DAVID J. MALAN 33 Oxford Street | Cambridge MA 02138 USA | +1-617-523-0925 malan@post.harvard.edu http://www.eecs.harvard.edu/~malan/ education HARVARD UNIVERSITY, SCHOOL OF ENGINEERING AND APPLIED SCIENCES 2002 - 2007 Doctor of Philosophy (Ph.D.), Computer Science. Research in cybersecurity and computer forensics, focused on detection of patterns in large datasets. Dissertation entitled "Rapid Detection of Botnets through Collaborative Networks of Peers." HARVARD UNIVERSITY, GRADUATE SCHOOL OF ARTS AND SCIENCES 2002 - 2004 Master of Science (S.M.), Computer Science. Research in sensor networks for emergency medical care. HARVARD COLLEGE 1995 - 1999 Bachelor of Arts (A.B.), cum laude, Computer Science. 3.9 of 4.0 GPA. Studies in micro- and macro-economics, corporate finance, statistics and probability theory, multivariate calculus, and linear algebra. service MIT EMERGENCY MEDICAL SERVICES 2003 - 2005 Emergency Medical Technician (EMT) Volunteer crew chief for MIT's ambulance service. Responded to medical and trauma calls throughout campus. startups DISKASTER(R) 2005 - Founder Started company that offers professional recovery of data from hard drives and memory cards as well as forensic investigations for civil matters. Website at http://www.diskaster.com/. CRIMSON TUTORS 2005 - 2007 Founder Started company that provides area students with academic tutors from Harvard and MIT. Managed all finances and oversaw 40 tutors. Sold in 2007. experience HARVARD UNIVERSITY, 2007 - FACULTY OF ARTS AND SCIENCES Lecturer on Computer Science Instructor for Harvard College's Computer Science 50: Introduction to Computer Science I, a course with 282 undergraduates and 23 teaching fellows. OFFICE OF THE MIDDLESEX DISTRICT ATTORNEY, 2005 SPECIAL INVESTIGATIONS DIVISION Forensic Investigator Assisted police and prosecutors with criminal investigations. Conducted forensic analyses of seized hardware. Recovered deleted and damaged data as evidence for trials. Drafted subpoenas. AIRCLIC INC. 2000 - 2001 Assistant Chief Technology Officer First technical hire of wireless startup, chaired by American Express's Harvey Golub and backed by $290M in class-B funding. Direct report to the firm's CTO. Headed company's Wireless Network Infrastructure department. Built company's software-development and product-management teams. Drafted and managed all patents. TUFTS UNIVERSITY 2001 - 2005 Adjunct Lecturer Instructor for Computer Science 15: Data Structures, a course with 82 undergraduates and 10 teaching assistants. HARVARD EXTENSION SCHOOL / HARVARD SUMMER SCHOOL 1998 - Lecturer Youngest instructor in school's history; hired to lecture while still an undergraduate. First instructor at university to podcast an entire course in audio and video formats, free of charge to public. Podcast ranked "best educational podcast" by Wired Magazine and frequently featured on iTunes, with over 10,000 subscribers; available at http://www.computerscience1.org/. languages C, C++, C#, CSS, DTD, HTML, Java, JavaScript, LISP, NesC, Perl, PHP, SQL, SVG, VBScript, XHTML, XML Schema, XPath, XQuery, and XSLT. English, Spanish, and Italian. articles "Sensor Networks for Emergency Response: Challenges and Opportunities." Konrad Lorincz, David J. Malan, Thaddeus R.F. Fulford-Jones, Alan Nawoj, Antony Clavel, Victor Shnayder, Geoff Mainland, Steve Moulton, and Matt Welsh. IEEE Pervasive Computing. October - December, 2004. conferences A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography. David J. Malan, Matt Welsh, and Michael D. Smith. First IEEE International Conference on Sensor and Ad Hoc Communications and Networks. Santa Clara, California. October 2004. Advanced Forensic Format: An Open, Extensible Format for Disk Imaging. Simson L. Garfinkel, David J. Malan, Karl-Alexander Dubec, Christopher C. Stevens, and Cecile Pham. Second Annual IFIP WG 11.9 International Conference on Digital Forensics. Orlando, Florida. January 2006. Podcasting Computer Science E-1. David J. Malan. 38th ACM Technical Symposium on Computer Science Education. Covington, Kentucky. March 2007. Scratch for Budding Computer Scientists. David J. Malan and Henry H. Leitner. 38th ACM Technical Symposium on Computer Science Education. Covington, Kentucky. March 2007. dissertation Rapid Detection of Botnets through Collaborative Networks of Peers. David J. Malan. Ph.D. Thesis. Harvard University, School of Engineering and Applied Sciences. Cambridge, Massachusetts. June 2007. journals Implementing Public-Key Infrastructure for Sensor Networks. David J. Malan, Matt Welsh, and Michael D. Smith. ACM Transactions on Sensor Networks. Volume 4, Issue 4. November 2008. posters CodeBlue: An Ad Hoc Sensor Network Infrastructure for Emergency Medical Care. David Malan, Thaddeus R.F. Fulford-Jones, Victor Shnayder, Breanne Duncan, Matt Welsh, Mark Gaynor, and Steve Moulton. Emerging Technology and Best Practices Seminar. Boston University. Boston, Massachusetts. May 2004. Quantitative Approaches to Software Security & Information Privacy. Rachel Greenstadt, David J. Malan, Stuart E. Schechter, and Michael D. Smith. National Science Foundation Cyber Trust Annual Principal Investigator Meeting. Newport Beach, California. September 2005. Quantitative Approaches to Software Security & Information Privacy. Rachel Greenstadt, David J. Malan, Stuart E. Schechter, and Michael D. Smith. National Science Foundation Cyber Trust Annual Principal Investigator Meeting. Atlanta, Georgia. January 2007. Vital Dust: Wireless sensors and a sensor network for real-time patient monitoring. Dan Myung, Breanne Duncan, David Malan, Matt Welsh, Mark Gaynor, and Steve Moulton. 8th Annual New England Regional Trauma Conference. Burlington, Massachusetts. November 2003. reports Crypto for Tiny Objects. David Malan. Harvard University Technical Report TR-04-04. January 2004. Low-Power, Secure Routing for MICA2 Mote. Breanne Duncan and David Malan. Harvard University Technical Report TR-06-04. March 2004. Summary Structures for XML. David Malan. Harvard University Technical Report TR-05-04. March 2004. talks A Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography. First IEEE International Conference on Sensor and Ad hoc Communications and Networks. Santa Clara, California. October 2004. CodeBlue: An Ad Hoc Sensor Network Infrastructure for Emergency Medical Care. International Workshop on Wearable and Implantable Body Sensor Networks. London, United Kingdom. April 2004. Exploiting Temporal Consistency to Reduce False Positives in Host-Based, Collaborative Detection of Worms. ACM Workshop on Recurring Malcode. Fairfax, Virginia. November 2006. Host-Based Detection of Worms through Peer-to-Peer Cooperation. ACM Workshop on Rapid Malcode. Fairfax, Virginia. November 2005. One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique. 6th Workshop on Privacy Enhancing Technologies. Cambridge, United Kingdom. June 2006. Podcasting Computer Science E-1. 38th ACM Technical Symposium on Computer Science Education. Covington, Kentucky. March 2007. Podcasting E-1: It's All About Access. Podcast Academy at Boston University. Boston, Massachusetts. April 2006. Rapid Detection of Botnets through Collaborative Networks of Peers. Final Oral Examination. Harvard University, School of Engineering and Applied Sciences. Cambridge, Massachusetts. May 2007. Scratch for Budding Computer Scientists. 38th ACM Technical Symposium on Computer Science Education. Covington, Kentucky. March 2007. Toward a Public-Key Infrastructure for Key Distribution in TinyOS Based on Elliptic Curve Cryptography. Qualifying Examination. Harvard University, School of Engineering and Applied Sciences. Cambridge, Massachusetts. November 2004. Toward PKI for Sensor Networks. BBN Technologies. Cambridge, Massachusetts. November 2004. workshops CodeBlue: An Ad Hoc Sensor Network Infrastructure for Emergency Medical Care. David Malan, Thaddeus Fulford-Jones, Matt Welsh, and Steve Moulton. International Workshop on Wearable and Implantable Body Sensor Networks. Boston, Massachusetts. April 2004. CodeBlue: An Ad Hoc Sensor Network Infrastructure for Emergency Medical Care. David Malan, Thaddeus Fulford-Jones, Matt Welsh, and Steve Moulton. International Workshop on Wearable and Implantable Body Sensor Networks. London, United Kingdom. April 2004. Exploiting Temporal Consistency to Reduce False Positives in Host-Based, Collaborative Detection of Worms. David J. Malan and Michael D. Smith. ACM Workshop on Recurring Malcode. Fairfax, Virginia. November 2006. Host-Based Detection of Worms through Peer-to-Peer Cooperation. David J. Malan and Michael D. Smith. ACM Workshop on Rapid Malcode. Fairfax, Virginia. November 2005. One Big File Is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique. Simson L. Garfinkel and David J. Malan. 6th Workshop on Privacy Enhancing Technologies. Cambridge, United Kingdom. June 2006. courses COMPUTER SCIENCE 50: 2007 - INTRODUCTION TO COMPUTER SCIENCE I Harvard College Introduction to the intellectual enterprises of computer science. Algorithms: their design, specification, and analysis. Software development: problem decomposition, abstraction, data structures, implementation, debugging, testing. Architecture of computers: low-level data representation and instruction processing. Computer systems: programming languages, compilers, operating systems. Computers in the real world: networks, security and cryptography, artificial intelligence, social issues. Assignments include extensive programming in the C language and PHP. COMPUTER SCIENCE 15: DATA STRUCTURES 2002 - 2005 Tufts University A second course in computer science. Data structures and algorithms are studied through major programming projects in the C++ programming language. Topics include linked lists, trees, graphs, dynamic storage allocation, and recursion. COMPUTER SCIENCE E-1: 1999 - UNDERSTANDING COMPUTERS AND THE INTERNET Harvard Extension School This course is all about understanding: understanding what's going on inside your computer when you flip on the switch, why tech support has you constantly rebooting your computer, how everything you do on the Internet can be watched by others, how your computer can become infected with a worm just by turning it on. Designed for students who use computers and the Internet every day but don't fully understand how it all works, this course fills in the gaps. Through lectures on hardware, software, the Internet, multimedia, security, privacy, website development, programming, and more, this course "takes the hood off" of computers and the Internet so that students understand how it all works and why. Through discussions of current events, students will also be exposed to the latest techologies. COMPUTER SCIENCE E-75: BUILDING DYNAMIC WEBSITES 2008 - Harvard Extension School Today's websites are increasingly dynamic. Pages are no longer static HTML files but instead generated by scripts and database calls. User interfaces are more seamless, with technologies like Ajax replacing traditional page reloads. This course teaches students how to build dynamic websites with Ajax and with Linux, Apache, MySQL, and PHP (LAMP), one of today's most popular frameworks. Students learn how to set up domain names with DNS, how to structure pages with XHTML and CSS, how to program in JavaScript and PHP, how to configure Apache and MySQL, how to design and query databases with SQL, and how to use Ajax with both XML and JSON. The course discusses issues of security, scalability, and cross-browser support. COMPUTER SCIENCE E-259: XML WITH JAVA 2004 - 2008 Harvard Extension School This course introduces XML as a key enabling technology in Java-based applications. Students learn the fundamentals of XML and its derivatives, including DTD, SVG, XML Schema, XPath, XQuery, XSL-FO, and XSLT. Students also gain experience with programmatic interfaces to XML like SAX and DOM, standard APIs like JAXP and TrAX, and industry-standard software like Ant, Tomcat, Xerces, and Xalan. The course acquaints students with J2EE, including JavaServer Pages (JSP) and Java Servlet, and also explores HTTP, SOAP, web services, and WSDL. The course's projects focus on the implementation and deployment of these technologies. COMPUTER SCIENCE S-1: 2003 - GREAT IDEAS IN COMPUTER SCIENCE WITH JAVA Harvard Summer School This course is an introduction to the most important discoveries and intellectual paradigms in computer science, designed for students with little or no previous background. We explore problem-solving methods and algorithm development using such high-level programming languages as Java and JavaScript. Students learn how to design, code, debug, and document programs using techniques of good programming style in a Linux-based environment. This course presents an integrated view of computer systems, from switching circuits and machine language through compilers and GUI design. We examine theoretical and practical limitations related to unsolvable and intractable computational problems, and the social and ethical dilemmas presented by such issues as software unreliability and invasion of privacy.