Bloomington, IN
47408 USA		 Christopher Soghoian Phone: +1 (812) 459-6903
Email: csoghoian AT gmail DOT com
Education: August 2006 - present
School of Informatics, Indiana University, Bloomington, IN, USA
Degree in Progress: PhD in Informatics, focus in cyber security, minor in law.

September 2003 - May 2005
Information Security Institute, The Johns Hopkins University, Baltimore, MD, USA
Degree: M.S. Security Informatics.

August 1999 - May 2002
James Madison University, Harrisonburg, Virginia, USA
Degree: B.S. Computer Science
Work
Experience:		 May 2008 - July 2008
Policy Intern
American Civil Liberties Union of Northern California, San Francisco, CA, USA.

February 2008 - June 2008
Technology Policy Fellow
Electronic Privacy Information Center, Washington, DC, USA.
  • Conduct privacy related public advocacy, research, and activism.
    •
September 2007 - present
Blogger
CNET/News.com Blog Network, San Francisco, California.
  • Publish a regular, widely-read weblog column on security, privacy and law related topics.
  • Regularly reach traffic numbers of 100,000+ hits per month.
    •
May 2007 - July 2007
Internship
DoCoMo Communications Laboratories Europe, Munich, Germany.
  • Researched methods for remotely fingerprinting wireless devices.
  • Invented, designed and implemented a secure and privacy preserving electronic payment system that permits third party delegation.
  • Invention submitted to European Patent Office.
    •
June 2006 - November 2006
Internship
Application Security Group, Google, Mountain View, California, USA.
  • Invented and designed a new anti-phishing tool. Submitted to US Patent Office.
  • Invented and designed a new model for mobile-phone based account verification. Submitted to US Patent Office.
  • Performed forensic analysis / reverse engineering on malicious software that threatened the company's advertising system through click fraud.
  • Studied log data to try and predict per-ip click-fraud via other indicators of malicious network activity (email spam, denial of service, etc).
  • Studied click-fraud from a game theoretic/incentive based perspective.
June 2005 - August 2005
Internship
Security Technology Group, Apple Computer, Cupertino, California, USA.
  • Proactively audited major OS components. Discovered a significant network-exploitable vulnerability, which was reported and escalated to the responsible developers.
  • Designed, developed and deployed a secure, fault tolerant and tamper evident logging infrastructure spread across multiple data-centers.
  • Designed, developed and optimized high-load network surveillance systems.
  • Worked on high-speed port scanning code for use on extremely large networks.
  • Developed tools to automate the forensic-evidence gathering process.
 May 2004 - August 2004
Internship
Global Security Analysis Lab, IBM Research, Zurich, Switzerland.
  • Research focused on Intrusion Prevention Systems.
  • Invented, designed and patented a 0-day virus/worm defense technique based on virtual machines.
  • Researched methods of intelligently responding to security attacks.
 July 2002 - August 2003
Unix System Administrator/Security Analyst
Ubizen -> Cybertrust -> Verizon Business, Leuven, Belgium.
  • Analysed suspect packets flagged by intrusion detection systems on clients networks for possible security issues.
  • Designed and created an easily configurable and robust multi-system monitor for a diverse network of 300+ hosts.
  • Detected and worked to eliminate bottlenecks in mission-critical applications used by the operations team.
Scholarships and Awards: Institute For Humane Studies: Humane Studies Fellowship. Awarded 2008.
America's Future Foundation College Blogger Contest. Third place, 2008.
Institute For Humane Studies: Hayek Fund Grant. Awarded 2007.
Hispanic College Fund: Google Graduate Scholarship. Awarded 2006, 2007.
GEM Graduate Engineering Fellowship. Awarded 2005.
Privacy Enhancing Technologies Symposium Stipend. Awarded 2005, 2006, 2007.
Half-tuition Scholarship, JHU Information Security Institute. Awarded 2003.
Usenix Security Student Stipend. Awarded 2003.
Charlottesville Rotary Club College Scholarship. Awarded 1998.
Publications: Christopher Soghoian, Oliver Friedrichs and Markus Jakobsson, The Threat of Political Phishing, Under Submission.

Christopher Soghoian and Imad Aad, Secure and Privacy Preserving Delegated Payments, Under Submission.

Markus Jakobsson and Christopher Soghoian, The Human Factor in Phishing, Under Submission.

Christopher Soghoian, Caveat Venditor: Technologically Protected Subsidized Goods and the Customers Who Hack Them. Northwestern Journal of Technology and Intellectual Property, Fall 2007.

Christopher Soghoian, Insecure Flight: Broken Boarding Passes and Ineffective Terrorist Watch Lists. First IFIP WG 11.6 working conference on Policies & Research in Identity Management (IDMAN 07), October 2007.

Christopher Soghoian, The Problem of Anonymous Vanity Searches. I/S: A Journal of Law and Policy for the Information Society, Winter 2007.

Patents: A Method or Apparatus for Managing a Server Process in a Computer System, A. Garg, K. Julisch, C. Soghoian, A. Tanner. IBM Research Zurich. (Pending)
User Activity Modeling For Account Authentication, C. Soghoian, E. Berls. Google. (Pending)
Anti-Phishing System and Method, C. Soghoian, K. Caine. Google. (Pending)
A Method For Secure and Privacy Preserving Delegated Payments, C. Soghoian, I. Aad. DoCoMo Euro Labs. (Pending)
Technical
Skills:
  • airport and transportation security
    		•
  • social engineering
    		•
  • Linux, Mac OS
    		•
  • protocol/application security analysis
    		•
  • anonymity preserving networks
    		•
  • RFID
    		•
  • applied cryptography
    		•
  • penetration testing
    		•
  • Perl, Java, Ruby
    		•
  • network security
    		•
  • anti-phishing technology
    		•
  • P2P Networks
    		•
  • click fraud defense and detection
    		•
  • ethical hacking
    		•