My research focuses on network security, with two particular areas of interest:

The Domain Name System (DNS) – after IP, DNS is the most critical protocol on the Internet, without which the Internet effectively stops working for most users. I explore the security of the DNS using large scale measurements and statistical analysis, for instance studying the effects of the deployment of the DNS Security Extensions (DNSSEC), both in the positive (added security) and the negative (larger potential for abuse in DDoS attacks) sense. DNS also plays an important role in other security issues on the Internet, such as botnets, phishing and malware.
Routing Security (RPKI) – much like other early core protocols of the Internet, the interdomain routing protocol BGP was not designed with security in mind. The Resource Public Key Infrastructure (RPKI) aims to remedy this by allowing resource holders to manage authorizations for their resources. Apart from having an interest in the gradual deployment of this technology on the global Internet, I am also interested in studying new applications that further enhance the security of the routing ecosystem.