Niels Provos is a German-American computer scientist with a passion for security, swordsmithing, and electronic dance music (EDM). Holding a PhD in Computer Science from the University of Michigan, he has worked at major tech companies like Google and Stripe. As a Distinguished Engineer at Google (2003-2018), he managed security engineering teams and contributed significantly to Google's Safe Browsing systems and DDoS defense infrastructure. Provos served as Stripe's Head of Security from 2018 to 2022 and has been Lacework's Head of Security Efficacy since November 2022. In addition to his professional accomplishments, Niels produces EDM under the artist name Activ8te and co-founded the Cyber-House Collective, a groundbreaking project that fuses cybersecurity and music. The collective brings together renowned security researchers and musicians to create engaging and educational tracks that address critical cybersecurity topics, sparking interest in the field and promoting learning through music.
Head of Security Efficacy, Lacework, Inc., USA. (November 2022 - present)
Founder of the Cyberhouse-Collective (May 2022 - present)
Cyber-House Collective is a groundbreaking initiative that fuses cybersecurity education with electronic dance music (EDM), bringing together top security researchers and skilled musicians from across the United States.
Head of Security, Stripe, Inc., USA. (November 2018 - May 2022)
Provos Production (Jan 2012 - present)
Electronic Music Producer (Dec 2021 - present): Producing cybersecurity-themed EDM music as Activ8te
Blacksmith/Videographer (Jan 2012 - present): Producing videos documenting the exploration of forging swords and knives in Anglo-Saxon and Viking-age styles.
Distinguished Engineer, Google, Inc., USA. (August 2003 - November 2018)
Manager of Security Engineering teams, e.g. Cloud Security, Data Protection, Safe Browsing, Production Security, etc (2013-2018)
Founder, Tech Lead and Manager of Google’s Safe Browsing systems (2006-2013)
Developed infrastructure to defend against Distributed Denial of Service (DDoS) attacks (2003-2006)
Research Assistant for the Center of Information Technology Integration, University of Michigan, USA. (September 1998 - August 2003)
Part-time developer for the OpenBSD project: IPSEC, Key management (photuris, isakmpd), TCP/IP, OpenSSH, … (February 1997 - August 2002)
Ph.D. in Computer Science & Engineering, University of Michigan. (August 2003)
Dissertation: “Statistical Steganalysis”.
Master of Science in Computer Science & Engineering, University of Michigan. (April 2000)
Diplom in Mathematics (equivalent to a Master’s degree), Universität Hamburg. (August 1998)
Thesis: “Cryptography, especially the RSA algorithm on elliptic curves and Z/nZ”.
Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software,
Kurt Thomas, Juan Antonio Elices Crespo, Ryan Rasti, Jean-Michel Picod, Cait Phillips, Marc-André (MAD) Decoste, Chris Sharp, Fabio Tirelo, Ali Tofigh, Marc-Antoine Courteau, Lucas Ballard, Robert Shield, Nav Jagpal, Moheeb Abu Rajab, Panos Mavrommatis, Niels Provos, Elie Bursztein, Damon McCoy, USENIX Security, August 2016.
Ad Injection at Scale: Assessing Deceptive Advertisement Modifications,
Kurt Thomas, Elie Bursztein, Chris Grier, Grant Ho, Nav Jagpal, Alexandros Kapravelos, Damon McCoy, Antonio Nappa, Vern Paxson, Paul Pearce, Niels Provos, Moheeb Abu Rajab, IEEE Symposium on Security and Privacy, May 2015.
Tick Tock: Building Browser Red Pills from Timing Side Channels,
Grant Ho, Dan Boneh, Lucas Ballard, Niels Provos, 8th USENIX Workshop on Offensive Technologies (WOOT 14), August 2014
CAMP: Content-Agnostic Malware Protection,
Moheeb Abu Rajab, Lucas Ballard, Noe Lutz, Panayiotis Mavrommatis, Niels Provos, ISOC Network and Distributed Systems Security Symposium (NDSS), February 2013.
Manufacturing Compromise: The Emergence of Exploit-as-a-Service,
Chris Grier, Lucas Ballard, Juan Caballero, Neha Chachra, Christian J. Dietrich, Kirill Levchenko, Panayiotis Mavrommatis, Damon McCoy, Antonio Nappa, Andreas Pitsillidis, Niels Provos, M. Zubair Rafique, Moheeb Abu Rajab, Christian Rossow, Kurt Thomas, Vern Paxson, Stefan Savage, Geoffrey M. Voelker, 19th ACM Conference on Computer and Communications Security (CCS 2012), October 2012.
ShellOS: Enabling fast detection and forensic analysis of code injection attacks,
K.Z. Snow, S. Krishnan, F. Monrose, and N, Provos, USENIX Security Symposium, August 2011.
The Nocebo Effect on the Web: An Analysis of Fake Anti-Virus Distribution,
Moheb Abu Rajab, Lucas Ballard, Panayiotis Mavrommatis, Niels Provos, Xin Zhao, 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats, April 2010.
All Your iFrames Point to Us,
Niels Provos, Panayiotis Mavrommatis, Moheeb Rajab and Fabian Monrose, 17th USENIX Security Symposium, August 2008.
To Catch a Predator: A Natural Language Approach for Eliciting Protocol Interaction,
Sam Small, Joshua Mason, Fabian Monrose, Niels Provos and Adam Stubblefield, 17th USENIX Security Symposium, August 2008.
Peeking Through the Cloud,
Moheeb Abu Rajab, Fabian Monrose, Andreas Terzis, Niels Provos, 6th Conference on Applied Cryptography and Network Security (ACNS 2008).
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority,
David Dagon, Niels Provos, Chris Lee, and Wenke Lee, ISOC NDSS'08, February 2008.
A Framework for Detection and Measurement of Phishing AttacksSujata Garea,
Niels Provos, Monica Chew and Aviel D. Rubin, 5th ACM Workshop on Recurring Malcode (WORM 2007), November 2007.
Michael Bailey, Evan Cooke, Farnam Jahanian, Niels Provos, Karl Rosaen, and David Watson, 2005 Internet Measurement Conference (IMC 2005) Berkeley, California October, 2005
A Virtual Honeypot Framework,
Niels Provos, 13th USENIX Security Symposium, San Diego, CA, August 2004.
Improving Host Security with System Call Policies,
Niels Provos, 12th USENIX Security Symposium, Washington, DC, August 2003.
Preventing Privilege Escalation,
Niels Provos, Markus Friedl and Peter Honeyman, 12th USENIX Security Symposium, Washington, DC, August 2003.
Detecting Steganographic Content on the Internet,
Niels Provos and Peter Honeyman, ISOC NDSS'02, San Diego, CA, February 2002.
ScanSSH - Scanning the Internet for SSH Servers,
Niels Provos and Peter Honeyman, 16th USENIX Systems Administration Conference (LISA). San Diego, CA, December 2001.
Defending Against Statistical Steganalysis,
Niels Provos, 10th USENIX Security Symposium, Washington, DC, August 2001.
Analyzing the Overload Behavior of a Simple Web Server,
Niels Provos, Chuck Lever and Stephen Tweedie, 4th Annual Linux Showcase & Conference, Atlanta, GA, October 2000.
Encrypting Virtual Memory,
Niels Provos. 9th USENIX Security Symposium, Denver, CO, August 2000.
Scalable Network I/O in Linux,
Niels Provos and Chuck Lever. USENIX 2000 Technical Conference, Freenix Track, San Diego, CA, June 2000.
The Linux Scalability Project,
Peter Honeyman, Chuck E. Lever, Stephen Molloy, and Niels Provos, NLUUG Najaarsconerentie 1999, Netherlands, November 1999.
Cryptography in OpenBSD: An Overview,
Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, and Niels Provos, USENIX ‘99, Freenix Track, Monterey, CA, June 1999.
A Future-Adaptable Password Scheme (the electronic version),
Niels Provos and David Mazières. USENIX ‘99, Freenix Track, Monterey, CA, June 1999. Note: If you cite this paper, please cite it as the electronic version and include the USENIX URL. USENIX accidentally printed our printer test document in the proceedings.
“An overview of the OpenBSD project”, Dug Song and Niels Provos, ACM Tech Luncheon, University of Michigan, April 1999.
“TCP/IP Security”, workshop, Hacking in Progress, Netherlands, August 1997.
Technical Skills and Areas of Interest
Network Security and Protocols
Knowledge in network protocols and techniques, especially network security and cryptography.Advisories: “A simple TCP spoofing attack”, “BIND Vulnerabilities and Solutions”.
Knowledge in operating system theory and research, especially security and performance for network intensive applications.Linux kernel development as part of the Linux Scalability: scaling of network I/O, poll()/select() improvements.
Number Theory and Cryptography
Knowledge in the theory of numbers, finite fields and their relation to cryptography. Diploma thesis about elliptic curve cryptography. Steganography, some of my work resulted in OutGuess, a system for practical steganography.
Knowledge of many UNIX-like operating systems: AIX, Linux, *BSD, Solaris, … as well as VMS and others.
Programming experience in: C, Perl, Pascal, Python, C++, 680x0 assembly, and many other more esoteric ones.
*BSD development: IPSEC and Key Management (photurisd, isakmpd), TCP/IP SACK and New Reno fast recovery, OpenSSH (press release), …