well as between attacker and defenders. Techniques for empirical investigation and measurement of online crime are presented. Implications for public policy are discussed.

Semesters taught: Fall 2015, Spring 2017

CS 7403 Secure Electronic Commerce

Technologies to facilitate secure online communications, such as SSL and digital certificates, are presented. Canonical threats to web security, such as input validation, XSS and CSRF attacks, are demonstrated using hands-on experiments. Engineered defenses against these attacks are then reviewed. Mechanisms for secure payments, such as EMV, tokenization and mobile payments protocols, are discussed along with case studies of attacks on deployed systems. The technical architecture of cryptocurrencies, notably Bitcoin, are presented. Throughout the course, economic considerations, notably the incentives of system designers and attackers, are discussed.

Semesters taught: Spring 2016

CS 3863 Introduction to Cyber Security

Semesters taught: Spring 2017

CS 2123 Data Structures and Algorithms

Semesters taught: Fall 2016

SMU

CSE3353: Fundamentals of Algorithms

Introduction to algorithm analysis, big Oh notation, algorithm classification by efficiency. Basic algorithm strategies and basic approaches to problem solving. Algorithms in hard- and software. Sorting and searching algorithms. Algorithms for arithmetic operations. Introduction to graph theory and graph algorithms.

Semesters taught: Spring 2013, Spring 2014, Fall 2014

CSE8098: Computer Science Seminar

Semesters taught: Fall 2012, Spring 2013, Fall 2013, Spring 2013, Fall 2014, Spring 2015

CSE5/7338: Security Economics

Introduces economics as a tool for understanding and managing information security. Reviews key information security challenges and technologies in order to reason about the topics economically. Students are introduced to techniques of analytic and empirical modeling. Economic concepts reviewed include rationality, markets, and information. Models and metrics of security investment are presented, along with cost-benefit analysis techniques. Security games are designed to capture the strategic interaction between defenders, as well as between attacker and defenders. Techniques for empirical investigation and measurement of online crime are presented. Implications for public policy are discussed.

Semesters taught: Fall 2012, Fall 2013, Fall 2014

MOOCs

Economics of Cybersecurity

On January 20, 2015, we launched an online course on the Economics of Cybersecurity, as part of edX Professional Education. The course provides a thorough introduction to the field, delivered by leading researchers from Delft University of Technology, University of Cambridge, University of Münster and Southern Methodist University.

The course provides the economic concepts, measurement approaches and data analytics to make better security decisions, as well as understand the forces that shape the security decisions of other actors in the ecosystem of information goods and services. It covers four main areas:

  1. Introduction to key concepts in the economics of cybersecurity. Here, we provide an overview of the properties of information goods and how this shapes the security in these markets.
  2. Measurements and empirical research into security issues, decisions and incentives of actors. We analyze data on security incidents in different markets, as well apply economic concepts to explain the strategies of attackers and defenders.
  3. Economics of information security investment. We discuss and apply different economic models that help determine the costs and benefits of security investments.
  4. Market failures and policy interventions. We discuss available economic tools to better align the incentives for cybersecurity, including better technologies, security metrics, cyber insurance and risk transfer, information sharing, and liability assignment.
  5. Human behaviour. We explore the lessons from behavioral economics to understand the heuristics and biases of actors when they diverge from what is considered rational behaviour in conventional economic theory.

After successfully completing this course, you will be able to position yourself as a vital subject matter expert regarding the economic drivers that influence cybersecurity. The e-learning course and case studies provide a solid fundamental understanding of the economics of cybersecurity as discipline. We believe these new resources will help to raise the awareness among those of you in the profession today -as well as those of you with a future in cybersecurity- about the role that you can play in helping us to ensure a more secure society.

Videos of all lectures are now available on YouTube.

Wellesley

CS 349B: Quantifying the World (Wellesley College, Spring 2012)

We now live in a world of information, where data can be leveraged to rapidly answer previously unanswerable questions. This course will teach students how to make sense of the large amounts of data frequently available, from hypothesis formation and data collection to methods of analysis and visualization. We begin by discussing how to set up Internet-level experiments and formulate testable hypotheses. We then learn ways to automatically gather, store and query large datasets. Next, we introduce two important classes of analysis: statistical methods (descriptive and predictive) and information visualization. Students will learn to use the Python and R programming languages to carry out data collection, analysis and visualization, culminating in a final project using real data of the students’ choosing.

Semester taught Spring 2012

CS110: Computers and the Internet

Computer Science 110 is a broad introduction to computers, the Internet, information representation, and the art of computer programming. The course begins with an introduction to the World Wide Web and to the HyperText Markup Language (HTML), a language for structuring the content of web pages. The Cascading Style Sheets (CSS) language is introduced as a way to describe the appearance of web pages. Students also learn JavaScript, a scripting language that enables adding dynamic behavior to web pages. The digital representation of information is a common thread that runs through the course. We show how numbers, text, colors, images, sound, and video can all be represented in terms of bits, the fundamental unit of digital information. We also discuss social, legal, and ethical implications of the digital revolution. Topics include critical evaluation of web sources, copyright laws, digital rights management, privacy, and security. The course culminates in a project in which pairs of students design, implement, test, and present websites for a real client

Semester taught: Fall 2011

Search Course Material

Supervising Research

In addition to teaching courses, I supervise student research at both the graduate and undergraduate level.

Research Group 2016
Security Economics Lab Research Group (we always dress this nicely, promise!)

Old research group photos: 2013

Current PhD Students

MS Students

Undergraduate Students

Visiting Students

Alumni