David Barrera is an assistant professor at Polytechnique Montréal doing research in computer and network security. He was previously a visiting scientist at IBM Research in Zürich and a postdoctoral researcher in the Network Security Group at ETH Zürich. David received his Ph.D. from Carleton University in Ottawa, Canada, where he did research on securing de-centralized software installation and updates.
I obtained a B.Eng (Honours) in Electronic Systems Engineering from the Tecnológico de Monterrey (Mexico City Campus) in December 2006. After that, I obtained a graduate diploma in Information Security as well as miscellaneous IT certifications while I worked for Cisco Systems in Mexico City.
Industry turned out to not be a good fit for me at the time, so in 2007 I moved to Ottawa to pursue a Masters degree in Computer Science at Carleton University. I was fortunate to be advised by Dr. Paul van Oorschot. During my Masters, I developed data visualization systems for network security, exploring ways to add IPv6 support to IPv4-only visualization tools. I graduated in August 2009.
In 2010, I started my Ph.D., again under supervision of Dr. van Oorschot but changed research directions. My research proposed OS-level mechanisms (ideally transparent to the user) for improving the security of software installation and software updates, focusing on Android. I also worked on a few side-projects involving password management, mobile anti-virus, and full disk-encryption on Android. In May 2014, I completed my Ph.D.
Shortly after completing my Ph.D., I moved to Zurich to become a postdoc in the Network Security Group at ETH. There, I worked with Dr. Adrian Perrig on building new security tools, protocols, and defenses on top of the SCION future Internet architecture. After completing a 2 year postdoc at ETH, I spent almost a year as a visiting scientist at IBM Research in Zurich. At IBM, I began research on IoT security.
As of August 2017, I’m an assistant professor at Polytechnique Montreal.
Things I’ve Built
The Android Observatory. Daniel McCarney and I set up and maintained The Android Observatory, which is a public resource for Android application metadata. Users submit their APKs to the Observatory where we extract all app metadata (permissions, signing information, version, UID), store it, and cross-reference it with other apps. For example, you can find all apps signed by Google, or show all the permissions requested by Facebook v188.8.131.52.8. Development and maintenance of the Android Observatory was taken over by Ilja Gerhardt in October 2017.
SCION on Mininet. I co-developed and maintained the infrastructure necessary to run SCION on the Mininet network virtualization engine. This is currently the easiest way to experiment with the SCION future Internet architecture, and allows fine-tuning the network topology. The code is available on the SCION Github repo.
- I speak English, Spanish, and French. I was lucky to be raised speaking the first two languages, and learned the third while living in Brussels when I was young.
- I’m fortunate to have a job that allows me (or sometimes forces me) to travel. My most recent trips were to: Montreal, Geneva, Tokyo, and Ottawa. I’ve logged 100+ flights since 2013. Here’s an interactive map of those flights.