About Stefan's Work
Stefan Savage is a computer scientist using an interdisciplinary approach to address challenges to computer security and to counter cybercrime. In addition to identifying technological deficiencies, he contextualizes cybersecurity threats within much broader ecosystems, including underlying economic incentives and social structures contributing to vulnerabilities.
In early work, Savage created new strategies for defending against malware and what are known as distributed denial of service attacks (DDoS). To impede the spread of fast-acting worms, which can quickly compromise an entire network, he and colleagues devised a method for automatically measuring unusual data patterns and identifying worm signatures (or recurring strings of code) across a network. The growing prevalence of physical "smart" devices in our lives has made network cybersecurity an increasingly urgent priority. Savage and colleagues were the first to demonstrate the ability to hack an automobile remotely—including taking control over the engine and brakes and monitoring conversations taking place within the car. In addition to working with car manufacturers to mitigate the immediate security threats, Savage has also investigated how the idiosyncrasies of the automobile sector's supply chains give rise to, and hinder correction of, compromised car software. More recently, Savage and collaborators measured network-level interactions to characterize the value chain of internet-related crime. They identified a critical bottleneck for spam email campaigns and online counterfeit goods transactions: only a few banks accept the credit card transactions necessary for these online ventures to monetize their activities. These findings allowed the drug and credit card companies to disrupt the business models of several counterfeit drug rings to such an extent that they collapsed.
With deep insights into internet security and a commitment to tackling problems of immediate, real-world importance, Savage is playing a key role in shaping cybersecurity debates among computer scientists while also informing efforts to fight ongoing security threats posed by a variety of actors.
Stefan Savage received a B.S. from Carnegie Mellon University (1991) and a Ph.D. (2002) from the University of Washington. In 2000, he joined the faculty of the University of California at San Diego, where he is currently a professor in the Department of Computer Science and Engineering, co-director of the Center for Evidence-Based Security Research, and co-director of the Center for Networked Systems. His articles have been published in numerous conference proceedings, including those of the ACM Conference on Computer and Communications Security, ACM Transactions on Computer Systems, and IEEE Security and Privacy, among others.