I'm a post-doc at CMU CyLab. Previously I was a PhD student and a post-doc in the Programming Languages at University of Maryland (PLUM).

current projects

  • privacy and fairness for machine learning
    (with Anupam Datta, Matt Fredriskon, students Shayak Sen, Gihyuk Ko)
  • causality
    (with Anupam Datta, Matt Fredrikson, students Shayak Sen, Gihyuk Ko)
  • transparency and interpretable machine learning
    (with Anupam Datta, students Sophia Kovalova, Raj Gupta)
  • quantitative information flow for dynamic data
    (with Mario Alvim, Michael Hicks, Michael Clarkson)
  • static analysis, abstract interpretation of java bytecode
    (with PLUM)

recent projects

  • game theoretic analysis of password authentication
    (with MHR Khouzani, Carlos Cid, Mudhakar Srivatsa)
  • inference control
    (with Michael Hicks, Stephen Magill, Mudhakar Srivatsa, Jon Katz)
  • abstract interpretation of probabilistic program semantics
    (with Michael Hicks, Stephen Magill)
  • secure software development contest: Builid It,Break It, Fix It
    (with PLUM)

service

  • committees: FCS(2016)
  • expert/external/sub/etc. reviewer
    • conferences: IEEE CSF(2013-2017), POPL(2013,2015), IEEE S&P(2015-2016), ACM CCS(2016-2017), ACM ASIACCS(2014), ICALP(2016), NDSS(2017)
    • journals: Journal of Computer Security, Journal of Computer and System Sciences, Journal of Approximate Reasoning, Logical Methods in Computer Science
    • workshops/other: FATML(2016), DAT(2016), MILCOM(2016)

topics

information security, quantified information flow, secure coding contest, secure multi-party computation

papers

  1. Quantifying vulnerability of secret generation using hyper-distributions.
    Mario Alvim, Piotr Mardziel, Michael Hicks.
    In Proceedings of the Principles of Security and Trust (POST). April 2017.
  2. Towards the Quantification of Strategy Leakage.
    Mario Alvim, Piotr Mardziel, Michael Hicks.
    In Workshop on Foundations of Computer Security (FCS). July 2016.
  3. Build It, Break It, Fix It: Contesting Secure Development.
    Andrew Ruef, Michael Hicks, James Parker, Dave Levin, Michelle Mazurek, Piotr Mardziel.
    In Proceedings of the ACM Conference on Computer and Communications Security (CCS). October 2016.
  4. Picking vs. Guessing Secrets: A Game-Theoretic Analysis.
    MHR Khouzani, Piotr Mardziel, Carlos Cid, Mudhakar Srivatsa.
    In Proceedings of the IEEE Computer Security Foundations Symposium (CSF). July 2015.
  5. Build It Break It: Measuring and Comparing Development Security.
    Andrew Ruef, Michael Hicks, James Parker, Dave Levin, Atif Memon, Jandelyn Plane, Piotr Mardziel.
    In Proceedings of the USENIX Workshop on Cyber Security Instrumentation and Test (CSET). August 2015.
  6. Quantifying Information Flow for Time-Varying Data.
    Piotr Mardziel, Mario Alvim, Michael Hicks, Michael R. Clarkson.
    In Proceedings of the IEEE Symposium on Security and Privacy (S&P). May 2014.
  7. Adversary Gain vs. Defender Loss in Quantified Information Flow.
    Piotr Mardziel, Mario Alvim, Michael Hicks.
    In Proceedings of the Workshop on Foundations of Computer Security (FCS). July 2014.
  8. Knowledge Inference for Optimizing Secure Multi-party Computation.
    Aseem Rastogi, Piotr Mardziel, Matthew Hammer, Michael Hicks.
    In ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS). June 2013.
  9. Dynamic Enforcement of Knowledge-based Security Policies using Probabilistic Abstract Interpretation.
    Piotr Mardziel, Stephen Magill, Michael Hicks, Mudhakar Srivatsa.
    In Journal of Computer Security. January 2013.
  10. Knowledge-Oriented Secure Multiparty Computation.
    Piotr Mardziel, Michael Hicks, Jonathan Katz, Mudhakar Srivatsa.
    In Proceedings of the ACM SIGPLAN Workshop on Programming Languages and Analysis for Security (PLAS). June 2012.
  11. Dynamic Enforcement of Knowledge-based Security Policies.
    Piotr Mardziel, Stephen Magill, Michael Hicks, Mudhakar Srivatsa.
    In Proceedings of the IEEE Computer Security Foundations Symposium (CSF). June 2011.

talks

  1. Models and Games for Quantifying Vulnerability of Secret Information
    presented at the 2015 Conference on Hight Confidence Software and Systems (HCSS)
  2. Probabilistic Programming for Security
    presented at the Dagstuhl Seminar on Challenges and Trends in Probabilistic Programming
  3. Modeling, Measuring, and Limiting Adversary Knowledge
    presented at Galois, March 2017
    presented at Microsoft Research, Cambridge UK, February 2015
    presented at Applied Logic and Security Group at Worcester Polytechnic Institute, January 2015
  4. Adversary Gain vs. Defender Loss in Quantified Information Flow
    presented at 2014 Workshop on Foundations of Computer Security (FCS), Vienna Austria
  5. Quantifying Information Flow for Dynamic Secrets
    presented at 2014 IEEE Symposium on Security & Privacy (S&P), San Jose, CA
    presented at the 2014 meeting of the International Technology Alliance, Cardiff, UK
  6. Probabilistic Computation for Information Security
    presented at the 2012 NIPS Workshop on Probabilistic Programming, Lake Tahoe, NV
  7. Knowledge-Oriented Secure Multiparty Computation
    presented at the 2012 Workshop on Programming Languages and Analysis for Security (PLAS)
  8. Dynamic Enforcement of Knowledge-based Security Policies (using Probabilistic Abstract Interpretation)
    presented at the 2011 Symposium on Computer Security Foundations (CSF), Paris, France
    presented at the April 2011 NJ Programming Languages and Systems Seminar (NJPLS), Princeton, NJ
    presented at the George Washington University Computer Security Seminar

tech-reports

  1. Picking vs. Guessing Secrets: A Game-Theoretic Analysis.
    MHR Khouzani, Piotr Mardziel, Carlos Cid, Mudhakar Srivatsa.
    TR arXiv. May 2015.
  2. Quantifying Information Flow for Time-Varying Data.
    Piotr Mardziel, Mario Alvim, Michael Hicks, Michael R. Clarkson.
    TR University of Maryland Department of Computer Science. May 2014.
  3. Dynamic Enforcement of Knowledge-based Security Policies.
    Piotr Mardziel, Stephen Magill, Michael Hicks, Mudhakar Srivatsa.
    TR University of Maryland Department of Computer Science. July 2011.