I am a Ph.D. student at The University of Texas at Austin advised by Prof. Hovav Shacham and in the SPARK Research Lab. My research currently focuses on the security of hardware video decoders and building out zero-knowledge proof technologies. My interests lie in privacy, systems security, cryptosystems, and formal methods.
I was an M.Eng. student at the MIT Media Lab's Digital Currency Initiative advised by Neha Narula. My thesis was on the privacy and auditability of distributed ledgers, and part of it was later published at NSDI. You can read my thesis here.
I also did my undergrad at MIT where I lived in Spanish House and had research opportunities on combining attribute-based encryption with proof-of-work under Prof. Shafi Goldwasser, and on improving SMT solver performance with program synthesis under Prof. Armando Solar-Lezama.
I have worked full time at Raytheon BBN Technologies, and interned at Trail of Bits (Winter '23), Cirrus Logic (Fall '21), Samsung Austin R&D Center (SARC) (Summer '19), Microsoft Research (Summer '18), Symantec (Summers '13 and '14), Secunetics (IAP '14), and Lockheed Martin (Summer '12).
Willy R. Vasquez, Stephen Checkoway, and Hovav Shacham. The Most Dangerous Codec in the World: Finding
and Exploiting Vulnerabilities in H.264 Decoders. In Usenix Security. Anaheim, California, 2023. [pdf][code]
Associated CVEs: CVE-2022-48434, CVE-2022-42850, CVE-2022-42846, CVE-2022-32939, and CVE-2022-3266.
Neha Narula, Willy Vasquez, and Madars Virza. Privacy-preserving Auditing on Distributed Ledgers. In NSDI. Renton, Washington, 2018. [pdf]
[H26Forge Tour] I presented H26Forge at BSidesDFW 2023! I describe how we found and exploited CVE-2022-32939, and provide details on how RLBox can be used to protect media parsing libraries. [Talk (TBD)][Slides]
My sandboxing code contributions were incorporated into Firefox 117!
Inject;Pwn;Repeat was a semi-finalist in the 2023 Austin Cyber 9/12 Competition. We
won best Decision Document!
I got my first CVE: CVE-2022-3266. Be sure to update your Firefox!
I attended Real World Crypto '19. Write up of my experience.
I attended NSDI '18.
I attended Real World Crypto '18.
I attended the DeepSpec Summer School '17 where I participated in the Coq Intensive and learned about formally verified systems
I attended PLMW@POPL '17 in Paris!
I attended Real World Crypto '17. It was awesome! Write up of my experience.
I participated in the 2014 Battelle CyberAuto Challenge
I was Vice President of the MAES Boston Professional Chapter.
I am co-founder of GraduatE ECE (GREECE) @ UT whose mission is to interact with ECE graduate students across labs and tracks and foster a sense of community within the UT Graduate ECE department. We host social events, industry events, and provide a voice to the administration on behalf of students' needs.
I am an MIT Arts Scholar interested in visualizing privacy leakages in everyday interactions, and exploring ways to visualize binary executions to get insights, similar to ..cantor.dust.. or DARPA's Cyber Grand Challenge.
More to come...