I received my B.S. in Network Technology from Montana Tech which gave me a strong background in networking. One of the things that interested me was how to create networks that remain resilient to misbehaving participants. With a cursory understanding of secure protocols, I decided to enroll in the Masters of Informatics program at UNLV with a focus specifically on network security. 2 years later, I received my M.S. and had a strong understanding of the state of the art in secure protocols and how they were used in modern networks.
Even with the extensive knowledge I received from my degrees, I wanted to learn how to actually advance the state of the art and critically analyze other advancements in security. This led me to the PhD program at Indiana University, which has several excellent research groups focusing specifically on various branches of information security (cryptography, systems security, usable security, privacy, etc).
My first two years at IU were filled with a wide breadth of security courses covering cryptography, applied systems security, and the economics of information security. Several of these courses were taught using a seminar format where we analyzed and critiqued state of the art research from recent conferences at a rate of 3-4 papers per week. Even though reading and reviewing so many papers was exhausting, it gave me the ability to critically analyze modern information security research and separate useful findings from the results of questionable methods.
During the first year and a half I conducted usable security research with Professor Camp and a senior PhD student. This led to my first first publications at IU focused on Android permissions notifications and Facebook privacy.
During my 4th semester I returned to my core interest when I began research on security vulnerabilities in OpenFlow (a new protocol for programming network hardware) as part of a DARPA grant Professor Camp received to examine the security of next generation networks. The resulting short paper from this work was a high-level summary of the classes of vulnerabilities OpenFlow faces and is my most frequently cited work.
Continuing on the DARPA grant, I developed a framework we named "Bongo" to react to updates from BGP (the protocol that controls traffic paths on the Internet). This was used in research we conducted on preventing IP spoofing and preventing data exfiltration. This BGP work makes up the bulk of my dissertation titled "Securing the Internet Control Plane".
After I graduate I plan to continue working in industry for the foreseeable future. Despite not continuing in academia, the skills I gained from the PhD program are valuable in any organizations on the cutting edge of a field. Developing new technologies requires research skills to objectively evaluate designs and prototypes.
For anyone interested in information security research, I highly recommend the graduate program at IU. The breadth and depth of the security knowledge of the faculty is outstanding and conducting research with them will put you on the forefront of advancements in the field.
Kevin Bendon, Ph.D. Graduate 2017