I receive routinely requests from students for various reasons. This documents tries to answer some of the initial questions a student might have.

First of all, I do not supervise students that are not at UCSB. I wish it was possible, but I simply don't have the time and resources to do it. If you want to work with me, you need to come to UCSB as an undergraduate student, a graduate student, or an intern.

I also routinely get the question: "How do I become a hacker?" I assume that "hacker" means "security expert" and/or "white hat hacker". To become proficient in computer security, one needs to learn the basics and gain experience. Learn coding, how hardware works, how networks work, how operating systems work, read books about security, use search engines to find materials written on key topics, and participate in hacking competitions (many are listed on CTFtime). That's a start.

Of course, you can also watch my graduate class on vulnerability analysis.

Undergraduate Students

If you are an undergraduate at UCSB and want to do some research on security, I strongly encourage you to attend the Hacking Seminar, which is a weekly meeting in which students of different levels of expertise get together to discuss computer security and practice the use of security tools.

If you are interested in participating, please send me an email.

Prospective PhD Students

The SecLab is a wonderful place to do top-notch research, and not only because our building is right in front of the ocean, walking distance from Campus Point, a great surfing spot.

The CSRankings website puts UCSB among the top five universities in Computer Security.

A recent study about the authors who publish the most in the top four conferences in security (i.e., the IEEE Symposium on Security and Privacy, the USENIX Security Symposium, the ACM Computer and Communications Security Conference (CCS), and the Network and Distributed Systems Symposium (NDSS)) shows that the SecLab directors hold two of the top three positions in the ranking (as a side note, a publication count that includes even more conferences can be found here.)

If you are interested in becoming a PhD student under my supervision, please first of all apply to the Computer Science Graduate Program. Please keep in mind that the competition is steep, and usually the SecLab accepts only a few applicants every year.


We accept a few interns every year. Interns usually come for a six-month period. We are particularly interested in students who are finishing their undergraduate studies, are passionate about security, and want to have a research experience.

We also welcome students who are doing their graduate studies elsewhere and want to experience a different research environment.

If you are interested in visiting as an intern, please contact me directly.