Studying Security at Columbia

Columbia University has one of the top security research departments anywhere. There are four faculty members -- myself, Angelos Keromytis, Tal Malkin, and Sal Stolfo -- whose primary focus is security; there is also a research scientist, Moti Yung, who works on security.

PhD
MS
Undergraduate or Graduate Independent Study
Internships
Admission Chances
  

PhD

I'm frequently asked if I'm admitting new PhD students. The answer is yes, I am; I very much want to work with students. But..

But? Unfortunately, I can only admit one or two new students per year; I just don't have the funding to support more people. Even when funding isn't an issue (that happens on occasion), there's my time to consider: if I have too many students, I can't devote enough time and attention to any of them. I am definitely not admitting anyone for January 2010; I have not yet decided if I will admit anyone for January 2011. And if I do, remember that each year, about 50 applicants to the PhD program indicate an interest in security.

I am working on a number of projects, focusing primarily on security for large-scale systems. This covers a wide range of topics, including routing security, security for system administration, privacy, usability, and mobile ad hoc networks.

Before you apply, think carefully about which faculty members have interests that match yours. Most of my work is rather practical; if your interests are in proving theorems, I'm probably not the best choice of advisor.

If you're interested in working with me on a PhD, apply here. Make sure you check my name and/or an interest in security. If you do that, I promise I'll read your application. But reading and evaluating applications is a difficult, painful, and time-consuming business; I can't review resumes ahead of time. Repeat: I cannot and will not evaluate your resume, CV, etc., ahead of time. It's not worth your while to send these to me. Please note the department's admissions deadlines.

MS

MS students are encouraged to participate in research. This can be done directly on a faculty member's project, or it can be done as an independent study project as COMS E6901. I'm willing to supervise such projects; see below.

Funding is more problematic. There are MS graduate research assistants in the department; except under extremely unusual circumstances, I will not offer such a position to an incoming MS student. I simply do not have the funding. Come here, take a course or two from me; after that, we can talk about specific projects. Again, I am not making any promises about money.

There is an MS track in Computer Security; see http://www.cs.columbia.edu/education/ms/computerSecurity. For admissions information, see http://www.cs.columbia.edu/education/admissions#ms.

I have no way of knowing who might qualify for admission to the MS program.

Undergraduate or Graduate Independent Study

I'm happy to supervise student research, generally as COMS W3902 or COMS W4901 for undergraduates or COMS W4901 or COMS W6901 for graduate students. If you're interested in working on a project, come talk to me first. You have to be self-motivated and have some idea of the field you're interested in working in.

I strongly urge you to read Brian Kernighan's excellent advice on independent study projects before you approach me or any other faculty member.

Please note the following requirements from the W6901 description, which I think should apply to any of these courses:

Before registering, the student must submit a written proposal to the instructor for review. The proposal should give a brief outline of the project, estimated schedule of completion, and computer resources needed. Oral and written reports are required.

Internships

I do not hire undergraduates from other schools as summer interns. Don't bother sending me your CV; I won't read it.

Admission Chances

Per the above, I cannot predict anyone's odds of admission, nor will I try. If you ask me that question, at best you'll receive a pointer to this answer; more likely, I'll delete your mail without bothering to reply. (If I were nasty, I'd reply asking you why I should bother admitting someone who doesn't take the trouble to read my web page on the subject; fortunately, I'm usually not that nasty.)

smb home

Updated 12 Feb 14