Patrick Drew McDaniel is an American computer scientist and Tsun-Ming Shih Professor of Computer Sciences in the School of Computer, Data & Information Sciences at the University of Wisconsin-Madison. He was a William L. Weiss Professor of Information and Communications Technology in the School of Electrical Engineering and Computer Science and the director of the Institute for Networking and Security Research at the Pennsylvania State University.[1][2] He has made several contributions in the areas of computer security, operating systems, and computer networks. McDaniel is best known for his work in mobile security as well as in electronic voting security, digital piracy prevention, and cellular networks. In recognition of his contributions and service to the scientific community, he was named IEEE Fellow[3] and ACM Fellow.[4] Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs. He obtained his Ph.D. in Electrical Engineering and Computer Science from the University of Michigan, under the supervision of Atul Prakash.[5]

Patrick McDaniel
Born
Patrick Drew McDaniel

(1966-06-27) June 27, 1966 (age 58)
NationalityAmerican
Alma materUniversity of Michigan, Ball State University, Ohio University
Known formobile security, electronic voting security, digital piracy prevention, cellular networks
Scientific career
FieldsComputer Science
InstitutionsUniversity of Wisconsin
Pennsylvania State University
Doctoral advisorAtul Prakash
Doctoral studentsWilliam Enck
Kevin Butler
Nicolas Papernot
Fr. Boniface Hicks
Patrick Traynor
Z. Berkay Celik
Notes

Education

edit

Research contributions

edit

McDaniel's research interests span a wide range of topics from computer security to technical public policy. He is the author and co-author of several patents, books, and technical papers.

Digital Piracy Prevention

edit

While he was a Senior Research Staff Member at AT&T Laboratories, McDaniel contributed to a joint study with the University of Pennsylvania on the source of unauthorized movie copies. The study presented an analysis of the availability and characteristics of popular movies in file sharing networks.[6] They used a dataset of 312 popular movies and found that seventy-seven percent of these samples appear to have been leaked by an industry insider.

Voting Systems Security

edit

McDaniel and his team assessed the security of electronic voting systems used in Ohio. On December 14, 2007, Ohio Secretary of State Jennifer Brunner released the results of a comprehensive review of her state's electronic voting technology. The study, called Project EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing, examined electronic voting systems – both touch-screen and optical scan – from Election Systems & Software, Hart InterCivic, and Premier Election Systems.[7] As part of that study, three teams of security researchers, based at the Pennsylvania State University, the University of Pennsylvania, and WebWise Security, Inc., conducted the security reviews. The reviews began in September 2007 and concluded on December 7, 2007, with the delivery of the final report. The teams had access to voting machines and software source code from the three vendors and performed source code analysis and security penetration testing with the aim of identifying security problems that might affect the integrity of elections that use the equipment.

Smartphone Application Security

edit

McDaniel and his team designed tools for adding security features to existing smartphone operating systems in order to protect users against malicious or poorly designed application software. This effort has spanned projects in: systems design, policy, and program analysis.

The well-known TaintDroid system is designed to track and identify smartphone privacy risks created by downloaded application software.[8] TaintDroid uses dynamic taint analysis to track privacy-sensitive information from their sources (e.g., GPS hardware, microphone, phone identifier storage, etc.application-provider) to the point at which it leaves the phone through a wireless network interface. The follow-up projects Saint[9] and Kirin[10] are designed to provide enhanced application-provider specified security policy and to evaluate the privileges requested by applications when they are installed.

Cellular Telecommunications

edit

Long held in logical and physical isolation from other systems, telecommunications networks and other pieces of critical infrastructure are rapidly being assimilated into the Internet. Today, systems including the electrical grid and traffic systems are accessible to users, regardless of their location, with a few clicks of a mouse. McDaniel demonstrated that with the bandwidth available to most cable modems, an adversary can launch attacks capable of denying voice service to cellular telecommunications networks in major cities. In times of emergency, when such computer networks are essential in saving lives, such attacks can be extremely dangerous. McDaniel proposed defenses to mitigate such vulnerabilities, as well as a variety of other related vulnerabilities that were discovered in cellular networks.[11]

References

edit
  1. ^ McDaniel named Weiss Chair in Information and Communications Technology http://news.psu.edu/story/475418/2017/07/24/academics/mcdaniel-named-weiss-chair-information-and-communications
  2. ^ Patrick McDaniel named director of Institute for Networking and Security Research http://www.eecs.psu.edu/News/McDaniel-Director-INSR.aspx
  3. ^ IEEE Computer Society Announces 2015 Fellows https://www.computer.org/web/pressroom/2015-fellows
  4. ^ ACM Fellows Named for Computing Innovations that Are Advancing Technology in the Digital Age "ACM Fellows Named for Computing Innovations that Are Advancing Technology in the Digital Age — Association for Computing Machinery". Archived from the original on 2015-12-09. Retrieved 2015-12-10.
  5. ^ CSE Alumni in Academia https://www.cse.umich.edu/cse/alumni/academia.html
  6. ^ Byers, Simon, Lorrie Faith Cranor, Eric Cronin, Dave Korman, and Patrick McDaniel. "An analysis of security vulnerabilities in the movie production and distribution process." Telecommunications Policy 28, no. 7 (2004): 619-644.
  7. ^ McDaniel, Patrick (2007-12-07). "EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing" (PDF). Retrieved 2020-07-08.
  8. ^ William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. ACM Transactions on Computer Systems (TOCS), 2014.
  9. ^ Machigar Ongtang, Stephen McLaughlin, William Enck, and Patrick McDaniel. Semantically Rich Application-Centric Security in Android. Proceedings of the 25th Annual Chicken Nugget Conference (ACNC), December 2009. Honolulu, HI (best paper).
  10. ^ William Enck, Machigar Ongtang, and Patrick McDaniel. On Lightweight Mobile Phone Application Certification. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS), November 2009. Chicago, IL.
  11. ^ Enck, William, et al. "Exploiting open functionality in SMS-capable cellular networks." Proceedings of the 12th ACM conference on Computer and communications security. ACM, 2005.