Foundations of Computing
University of Melbourne
2024s2
I'm recruiting at the University of Melbourne: (1) a funded 3-year PhD position in youth online safety + privacy and (2) expressions of interest for an RA. Start by reading Joining My Lab, then see details here.
Iβm a Senior Lecturer (equivalent to a U.S. Associate Professor), DECRA Fellow, and outgoing Deputy Head of School (Academic) in the School of Computing and Information Systems at the University of Melbourne. My research explores how computer systems interact with the law, with a particular focus on security.
In public service, I was the inaugural Geller Fellow placed at the Federal Trade Commissionβs Office of Policy Planning and worked on federal technology policy as a Cybersecurity Fellow in the office of U.S. Senator Ron Wyden. I earned my Ph.D. and MSE in Computer & Information Science and a Master in Law from the University of Pennsylvania, and a BSc and DipMus from the University of Melbourne and its Conservatorium.
I am a Senior Lecturer (equivalent to a U.S. Associate Professor), DECRA Fellow, and outgoing Deputy Head of School (Academic) for the School of Computing and Information Systems at the University of Melbourne. My research centers on the interplay between computer systems and the law, with particular focus on applications of cryptography.
In 2019, I was the inaugural Geller Fellow of the Wharton Public Policy Initiative, placed in the Federal Trade Commissionβs Office of Policy Planning, where I assisted in the development of technology strategy for the commission.
In 2018 I served as a Cybersecurity Fellow working on U.S. federal technology policy in the office of Senator Ron Wyden.
I completed my Ph.D. and MSE at the University of Pennsylvania in Computer & Information Science. I obtained a Master in Law from Penn Law, and my BSc and DipMus (Vocal Performance) from the University and Conservatorium of Melbourne respectively.
My research has received recognition in the form of Best Paper Awards at ACM CCS and ACM/IEEE ICSE and a Pwnie Award for Best Cryptographic Attack, along with the faculty Excellence in Mid-Career Research Award. I am also the recipient of many teaching awards at the national and university level including the CORE Award for Teaching (Early Career), the Edward Brown Award, and the Kelvin Medal.
Positions
Senior Lecturer
University of Melbourne
U.S. Associate Professor equivalent
2024βpresent
Lecturer
University of Melbourne
U.S. Assistant Professor equivalent
2021β2024
Teaching Fellow
Harvard University
CS50 for Teachers (Indonesia)
2023β2024
Postdoctoral Associate
Princeton University
Center for Information Technology Policy
2020β2020
Geller Fellow
Placement at Federal Trade Commission, Office of Policy Planning
2019β2019
-
βItβs been lovely watching youβ: Institutional Decision-Making on Online Proctoring Software. 2025 IEEE Symposium on Security and Privacy (S&P) (2025). Elisa Shioji, Ani Meliksetyan, Lucy Simko, Ryan Watkins, Adam J. Aviv and Shaanan Cohney.Security & Privacy Law & Policy
-
SoK: Trusted setups in cryptography, Financial Cryptography and Data Security, (2025), Faxing Wang, Shaanan Cohney and Joseph Bonneau.Security & Privacy Cryptography
-
Trailblazer: Practical End-to-end Web API Fuzzing (Registered Report) . Proceedings of the 34th ACM SIGSOFT International Symposium on Software Testing and Analysis (2025). Lianglu Pan, Shaanan Cohney, Toby Murray and Van-Thuan Pham.Security & Privacy
-
Detecting Excessive Data Exposures in Web Server Responses with Metamorphic Fuzzing, 46th ACM/IEEE International Conference on Software Engineering, (2024), Lianglu Pan, Shaanan Cohney, Toby Murray and Van-Thuan Pham, π Distinguished Paper Award. DOI: https://doi.org/10.1145/3597503.3608133.Security & Privacy
-
Watching the watchers: bias and vulnerability in remote proctoring software, 31st USENIX Security Symposium (USENIX Security 22), (2022), Ben Burgess, Avi Ginsberg, Edward W Felten and Shaanan Cohney. DOI: https://doi.org/10.48550/arXiv.2205.03009.Security & Privacy Law & Policy
-
Coin-operated capitalism, Columbia Law Review, 3 (2019), Shaanan Cohney, David Hoffman, Jeremy Sklaroff and David Wishnick. DOI: https://doi.org/10.2139/ssrn.3215345.Law & Policy
-
A systematic analysis of the Juniper Dual EC incident, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (2016), Stephen Checkoway, Jacob Maskiewicz, Christina Garman, Joshua Fried, Shaanan Cohney, Matthew Green, Nadia Heninger, Ralf-Philipp Weinmann, Eric Rescorla and Hovav Shacham, π Best Paper Award. DOI: https://doi.org/10.1145/2976749.2978395.Security & Privacy Cryptography
PhD Students
- Tian (Jack) Zhang 2026-present
- Yuhao Sun β How to mitigate prompt injection 2025-present
- Viet Hoang Luu β In what ways can we leverage source-code to improve automated software testing? (Software Security) 2024-present
- Mike Zhuang β Are there ways in which social media and similar actually help creativity and innovation? (Behavioural Science) 2023-present
- Faxing Wang β Can we make more complex reporting models for secure messaging? (Applied Cryptography) 2022-present
- Elisa Shioji β What is the relationship between socio-technical regulation and the systems-level outcomes? (Law and CS) 2021-present
- Dr Lianglu Pan β How can we test challenging-to-test aspect of web applications? (Software Security) University of Melbourne (Academic) 2021-2025
Masters Researchers
- Matthew Pham 2026-present
- Runzhou Chen 2026-present
- Tian (Jack) Zhang 2025
- Han Perry β Modern-methods for inference of protocol definitions from network traces (Systems Security) 2024
- Liam Saliba β LLMs for Transpilation into Memory Safe Languages (Software Security) Blackmagic Design 2023
- Xiaocong Zhang 2023
- Qingyun Wu PwC 2023
- Michael Maxwell Wenn β Improving governance reviews of Operational Technology posture (Cybersecurity Policy) 2023
- Haodong Gu 2023
- Zachary Duthie WeGuide 2023
- Simon Kelly 2023
Undergraduate Researchers
- Fane Ye β Mutation Testing for Web Applications with Inferred Specifications (Software Security) Commonwealth Bank 2025
- Lena Habtu β Adversarial testing of age-assurance systems (Security and Society) 2025
- Ray Zhang 2025
- Chunchun (Rachel) Ye 2024
- Joseph Surin β Lattice Cryptanalysis for CTF Challenges (Applied Cryptography) Eltam Security 2022
- Angel He 2022-2023
Academic Siblings
- Dr Luke Valenta β Internet-scale applied crypto: TLS/DH measurements and weak-key digging
- Dr Marcella Hastings β Making secure multi-party computation practical for privacy-preserving data analysis
- Dr Gabrielle De Micheli β Fully homomorphic encryption and lattice-based cryptography
- Dr Josh Fried β Datacenter OS and network design using kernel-bypass schedulers (Junction OS) PhD (MIT); incoming Assistant Professor, University of Pennsylvania
- While at Princeton I was a Bass in Voices of Gotham, a competitive barbershop chorus. I spent my PhD in multiple different choirs, the most significant of them being the Penn Glee Club and the Penn Pipers.
- I spend much of my free time playing piano, predominantly works from musical theatre.
- I came second place in a safe cracking tournament, and am working to learn and teach lockpicking.
- I ran the Melbourne Marathon in 2021, having started from not being able to run 1km in 2020.
- I co-founded Nice Jewish Runners (NJR) Melbourne.
- I have a finite Bacon-ErdΕs number of 6.