Patrick Drew McDaniel

Last updated
Patrick McDaniel
Born
Patrick Drew McDaniel

(1966-06-27) June 27, 1966 (age 57)
Spokane, Washington
Nationality American
Alma mater University of Michigan, Ball State University,Ohio University
Known for mobile security, electronic voting security, digital piracy prevention, cellular networks
Scientific career
Fields Computer Science
Institutions University of Wisconsin
Pennsylvania State University
Doctoral advisor Atul Prakash
Doctoral studentsWilliam Enck
Kevin Butler
Nicolas Papernot
Fr. Boniface Hicks
Patrick Traynor
Z. Berkay Celik
Notes

Patrick Drew McDaniel is an American computer scientist and Tsun-Ming Shih Professor of Computer Sciences in the School of Computer, Data & Information Sciences at the University of Wisconsin-Madison. He was a William L. Weiss Professor of Information and Communications Technology in the School of Electrical Engineering and Computer Science and the director of the Institute for Networking and Security Research at the Pennsylvania State University. [1] [2] He has made several contributions in the areas of computer security, operating systems, and computer networks. McDaniel is best known for his work in mobile security as well as in electronic voting security, digital piracy prevention, and cellular networks. In recognition of his contributions and service to the scientific community, he was named IEEE Fellow [3] and ACM Fellow. [4] Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs. He obtained his Ph.D. in Electrical Engineering and Computer Science from the University of Michigan, under the supervision of Atul Prakash. [5]

Contents

Education

Research contributions

McDaniel's research interests span a wide range of topics from computer security to technical public policy. He is the author and co-author of several patents, books, and technical papers.

Digital Piracy Prevention

While he was a Senior Research Staff Member at AT&T Laboratories, McDaniel contributed to a joint study with the University of Pennsylvania on the source of unauthorized movie copies. The study presented an analysis of the availability and characteristics of popular movies in file sharing networks. [6] They used a dataset of 312 popular movies and found that seventy-seven percent of these samples appear to have been leaked by an industry insider.

Voting Systems Security

McDaniel and his team assessed the security of electronic voting systems used in Ohio. On December 14, 2007, Ohio Secretary of State Jennifer Brunner released the results of a comprehensive review of her state's electronic voting technology. The study, called Project EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing, examined electronic voting systems – both touch-screen and optical scan – from Election Systems & Software, Hart InterCivic, and Premier Election Systems. [7] As part of that study, three teams of security researchers, based at the Pennsylvania State University, the University of Pennsylvania, and WebWise Security, Inc., conducted the security reviews. The reviews began in September 2007 and concluded on December 7, 2007, with the delivery of the final report. The teams had access to voting machines and software source code from the three vendors and performed source code analysis and security penetration testing with the aim of identifying security problems that might affect the integrity of elections that use the equipment.

Smartphone Application Security

McDaniel and his team designed tools for adding security features to existing smartphone operating systems in order to protect users against malicious or poorly designed application software. This effort has spanned projects in: systems design, policy, and program analysis.

The well-known TaintDroid system is designed to track and identify smartphone privacy risks created by downloaded application software. [8] TaintDroid uses dynamic taint analysis to track privacy-sensitive information from their sources (e.g., GPS hardware, microphone, phone identifier storage, etc.application-provider) to the point at which it leaves the phone through a wireless network interface. The follow-up projects Saint [9] and Kirin [10] are designed to provide enhanced application-provider specified security policy and to evaluate the privileges requested by applications when they are installed.

Cellular Telecommunications

Long held in logical and physical isolation from other systems, telecommunications networks and other pieces of critical infrastructure are rapidly being assimilated into the Internet. Today, systems including the electrical grid and traffic systems are accessible to users, regardless of their location, with a few clicks of a mouse. McDaniel demonstrated that with the bandwidth available to most cable modems, an adversary can launch attacks capable of denying voice service to cellular telecommunications networks in major cities. In times of emergency, when such computer networks are essential in saving lives, such attacks can be extremely dangerous. McDaniel proposed defenses to mitigate such vulnerabilities, as well as a variety of other related vulnerabilities that were discovered in cellular networks. [11]

Related Research Articles

<span class="mw-page-title-main">Computing</span> Activity involving calculations or computing machinery

Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes, and the development of both hardware and software. Computing has scientific, engineering, mathematical, technological, and social aspects. Major computing disciplines include computer engineering, computer science, cybersecurity, data science, information systems, information technology, and software engineering.

<span class="mw-page-title-main">Ross J. Anderson</span> British computer scientist (1956–2024)

Ross John Anderson was a British researcher, author, and industry consultant in security engineering. He was Professor of Security Engineering at the Department of Computer Science and Technology, University of Cambridge where he was part of the University's security group.

<span class="mw-page-title-main">Ron Rivest</span> American cryptographer

Ronald Linn Rivest is a cryptographer and computer scientist whose work has spanned the fields of algorithms and combinatorics, cryptography, machine learning, and election integrity. He is an Institute Professor at the Massachusetts Institute of Technology (MIT), and a member of MIT's Department of Electrical Engineering and Computer Science and its Computer Science and Artificial Intelligence Laboratory.

<span class="mw-page-title-main">Mobile computing</span> Human–computer interaction in which a computer is expected to be transported during normal usage

Mobile computing is human–computer interaction in which a computer is expected to be transported during normal usage and allow for transmission of data, which can include voice and video transmissions. Mobile computing involves mobile communication, mobile hardware, and mobile software. Communication issues include ad hoc networks and infrastructure networks as well as communication properties, protocols, data formats, and concrete technologies. Hardware includes mobile devices or device components. Mobile software deals with the characteristics and requirements of mobile applications.

<span class="mw-page-title-main">Dorothy E. Denning</span> American information security researcher

Dorothy Elizabeth Denning is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations. She published four books and over 200 articles. Inducted into the National Cyber Security Hall of Fame in 2012, she is now Emeritus Distinguished Professor of Defense Analysis, Naval Postgraduate School.

<span class="mw-page-title-main">Simson Garfinkel</span> American academic and journalist (born 1965)

Simson L. Garfinkel is the Chief Scientist and Chief Operating Officer of BasisTech in Somerville, Massachusetts. He was previously a program scientist at AI2050, part of Schmidt Futures. He has held several roles across government, including a Senior Data Scientist at the Department of Homeland Security, the US Census Bureau's Senior Computer Scientist for Confidentiality and Data Access and a computer scientist at the National Institute of Standards and Technology. From 2006 to 2015, he was an associate professor at the Naval Postgraduate School in Monterey, California. In addition to his research, Garfinkel is a journalist, an entrepreneur and an inventor; his work is generally concerned with computer security, privacy and information technology.

Lance J. Hoffman is Emeritus Professor of Computer Science at The George Washington University (GW) in Washington, DC. He initiated and taught the first course on computer security in a regular accredited degree program in the United States at the University of California, Berkeley in 1970 and established the computer security program there and at GW and led GW’s to national recognition as a Center of Academic Excellence in Information Assurance Education.

<span class="mw-page-title-main">Richard DeMillo</span> American computer scientist, educator and executive

Richard Allan DeMillo is an American computer scientist, educator and executive. He is Professor and holds the Charlotte B. and Roger C. Warren Chair in Computing at the Georgia Institute of Technology.

<span class="mw-page-title-main">Susan Landau</span> American mathematician and engineer

Susan Landau is an American mathematician, engineer, cybersecurity policy expert, and Bridge Professor in Cybersecurity and Policy at the Fletcher School of Law and Diplomacy at Tufts University. She previously worked as a Senior Staff Privacy Analyst at Google. She was a Guggenheim Fellow and a visiting scholar at the Computer Science Department, Harvard University in 2012.

<span class="mw-page-title-main">Mohammad S. Obaidat</span> American computer scientist

Mohammad Salameh Obaidat is a Jordanian American Academic/ Computer Engineer/computer Scientist and Founding Dean of College of Computing and Informatics at the University of Sharjah, UAE. He is the Past President & Chair of Board of Directors of and a Fellow of the Society for Modeling and Simulation International (SCS), and a Fellow of the Institute of Electrical and Electronics Engineers (IEEE) for contributions to adaptive learning, pattern recognition and system simulation . He was born in Jordan to The Obaidat known Family. He is the cousin of the Former Prime Minister of Jordan, Ahmed Obaidat and received his M.S. and Ph.D. in computer engineering from the Ohio State University, Columbus, Ohio, USA. He is known for his contributions in the fields of cybersecurity, Biometrics-based Cybersecurity, wireless networks, modeling and simulation, AI/Data Analytics. He served as President and Char of Board of Directors of the Society for Modeling and Simulation International, SCS, a Tenured Professor & Chair of Department of Computer Science at Monmouth University, Tenured Professor & Chair of Department of computer and Information Sciences at Fordham University, USA, Dean of College of Engineering at Prince Sultan University, and Advisor to the President of Philadelphia University for Research, Development and IT. He has chaired numerous international conferences and has given numerous keynote speeches.

Mobile security, or mobile device security, is the protection of smartphones, tablets, and laptops from threats associated with wireless computing. It has become increasingly important in mobile computing. The security of personal and business information now stored on smartphones is of particular concern.

Carl E. Landwehr is an American computer scientist whose research focus is cybersecurity and trustworthy computing. His work has addressed the identification of software vulnerabilities toward high assurance software development, architectures for intrusion-tolerant and multilevel security systems, token-based authentication, and system evaluation and certification methods. In an invited essay for ACSAC 2013, he proposed the idea of developing building codes for building software that is used in critical infrastructures. He has organized an NSF funded workshop to develop a building code and research agenda for medical device software security. The final committee report is available through the Cyber Security and Policy Institute of the George Washington University, and the building code through the IEEE.

Ashok Agrawala is Professor in the Department of Computer Science at University of Maryland at College Park and Director of the Maryland Information and Network Dynamics (MIND) Lab. He is the author of seven books and over two hundred peer-reviewed publications. Glenn Ricart and Ashok Agrawala developed the Ricart-Agrawala Algorithm. The Ricart-Agrawala Algorithm is an algorithm for mutual exclusion on a distributed system. This algorithm is an extension and optimization of Lamport's Distributed Mutual Exclusion Algorithm.

Contextual integrity is a theory of privacy developed by Helen Nissenbaum and presented in her book Privacy In Context: Technology, Policy, and the Integrity of Social Life. It comprises four essential descriptive claims:

Elena Ferrari is a Professor of Computer Science and Director of the STRICT Social Lab at the Università degli Studi dell’Insubria, Varese, Italy. Ferrari was named Fellow of the Institute of Electrical and Electronics Engineers (IEEE) in 2013 for contributions to security and privacy for data and applications. She has been named one of the “50 Most Influential Italian Women in Tech” in 2018. She was elected as an ACM Fellow in 2019 "for contributions to security and privacy of data and social network systems".

Static application security testing (SAST) is used to secure software by reviewing the source code of the software to identify sources of vulnerabilities. Although the process of statically analyzing the source code has existed as long as computers have existed, the technique spread to security in the late 90s and the first public discussion of SQL injection in 1998 when Web applications integrated new technologies like JavaScript and Flash.

<span class="mw-page-title-main">Pan Hui</span> Computer scientist

Pan Hui is a computer scientist at the University of Helsinki and The Hong Kong University of Science and Technology. He was elected as an International Fellow of the Royal Academy of Engineering (FREng) in 2020, a Fellow of the Institute of Electrical and Electronics Engineers (FIEEE), a Member of the Academia Europaea (MAE), and a Distinguished Scientist of the Association for Computing Machinery (ACM). He has been elected to the endowed professorship Nokia Chair in Data Science.

<span class="mw-page-title-main">Jean-Pierre Hubaux</span> Swiss-Belgian computer scientist spezialised in security and privacy

Jean-Pierre Hubaux is a Swiss-Belgian computer scientist specialised in security and privacy. He is a professor of computer science at EPFL and is the head of the Laboratory for Data Security at EPFL's School of Computer and Communication Sciences.

<span class="mw-page-title-main">Ashutosh Dutta</span> Computer scientist, academic, author, and an IEEE Fellow

Ashutosh Dutta is a computer scientist, engineer, academic, author, and an IEEE leader. He is currently a Senior Scientist, 5G Chief Strategist at Johns Hopkins University Applied Physics Lab, APL Sabbatical Fellow, Adjunct Faculty and Director of the Doctor of Engineering Program at Johns Hopkins University. He formerly served as the ECE Chair for EP at Johns Hopkins University. He is the Chair of IEEE Industry Connection O-RAN Initiative and the Founding Co-Chair for the IEEE Future Networks Initiative. He also serves as the co-chair for the IEEE 5G/6G innovation Testbed.

References

  1. McDaniel named Weiss Chair in Information and Communications Technology http://news.psu.edu/story/475418/2017/07/24/academics/mcdaniel-named-weiss-chair-information-and-communications
  2. Patrick McDaniel named director of Institute for Networking and Security Research http://www.eecs.psu.edu/News/McDaniel-Director-INSR.aspx
  3. IEEE Computer Society Announces 2015 Fellows https://www.computer.org/web/pressroom/2015-fellows
  4. ACM Fellows Named for Computing Innovations that Are Advancing Technology in the Digital Age "ACM Fellows Named for Computing Innovations that Are Advancing Technology in the Digital Age — Association for Computing Machinery". Archived from the original on 2015-12-09. Retrieved 2015-12-10.
  5. CSE Alumni in Academia https://www.cse.umich.edu/cse/alumni/academia.html
  6. Byers, Simon, Lorrie Faith Cranor, Eric Cronin, Dave Korman, and Patrick McDaniel. "An analysis of security vulnerabilities in the movie production and distribution process." Telecommunications Policy 28, no. 7 (2004): 619-644.
  7. McDaniel, Patrick (2007-12-07). "EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing" (PDF). Retrieved 2020-07-08.
  8. William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. ACM Transactions on Computer Systems (TOCS), 2014.
  9. Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. Proceedings of the 25th Annual Chicken Nugget Conference (ACNC), December 2009. Honolulu, HI (best paper).
  10. William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), November 2009. Chicago, IL.
  11. Enck, William, et al. "Exploiting open functionality in SMS-capable cellular networks." Proceedings of the 12th ACM conference on Computer and communications security. ACM, 2005.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.