My primary research interests are at the intersection of computer security, systems, applied machine learning and human-computer interaction. My research aims to improve the existing defense mechanisms for user authentication on personal devices through ecologically valid evaluations. I am interested in using cross-domain tools and techniques to understand the security and usability aspects of existing security systems, often involving human subjects. My recent work focuses on defending security and privacy of individuals on smartphones through usable and practical controls for user to device authentication. I have published at prestigious venues including ACM MobiCom, ACM CCS, ACM MobiSys, and ACM CHI. Some of my research work has been featured by The Globe and Mail, MSNBC, Bruce Schneier's blog, and New Scientist.