Eric Osterweil's Homepage

Dr. Eric Osterweil An alumnus of UCLA's Internet Research Lab (IRL) email: eoster@cs.ucla.edu Thesis Topic: Measurable Security: a New Substrate for DNSSEC GPG Key

---

About me:

I have a Ph.D. in Computer Science and am an alumnus of the

My dissertation research focused on Internet-scale security systems. In particular, I focused on securing the Domain Name System (DNS) via non-cryptographic enhancements to DNSSEC's key learning and verification design, and began applying my data verification techniques to the security needs of other systems (such as the Border Gateway Protocol, BGP).

I worked at various companies for about 8 years after graduating from The Johns Hopkins University, before returning to school. You can see full details in my CV.

My favorite quote reminds me of the road researchers need to walk.
"Wisdom ceases to be wisdom when it becomes too proud to weep, too grave to laugh, and too selfish to seek other than itself."
-- Kahlil Gibran

• SecSpider - The first (and largest) DNSSEC deployment monitoring project and pilot DNSKEY learning and verification site.
• Vantages - A software suite to enhance DNSSEC through: peer-to-peer DNSKEY verification, an extensible DNSSEC-aware DNS C++ library, dnsfunnel to illustrate DNSSEC's PMTU problem, and more...
• lbsh (Pound-Shell) - A unix shell monitor that tracks all of the experimental data provenance of the commands you type and the files used and generated so you can reproduce your experiments and results without having to recall all of the details used to generate them.
• BGP-Origins - defunct A site that allowed users to use their PGP keys to attest for BGP prefixes and the proper origin that announced them.

Experiments

Here are a couple of my favorite experiments to date. For an explanation of what these Dataset Derivation Graphs (DDGs) mean, see lbsh (Pound-Shell):