Bio sketch
I am with Carnegie Mellon University, as the Associate Director of the Information Networking Institute, where I also serve as a faculty. I am in addition a CyLab Systems Scientist, and have a courtesy faculty appointment in the Electrical and Computer Engineering department. I am Faculty Advisor for a number of INI programs: Master's of Information Technology-Information Security (MSIT-IS), Athens Master's of Information Networking, Pittsburgh/Silicon Valley Master's of Information Technology, and Master's of Information Security, Technology, and Management (MSISTM). I am also a core faculty in our Carnegie Mellon Usable Privacy and Security Doctoral Training Program, supported through an NSF IGERT grant.
I received a Diplôme d'Ingénieur (1999) from École Centrale de Lille, a Master's (2000) and a Ph.D. (2003) in Computer Science from the University of Virginia. In the final year (2002-2003) of my Ph.D., I was working at Nortel. I then spent two wonderful years (2003-2005) as a postdoctoral fellow in the School of Information at UC Berkeley, before joining Carnegie Mellon in July 2005. I was a faculty in residence for three years (2005-2008) in our research and education center in Japan, CyLab Japan, located in Kōbe, which remains one of my favorite cities.
Research overview
My research interest is in computer and information systems networks. Most of my work is at the boundary of systems and policy research, with a definitive slant toward security aspects.
More specifically, the projects that currently capture my (admittedly short) attention span are:
- Network security and its economics: Network security, in general, is in a rather dismal state (see: spam, worms, spyware), despite the fact that most security problems have relatively low-cost solutions (e.g., patching, stronger access control). I am interested in 1) understanding why, from an economic standpoint, people and corporations are seemingly either not investing enough in security, or investing in the wrong things, and 2) finding out if there are economic remedies that we, as a society, can use to improve this sad state of affairs. Behavioral economics as well as system design play a significant role in this cross-disciplinary work.
- Security and psychology: Making systems more secure has generally been at odds with what humans are good at; for instance, longer passwords are near-impossible to memorize, complex security policies are ignored and therefore useless, and so forth. This has resulted in large security meltdowns. Rather than treating human factors as a constraint in secure system design, we try to exploit what people are skilled at to make systems more secure. For instance, humans can very quickly recognize patterns, or make inferences from incomplete information. Our works in that space find applications in authentication applications, mobile payment systems, automated teller machines, to name a few.
- Incentive-compatible network topology design: Imagine you can design a network from scratch. How would you go about making sure that the interests of individual participants in your network are converging to the best outcome possible for the whole network? With the advent of overlay structures (not to mention things like ad-hoc networks), network designers are often faced with this question. I am working on devising analytical models to quantify the trade-offs involved. Game theory is an important inspiration behind this work.
- Information flow security: As the amount of available information is growing rapidly, attacks on the information flows (e.g., distributed censorship, poisoning of file-sharing networks, Google bombs...) become at least as serious a problem as attacks on the network infrastructure. I am trying to come up with analytical threat models through empirical network measurements and statistical analysis.
Other topics I have been involved in, and am still interested in, include building systems that better support service differentiation, or, to use 21st century terminology, that better cope with "network discrimination".
Courses taught
14-741/18-631: Introduction to Information Security
(F'05 (as 14-830), F'06, F'07, F'08,
F'09)
14-742: Security in Networked Systems
(S'06 (as 14-831),
S'07,
S'08)
14-813: Special Topics: Elements of Security in Networked Systems (M'09, in Japan)
14-709: Information Networking Thesis (Master's summer practicum,
M'06, M'07, M'08, M'09)
Selected publications
Jens Grossklags, Nicolas Christin, and John Chuang. Secure or Insure? A Game-Theoretic Analysis of Information Security Games. In Proceedings of the 17th International World Wide Web Conference (WWW'08), pages 209-218. Beijing, China. April 2008.
Hirokazu Sasamoto, Nicolas Christin, and Eiji Hayashi. Undercover: Authentication Usable in Front of Prying Eyes. In Proceedings of the 2008 ACM Conference on Human Factors in Computing Systems (CHI 2008), pages 183-192. Florence, Italy. April 2008.
Nicolas Christin, Andreas S. Weigend, and John Chuang. Content Availability, Pollution and Poisoning in Peer-to-Peer File Sharing Networks. In Proceedings of the Sixth ACM Conference on Electronic Commerce (EC'05), pages 68-77. Vancouver, BC, Canada. June 2005.
Nicolas Christin and John Chuang. A Cost-Based Analysis of Overlay Routing Geometries. In Proceedings of IEEE INFOCOM'05, vol. 4, pages 2566-2577. Miami, FL. March 2005.
Nicolas Christin, Jörg Liebeherr, and Tarek F. Abdelzaher. Enhancing Class-Based Service Architectures with Adaptive Rate Allocation and Dropping Mechanisms. In IEEE/ACM Transactions on Networking 15(3), pages 669-682. June 2007.
Press
Our Undercover project was featured on the CMU front page (January 14, 2008), in The Tartan (January 21, 2008), Dark Reading (February 5, 2008), Network World (February 8, 2008), PC World (February 10, 2008), and was "slashdotted" (February 8, 2008).
Recent professional service
I am/have been a program committee member for WEIS 2010, ACM EC'10, ACM SAC'09 (Information Security Research Track), ICEC'09, IEEE INFOCOM'07, IBC'06, ACM EC'06, and P2PECON'05, and I also routinely serve as a reviewer for a number of conferences and journals, including IEEE/ACM Transactions on Networking, IEEE Transactions on Parallel and Distributed Systems, IEEE Transactions on Mobile Computing...
In a former life, I have also been responsible for getting the ns-2/nam network simulator to compile and work natively under MS Windows/Cygwin. I have, however, since then, transferred maintenance to the ns-2 development team. (Questions about ns-2 should be directed to the ns-2 users mailing list; I regretfully do not have time to answer these queries anymore.)
Note
My web page has been trimmed down to the bare essentials. If you are looking for something you cannot find here, a copy of my old page is still available through the Internet Archive's Wayback machine.
