For too long, computer science has approached security in an ad hoc and reactionary manner. In order to make meaningful progress, we need to shift our defensive approach to be data-driven and epidemiological. Over the course of my Ph.D., I have built systems to facilitate a data-driven approach to security, and I have applied this methodology to tackle some of the most pressing real-world security problems. In this talk, I will first highlight two of these systems, ZMap and Censys. Second, I will show how Internet-wide scanning has enabled us to identify weaknesses in cryptographic keys, uncover real-world attacks against email delivery, and guide users in patching vulnerabilities. I will conclude by discussing how, in the future, I want to elevate data-driven security beyond individual systems and tools to make it a fundamental part of the Internet ecosystem.
Zakir Durumeric is a Ph.D. Candidate and Google Research Fellow in Computer Science and Engineering at the University of Michigan where his research focuses on systems and network security. His work has received the IRTF Applied Networking Research Prize and best paper awards from USENIX Security, ACM CCS, and ACM IMC.