My research brings a data-driven approach to the study of computer and network security. I have built systems and tools to facilitate Internet-scale security measurement (ZMap and Censys) and used them to discover and correct vulnerabilities that only emerge when studied at global scale. My work has helped strengthen the Internet’s most important cryptographic protocols (TLS, SSH, secure email transport, and the HTTPS PKI), defend the Internet’s core infrastructure, and guide the design and deployment of widely-used systems.

Application Materials:

Select Publications: [All Publications]

The Security Impact of HTTPS Interception

  • Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein,
  •       Michael Bailey, J. Alex Halderman, and Vern Paxson
  • Network and Distributed System Security Symposium (NDSS), to appear February 2017

Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security

  • Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Kurt Thomas, Vijay Eranti,
  •       Nicholas Lidzborski, Elie Bursztein, Michael Bailey, and J. Alex Halderman
  • ACM Internet Measurement Conference (IMC), October 2015
  • IETF Applied Networking Research Prize

Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice

  • David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green,
  •       J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta,
  •       Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Beguelin, and Paul Zimmermann
  • ACM Computer and Communications Security (CCS), October 2015
  • Best Paper Award

Censys: A Search Engine Backed by Internet-Wide Scanning

  • Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, and J. Alex Halderman
  • ACM Computer and Communications Security (CCS), October 2015

The Matter of Heartbleed

  • Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer,
  •       Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. Alex Halderman
  • ACM Internet Measurement Conference (IMC), November 2014
  • Best Paper Award

ZMap: Fast Internet-Wide Scanning and its Security Applications

  • Zakir Durumeric, Eric Wustrow, and J. Alex Halderman
  • USENIX Security Symposium (USENIX Security), August 2013

Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices

  • Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman
  • USENIX Security Symposium (USENIX Security), August 2012
  • Best Paper Award