Curriculum Vitae

University of Michigan, Ann Arbor, MI
Ph.D., Computer Science
University of Michigan, Ann Arbor, MI
Master of Engineering, Computer Science
University of Michigan, Ann Arbor, MI
Bachelor of Engineering, Computer Science
Conference Publications
Tracking Certificate Misissuance in the Wild
Deepak Kumar, Zhengping Wang, Matthew Hyder, Joseph Dickinson, Gabrielle Beck, David Adrian, Zakir Durumeric, J. Alex Halderman and Michael Bailey
IEEE Symposium on Security and Privacy (Oakland), May 2018.
Measuring small subgroup attacks against Diffie-Hellman
Luke Valenta, David Adrian, Antonio Sanso, Shaanan Cohney, Joshua Fried, Marcella Hastings, J. Alex Halderman, and Nadia Heninger
Network and Distributed System Security Symposium (NDSS), February 2017.
An Internet-Wide View of ICS Devices
Ariana Mirian, Zane Ma, David Adrian, Matthew Tischer, Thasphon Chuenchujit, Tim Yardley, Robin Bertheier, Josh Mason, Zakir Durumeric, J. Alex Halderman, and Michael Bailey
IEEE Conference on Privacy, Security, and Trust (PST), December 2016
DROWN: Breaking TLS using SSLv2
Nimrod Aviram, Sebastian Schinzel, Juraj Somorovsky, Nadia Heninger, Maik Dankel, Jens Steube, Luke Valenta, David Adrian, J. Alex Halderman, Viktor Dukhovni, Emilia Käsper, Shaanan Cohney, Susanne Engels, Christof Paar, and Yuval Shavitt
USENIX Security Symposium, August 2016.
Internet Defense Prize Finalist.
Neither Snow Nor Rain Nor MITM… An Empirical Analysis of Email Delivery Security
Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Kurt Thomas, Vijay Eranti, Nicholas Lidzborski, Elie Bursztein, Michael Bailey, and J. Alex Halderman
ACM Internet Measurement Conference (IMC), October 2015.
IRTF Applied Networking Research Prize.
Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice
David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, and Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin and Paul Zimmermann
ACM Conference on Computer and Communications Security (CCS), October 2015.
Best Paper Award.
Performance and Energy Consumption Analysis of a Delay-Tolerant Network for Censorship-Resistant Communication
Yue Liu, David R. Bild, David Adrian, Gulshan Singh, Robert P. Dick, Dan S. Wallach, and Z. Morley Mao
ACM International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), June 2015.
The Matter of Heartbleed
Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicolas Weaver, David Adrian, Vern Paxson, Michael Bailey, and J. Alex Halderman
ACM Internet Measurement Conference (IMC), November 2014.
Best Paper Award.
Workshop Publications
Zippier ZMap: Internet-Wide Scanning at 10 Gbps
David Adrian, Zakir Durumeric, Gulshan Singh, and J. Alex Halderman
USENIX Workshop on Offensive Technologies (WOOT), August 2014
Program Committees
PC Member
  • USENIX Workshop on Offensive Security (WOOT)
  • BlackHat USA Guest Review Board
    2018, 2019

Fixing OCSP for Fun and Profit
USENIX Security Rump Session, August 2016 [pdf] [key]
A Retrospective on the Use of Export Cryptography
BlackHat USA, August 2016. [pdf] [key]
F**k It, Let's Do It Wide! Security Applications of Internet-Wide Scanning
Eastern Michigan University, February 2016. [pdf] [key]
Imperfect Forward Secrecy
Hushcon, December 2015. [pdf] [key]
A Search Engine Backed by Internet-Wide Scanning
CCS, October 2015. [pdf] [key]
Were It So Easy: TLS in the Real World
Duo Tech Talk, July 2015. [pdf] [key] [YouTube]
ARBSEC a2y.asm, September 2015. [pdf] [key]
Zippier ZMap: Internet-Wide Scanning at 10 Gbps
WOOT, August 2014. [pdf] [pptx]
Relevant Experience
Google, Mountain View, CA
Software Engineering Intern
  • Implemented OCSP Expect-Staple in order to begin measuring the feasibility of OCSP Must-Staple.
Summer 2016
Duo Security, Ann Arbor, MI
Software Engineering Intern
  • Offered two-factor authentication-as-a-service, using mobile phones as the second authentication factor and push noti cations for login approval.
  • Grew various Python backend subsystems to support new features; handled all bugs, feature requests, and security considerations for the Duo Unix client.
  • Wrote a patch for OpenSSH to securely allow third-party authentication plugins
Summer 2013
Whisper Project, University of Michigan
Undergraduate Research with Professor Robert Dick
  • Developed an Android framework (MANES) for testing feasibility, routing protocols, and location profi le systems of large-scale mobile ad hoc networks that could be used for censorship-resistant communication.
  • Built Shout, a user-friendly censorship-resistant communication Android application on top of MANES.
  • Managed and led student software development teams.
  • Resulted in a publication at MobiHoc 2015.
CAEN, University of Michigan College of Engineering
Network Technician
  • Maintained over 700 wireless access points for the College of Engineering campus.
  • Transitioned printing system from CAEN control to campus-wide IT department.
  • Diagnosed and performed network troubleshooting as needed.
Teaching Experience
EECS 388: Introduction to Computer Security
  • Undergraduate course on computer security.
  • Cotaught with Professor Halderman and Professor Honeyman.
Fall 2016
EECS 388: Introduction to Computer Security
Graduate Student Instructor (GSI)
  • Undergraduate course on computer security.
  • Lead a weekly discussion section, and guest-lectured when the instructor was unavailable.
  • Head GSI; organized other teaching assistants.
Fall 2015
EECS 588: Advanced Computer Security
Graduate Student Instructor (GSI)
  • Graduate course on computer security research.
  • Guest-lectured when the instructor was unavailable, and continued the tradition of guest-lecturing on cryptography for the first class of the semester.
  • Advised students on class research projects.
Winter 2015
EECS 281: Introduction to Algorithms
Instructional Aide (IA)
  • Introductory course on algorithms, taught in C++. Covered runtime complexity, sorts, trees, heaps, and basic search and graph algorithms.
  • Held a weekly discussion section to reinforce concepts introduced in lecture.
  • Held weekly office hours for help with concepts and projects.
Winter 2014
EECS 280: Programming and Data Structures
Instructional Aide (IA)
  • Introductory course on data structures, taught in C++. Covered recursion, pointers, structs and classes, inheritance and dynamic memory
  • Held a weekly lab section where students coded examples based on content from the week’s lectures.
  • Held biweekly office hours for help with concepts and projects
Fall 2013
Leadership, Service, and Honors
Best Paper Award
  • 22nd ACM Conference on Computer and Communications Security (CCS 2015)
    • Awarded for “Imperfect Forward Secrecy”
  • 14th ACM Internet Measurement Conference (IMC 2014)
    • Awarded for “The Matter of Heartbleed”
Pwnie Award
  • Best Crypto Attack, Black Hat 2015
    • SSLv2 Crypto Attack (DROWN)
  • Most Innovative Research, Black Hat 2016
    • Logjam
IRTF Applied Networking Research Prize (ANRP)
  • Awarded for “Neither Snow Nor Rain Nor MITM…”
Facebook Internet Defense Prize
  • Finalist with “DROWN: Breaking TLS using SSLv2”, did not win.
Erdos Number: 3
  • David Adrian – Paul Zimmerman – Peter Montgomery – Paul Erdos