Audrey Randall

About Me

I am a PhD student at the University of California San Diego (UCSD), working with Aaron Schulman, Geoff Voelker, and Stefan Savage. My research interests include security, privacy, systems and networking. Outside of work, I enjoy distance running, rock climbing, and ceramics.


L. F. DeKoven, A. Randall, A. Mirian, G. Akiwate, A. Blume, L. K. Saul, A. Schulman, G. M. Voelker, S. Savage, “Measuring Security Practices and How They Impact Security,” In Proc. ACM Internet Measurement Conference, 2019, (in press).

A. Randall, J. Klingner, and N. Correll, “Simulating Chemical Reactions using a Swarm of Miniature Robots,” In Proc. 14th Conference on Simulation of Adaptive Behavior, 2016, pp. 305-316.

Current Projects

Stalkerware Detection

"Stalkerware" is spyware that can be used to remotely track a victim's location, communications, and/or browsing activity. It is particularly dangerous and difficult to defend against when used in the context of intimate partner violence, or IPV. The ubiquity of smartphones has made it easy even for someone with no technical skills to perform surveillance of a device that they have access to. In the context of IPV, abusers often have physical access to the devices of their partners, and either know or can coerce the passwords to those devices. With such unrestricted access, an abundance of surveillance options exist, whether the goal is to track location, remotely block incoming calls or messages, record all communications, monitor browsing history, or lock a survivor out of their accounts. Very little information exists regarding the prevalence of stalkerware in the wild, so the goal of this work is to measure how much of this spyware is in use today.

Network Hygiene

Common security advice includes injunctions such as "Update your operating system," "run antivirus," and "change your passwords frequently." However, there isn't much information available about if this advice actually lowers a user's chances of getting infected by malware. Working with a unique network vantage point, we are attempting to measure the correlations between user behaviors and infection rates to see what behavioral factors are actually likely to get you owned online.

Past Projects

Censorship Circumvention in China

I worked with Prof. Eric Wustrow at University of Colorado Boulder to create a tool called Metis that could predict which websites a user visited were likely to be censored, so that it could route only those websites through a censorship circumvention tool, and connect to the others directly. The idea was that circumvention tools are usually slow, because they connect to EVERY website through circuitous routes, not just the ones that would get blocked. Metis could also collect aggregate information about which websites were blocked, to give the research community a better idea of which sites get censored where. I implemented differential privacy (Google's RAPPOR) to protect user privacy. This project was never deployed, but I learned a lot in the process.