Curriculum Vitae
Lead research in the Security Research Group at Google, focusing on designing better ways to protect people online, advancing cybersecurity through AI, and implementing hardware attacks and defenses.
- Lead a team of researchers focusing on applied AI for security
- Contributed to SecGemini, an experimental AI model focused on cybersecurity
- Contributed to Magika, an AI-powered file type identification system
- Contributed to the implementation of Gmail spam and malware detection systems
Conducted research in cybersecurity, focusing on botnet detection and takedown, internet measurements, and ransomware analysis.
- Created automatic detection and disabling for leaked credentials
- Quantified revenue generated by ransomware attacks via cryptocurrency payments
Joined Google's anti-abuse team to better understand and detect sophisticated cloaking sites.
Led the design and running of a scalable service that collects, normalizes, and distributes sensitive health data from 20+ sources and 200k+ users, powering Achievemint.com and Humana Vitality.
Designed Nazca, a system capable of discovering and tracking malicious downloads in the network traffic of ISPs. This work resulted in a NDSS'14 paper, a patent, and sparked interest in the press.
Pentested various Ruby on Rails web apps, including a payment-processing system handling financial information of 100k+ users. Fixed various vulnerabilities and left the company with a set of tools integrated in their CI system to alert developers of potential security vulnerabilities.
Extended "Getting Things GNOME!", a task manager for the Linux desktop, to support multiple synchronization services such as Bugzilla, Evolution, and RememberTheMilk.
Research focused on leveraging big-data analysis to discover malware distribution, improving Android security, maintaining privacy online, and teaching information security through hacking competitions.
- UCSB Computer Science Outstanding Publication Award 2015
- CSAW best security paper 2012 finalist
- Secured $1.1M grant for Android security research
Worked on a novel mathematical model to drive autonomous underwater vehicles. This work was presented at the IEEE Conference on Decision and Control (CDC).
Worked on a distributed algorithm to drive autonomous land vehicles for area patrol in UCSB's mechanical engineering department. Part of this work is now in the Player/Stage open-source framework.
Core Developer & Mentor
Core developer of "Getting Things GNOME" and member of the GNOME Foundation. Mentored five international students for several editions of the Google Summer of Code and the Gnome's Outreach Program for Women.
Open Source Contributor
Created niche projects used by companies like Lastline and Google, including Scapy's support for HTTP and Chrisper (a style-checker for academic papers). Made contributions to popular open-source projects including PLAYER robotic framework, Flask-Security, and Eucalyptus.
Participated in numerous hacking competitions including DEFCON CTF in Las Vegas with the ShellPhish team (#2 in the world in 2025 according to CTFtime). Also helped design and organize the iCTF, the biggest academic hacking competition (back then) with more than 1,000 players globally, for four years.
Built an hexapod robot with a student team. Won a €40k grant. European Space Agency's Robotics Challenge finalist