Skip directly to : top of page
Markus JakobssonI teach in a way that strives to enhance the creativity of my students, and allow them to incorporate the concepts taught in situations and settings of particular relevance to them. I also emphasize problem solving skills of the type that are valuable to future employers, and help improve communication skills. My approach increases the efforts required on the students -- for example, I typically do not use any textbook, but instead suggest some relevant reading, asking the class to suggest further material, reflecting the interests of the members of the class. However, I believe that this approach also fosters a feeling of self-confidence and independence that will be recognized and appreciated by employers. Here are some success stories supporting that this approach works.
Mona Gandhi (Masters student) took my phishing class (I-690, spring '06) and spent a significant effort understanding click-fraud and the use of social information in phishing. Together with one other graduate student and me, she wrote a paper showing how to successfully attack a score of online advertising schemes in a way that -- given the design of these schemes -- is very evidently not known in industry. The efforts may result in a patent publication, and most certainly in a scientific publication. Mona's passion for phishing, which involved going to professional meetings and conferences, also landed her a summer internship with an anti-spam company, and positioned her well for joining a PhD program, should she decide to.
Sid Stamm (PhD student) took a series of independent studies in which he got more and more immersed in security research, with a focus on developing countermeasures to phishing attacks. As a result of his efforts, Sid got an associate instructorship in the law school, got involved in consulting for a local lawfirm, and is now working part-time for the startup RavenWhite, all while starting to formulate the contents of his PhD thesis. Sid spent half a year at University of Wollongong (Australia) as a research associate, learning about digital rights management issues from their security group while bringing them up to speed with the work on phishing at Indiana University.
Jacob Ratkiewicz (PhD student) took my phishing class (I-690, spring '06), and focused his efforts on understanding how to design ethical experiments to measure the success level of phishing attacks. Our experimental work involving real eBay users has made quite a splash. Jacob has also been involved in click-fraud studies, and in work on novel techniques for malware detection. He consults for Chase Bank to help review their vulnerability to phishing, and has been invited to give a talk about phishing at the June '06 meeting of the Communication Fraud Control Association.
Sharat Kuppahally (Masters student) my took both my class on cryptographic protocols (I-400, fall '04) and my phishing class (I-690, spring '06), along with a series of independent studies in topics relating to security. He has experimented with and implemented several interesting new types of attacks that are what we believe the "next wave" of attacks we will witness on the Internet. Having gained insights of how things can fail, Sharat has also built a good understanding of how to build things so that they will be safe. He will benefit from these insights as a member of the payment team of Amazon, from which he received a competitive offer.