As a Technical Leader in the Advanced Security Initiatives Group at Cisco Systems, I work to identify and mitigate security weaknesses and vulnerabilities in Cisco products and services. I received my Ph.D. in Computer Science from the University of California, Davis where I studied under Hao Chen in the UC Davis Computer Security Lab. My research focus is computer security including privacy preserving technologies, censorship resistance, information flow security, and web security. Previously, I participated in work on evading network-based signature generation systems for polymorphic worms -- a line of work that I began during a brief stint in the the Computer Security Group at UC Santa Barbara under Giovanni Vigna. For more information on my research, please see my publication list.
Publications
The Security of NTP's Datagram Protocol. Aanchal Malhotra, Matthew Van Gundy, Mayank Varia, Haydn Kennedy, Jonathan Gardner, and Sharon Goldberg. In Proceedings of the 21st International Conference on Financial Cryptography and Data Security (FC 2017), Malta, April 2017.
[paper] [BibTeX]Multi-party Off-the-Record Messaging. Ian Goldberg, Berkant Ustaoglu, Matthew Van Gundy, and Hao Chen. In Proceedings of the Sixteenth ACM Conference on Computer and Communications Security (CCS), Chicago, IL, November 2009.
[paper] [slides] [BibTeX] [Errata]Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks. Matthew Van Gundy and Hao Chen. In Proceedings of the Sixteenth Annual Network & Distributed System Security Symposium (NDSS), San Diego, CA, February 2009.
[paper] [slides] [BibTeX]Feature Omission Vulnerabilities: Thwarting Signature Generation for Polymorphic Worms. Matthew Van Gundy, Hao Chen, Zhendong Su, and Giovanni Vigna. In Proceedings of the Twenty-Third Annual Computer Security Applications Conference (ACSAC), Miami, FL, December 2007.
[paper] [BibTeX]Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms. Matthew Van Gundy, Davide Balzarotti, and Giovanni Vigna. In Proceedings of the First USENIX Workshop on Offensive Technologies (WOOT), Boston, MA, August 2007.
[paper] [BibTeX]
Recent Talks
Complex Paths and Derelict Sentinels: software engineering underpinnings of recent NTP vulnerabilities. Invited Talk. Language-Theoretic Security (LangSec) IEEE Security & Privacy Workshop, San Jose, California, May 2016.
[video] [slides]Security Evaluation of NTP. Invited Talk. Linux Collaboration Summit, Lake Tahoe, California, March 2016.
[slides]
Teaching
- Winter 2011: ECS 60 Data Structures and Programming
- Spring 2011: ECS 40 Introduction to Software Development and Object-Oriented Programming
Acknowledgments
Any illustrations on this site were graciously created by Jessi, my dear wife.