About

Kevin R. B. Butler is a Professor in the Department of Computer and Information Science and Engineering at the University of Florida. He serves as the Director of the Florida Institute for Cybersecurity Research and is a UF Research Foundation Professor. Additionally, he directs the Center for Privacy and Security for Marginalized and Vulnerable Populations (PRISM), a National Science Foundation Frontiers project. He is an Executive Committee member of the Computing Research Association's Community Computing Council. Butler joined the University of Florida in 2014 through the UF Rising to National Preeminence Hiring Program and was previously the Arnold and Lisa Goldberg Rising Star Associate Professor in Computer Science before his promotion to Professor. His research focuses on the security of computing devices, systems, networks, and users of computing technology. Recent work in his group includes securing embedded systems and protocols, mobile device security and privacy, cellular device and network security, side channel analysis, establishing the trustworthiness of data and maintaining its provenance, protection of Internet traffic and examination of censorship, attacks and defenses against cloud infrastructure, and addressing the needs of marginalized and vulnerable users, particularly populations with impairments and survivors of abuse. Other research interests include securing Internet routing, malware propagation, applied cryptosystems, adversarial machine learning, cyber-physical systems, and trustworthy computing. Butler received a National Science Foundation CAREER award in 2013 and was named International Educator of the Year within the Herbert Wertheim College of Engineering in 2017 for his work on developing global standards for securing digital financial services in the developing world. From 2017 to 2022, he co-chaired the International Telecommunications Union's Security, Infrastructure, and Trust Working Group as part of the Financial Inclusion Global Initiative. He is a Senior Member of IEEE and ACM, served as technical program co-chair of the 2022 USENIX Security Symposium, and was conference general chair for ACSAC 2020 and ACSAC 2021. He is also an affiliate faculty member of the Center for Children and Families within the University of Florida's Levin College of Law.

Research topics

• Computer Science
• Artificial Intelligence
• Computer Security
• Data Mining
• Social psychology
• Pedagogy
• Human–computer interaction
• Psychology
• Computer vision
• Operating system
• Medical education
• Mathematics education
• Computer graphics (images)
• Medicine

Selected publications

• 616 Lyme arthritis in a dish: creation of a human ex vivo system and beyond

  The American Journal of the Medical Sciences · 2025-01-15

  articleSenior author
  PublisherDOI

• Enabling Secure and Efficient Data Loss Prevention with a Retention-aware Versioning SSD

  2025-11-19 · 1 citations

  articleSenior author
  PublisherDOI

• Mapping the Flow of Information from Continuous Wearables: Insights from Elite Collegiate Athletes in the United States

  2025-11-03 · 1 citations

  articleSenior author

  Continuous wearables collect physiological data throughout the day and are increasingly being used to help athletes and training communities achieve performance goals. While valuable, these devices collect extensive personal data with minimally studied sharing patterns. We investigate this issue in the context of elite United States collegiate sports by analyzing 15 semi-structured interviews with student-athletes. This paper reports on a qualitative analysis using the contextual integrity framework—an established privacy framework that identifies usage norms—to map the flow of information collected by continuous wearables. We highlight seven key descriptions of how data is being shared, identify privacy considerations, and provide recommendations for the research community to consider how data from continuous wearables is managed. Ultimately, this work presents a first step in aligning privacy protections with the rapid advancement of sport technology.

  PublisherDOI

• Exploring Unanticipated Functionality in Cellular Devices and Networks

  2025-06-27

  article1st authorCorresponding

  Telecommunication networks form the backbone of our connected society, enabling global voice and data communication. Yet, beneath their seamless operation lies a complex interplay of signaling protocols, legacy systems, and evolving technologies that have, over the decades, exposed both opportunities for innovation and significant security challenges. While these networks have changed over the past 50 years and complexity has migrated outwards to devices, one enduring challenge has been a lack of accessibility. In this talk, we will discuss some of our recent efforts to better understand functionality on mobile devices by examining command sets [3] and processors [2]. We also look at security assessment techniques and how they can expose vulnerabilities in core cellular infrastructure. A central focus of this talk is the application of fuzz testing-a powerful technique for discovering implementation flaws and specification ambiguities. Fuzzing involves generating random or mutated inputs and injecting them into target systems to observe unusual behaviors or crashes. In the context of telecom networks, a fuzzing campaign can target the message handling logic, permuting fields such as the Protocol Discriminator or Bearer Capabilities, causing ASN.1 decoders in some devices to fail, leading to denial-of-service or potentially more severe consequences [1]. Through case studies and demonstrations, the talk will reveal how seemingly innocuous fields in call setup messages can destabilize network components or user devices, while also examining how the analysis of messages rather than examining device behavior can lead to the detection of rogue elements [4] in a network.

  PublisherDOI

• SrFTL: Leveraging Storage Semantics for Effective Ransomware Defense in Flash-based SSDs

  ACM Transactions on Storage · 2025-09-17

  articleSenior author

  Ransomware attacks have become increasingly frequent and high-profile, resulting in billions of dollars in data and operational losses annually. Current mechanisms typically deploy defenses in vulnerable operating systems, making them susceptible to advanced adversaries capable of compromising the OS. While implementing defense mechanisms within storage devices can address this vulnerability, they lack detection accuracy due to their inability to access data semantics, such as file system metadata. Moreover, these methods only expose block-level interfaces without file-level information, limiting the usability and practicality of data recovery management. Therefore, we develop SrFTL , a novel ransomware defense framework that allows leveraging data semantics for accurate ransomware detection and effective file-level data recovery against data compromise. Specifically, SrFTL employs defense enforcement within the flash translation layer (FTL) of SSDs. Then, SrFTL combines the secure enclave with the modified FTL through a secure channel to enable flexible ransomware defenses within the enclave. Finally, SrFTL deploys ransomware classification and data recovery defenses in the enclave, providing high detection accuracy and low-cost data recovery. Our evaluation demonstrates that SrFTL achieves zero false positives and negatives when detecting our collected real-world ransomware samples and benign applications, outperforming current FTL-level solutions (e.g., MimosaFTL). Moreover, SrFTL introduces on average a trivial performance overhead of 1.5% compared with a regular SSD. Finally, evaluating against multiple real-world ransomware samples, SrFTL enables fast data recovery with an average time of 9.3 seconds. SrFTL thus bridges the semantic gap between the FTL and OS-level file information to stop ransomware while maintaining the integrity and authenticity of employed defenses.

  PublisherDOI

• Concerning the Responsible Use of AI in the U.S. Criminal Justice System

  Communications of the ACM · 2025-08-13 · 3 citations

  articleOpen access

  Seeking insight into AI decision-making processes to better address bias and improve accountability in AI systems.

  PublisherOA PDFDOI

• Supporting At-Risk Users Through Responsible Computing CCC Visioning Workshop Report

  SSRN Electronic Journal · 2025-01-01

  preprintOpen access1st authorCorresponding
  PublisherDOI

• Extending the Heilmeier Catechism to Evaluate Security and Privacy Systems: Who is Left Out?

  IEEE Security & Privacy · 2025-05-01

  article1st authorCorresponding

  The Heilmeier Catechism consists of a set of questions that researchers and practitioners can consider when formulating research and applied engineering projects. In this article, we suggest explicitly asking who is included and who is left out of consideration.

  PublisherDOI

• Reproducibility in Applied Security Conferences: An 11-Year Review on Artifacts and Evaluation Committees

  2025-07-29

  article
  PublisherDOI

• Concerning the Responsible Use of AI in the US Criminal Justice System

  ArXiv.org · 2025-05-30

  preprintOpen access

  Artificial intelligence (AI) is increasingly being adopted in most industries, and for applications such as note taking and checking grammar, there is typically not a cause for concern. However, when constitutional rights are involved, as in the justice system, transparency is paramount. While AI can assist in areas such as risk assessment and forensic evidence generation, its "black box" nature raises significant questions about how decisions are made and whether they can be contested. This paper explores the implications of AI in the justice system, emphasizing the need for transparency in AI decision-making processes to uphold constitutional rights and ensure procedural fairness. The piece advocates for clear explanations of AI's data, logic, and limitations, and calls for periodic audits to address bias and maintain accountability in AI systems.

  PublisherOA PDFDOI

Recent grants

• EAGER: Collaborative: Secure and Efficient Data Provenance

  NSF · $110k · 2014–2017

• TC: Small: Protection Mechanisms for Portable Storage

  NSF · $208k · 2014–2016

• CAREER: Securing Critical Infrastructure with Autonomously Secure Storage

  NSF · $151k · 2013–2015

• TC: Small: Protection Mechanisms for Portable Storage

  NSF · $516k · 2011–2015

• SaTC: STARSS: Small: Domain Informed Techniques for Detecting and Defending Against Malicious Firmware

  NSF · $333k · 2018–2022

Frequent coauthors

• Patrick Traynor

  University of Florida

  83 shared

• Alexander Zika

  University of Colorado Boulder

  72 shared

• Patrick McDaniel

  40 shared

• Gregory G. Schwartz

  University of Colorado Denver

  36 shared

• Shihao Zhou

  Sichuan Agricultural University

  36 shared

• Joshua G. Gober

  36 shared

• Miral Azechi

  Environmental Energy & Engineering

  36 shared

• A.S.C. Hooper

  Leibniz-Institute for New Materials

  36 shared

Education

• Ph.D., Computer and Information Science and Engineering

  University of Florida

  2000

• M.S., Computer and Information Science and Engineering

  University of Florida

  1996

• B.S., Computer and Information Science and Engineering

  University of Florida

  1994

Awards & honors

• UF Term Professorship (2021)
• Herbert Wertheim College of Engineering Doctoral Dissertatio…
• Arnold and Lisa Goldberg Rising Star Professorship in Comput…
• UF Term Professorship (2018)
• UF International Center International Educator of the Year A…