I introduced a new UChicago class on the human factor in computer security and privacy, which enrolled 50 students in Spring 2017 and 55 students in Spring 2018.

I designed the course such that anyone who has completed UChicago's introductory CS sequence or equivalent should be able to keep up. It is cross-listed at both undergraduate and graduate level. The latter requires more substantial system-building and research components.

Course description: Regardless of how secure a system is in theory, failing to consider how humans actually use the system leads to disaster in practice. This course will examine how to design for security and privacy from a user-centered perspective by combining insights from computer systems, human-computer interaction (HCI), and public policy. We will introduce core security and privacy technologies, as well as HCI techniques for conducting robust user studies. Topics will include usable authentication, user-centered web security, anonymity software, privacy notices, security warnings, and data-driven privacy tools in domains ranging from social media to the Internet of Things. Students will complete weekly problem sets, as well as conduct novel research in a group capstone project. No prior experience in security, privacy, or HCI is required.

---

The schedule and syllabi for Spring 2018 and Spring 2017, including links to all readings, are available online.

David Cash, Ben Zhao, and I have redesigned, and are currently co-teaching, UChicago's Introduction to Computer Security class. The course is cross-listed at the undergraduate and graduate levels.

---

The schedule and syllabus for Autumn 2018 is available online.

I introduced a new UChicago graduate seminar on data-driven security and privacy, which enrolled 20 students in Winter 2018.

Course description: This seminar covers current topics related to data's role within security and privacy. These topics may include: tracking technologies and data marketplaces; how machine learning is used to make decisions related to security and privacy; anomaly detection; empirical experiments' impact on security and privacy; and the potential for helping users better understand how data is impacting their security and privacy.

---

The schedule and syllabus for Winter 2018 is available online.

I taught a section of CS 121, the first class in the introductory class sequence for students without prior programming experience.

Course description: This course is the first in a three-quarter sequence that teaches computational thinking and skills to students in the sciences, mathematics, economics, etc. The course will cover abstraction and decomposition, simple modeling, basic algorithms, and programming in Python. Applications from a wide variety of fields serve both as examples in lectures and as the basis for programming assignments. In recent offerings, students have written programs to simulate a model of housing segregation, determine the number of machines needed at a polling place, and analyze tweets from presidential debates.

---

The schedule and syllabi for Autumn 2018 and Autumn 2017 are available online.

I worked closely with my advisor, Lorrie Cranor, as teaching assistant and co-instructor of CMU's usable privacy and security course in both Spring 2014 and Spring 2015. This course covers the human factor in computer security and privacy, teaching students the methods for conducting human-subjects experiments and introducing them to the current literature in the field. Students also conduct group research projects on a current usable security and privacy topic. I gave many of the lectures for the course (e.g., nine of the lectures in Spring '15). I also wrote the homework assignments, helped design the syllabus/reading list, and mentored half of the project teams. The course enrolls 20-30 students, primarily at the doctoral and master's level.

---

Our Spring 2015 schedule and syllabus, including links to all readings, is available online. The Spring 2014 schedule and syllabus is also available.

I served as a teaching assistant for CMU's Secure Software Systems course in Spring 2015. This course covers attacks (buffer overflows, web attacks like XSS), yet focuses mainly on defenses for making software systems secure. These defenses include architectural solutions (e.g., trusted computing), language-based security (e.g., type systems and proof-carrying code), software analysis (e.g., static analysis, model checking), and run-time analysis (e.g., dynamic taint tracking). The other two TAs and I wrote and graded the assignments and exams, in addition to assisting students at office hours. I also gave a guest lecture on bounded model checking.

---

Our course schedule and syllabus for Spring 2015 is available online.

I was the lead instructor for this course, which provided an introduction to computer programming in Matlab, numerical methods, and problem solving for engineering students. Each fall, I had over 500 students in class; each spring, I had over 350 students. Yikes!

In the Spring of 2010, I developed and was the lead instructor for an honors seminar for nearly 20 first-year students in Rutgers' Honors Engineering program. We investigated and built our own home automation systems. From the most basic components available, we built solid state relays and control systems, which we connected to Matlab. Check out videos and photos of us at work. The students gave demos of our system for Rutgers Day, the Northern NJ JSHS, the NJ Governor's School, and the Engineering Honors Recruitment Lunch.