hero image
Kevin Butler - University of Florida. Gainesville, FL, US

Kevin Butler

Professor | University of Florida

Gainesville, FL, UNITED STATES

Kevin Butler directs the Florida Institute for Cybersecurity Research and studies the security of computers and the privacy of tech users.


Kevin Butler is the director of the Florida Institute for Cybersecurity Research. Kevin's research focuses on the security of computing devices, systems and networks. His group has recently worked on securing embedded systems and protocols, mobile device security and privacy, establishing the trustworthiness of data and maintaining its provenance, protection of Internet traffic and the SSL infrastructure and attacks and defenses against the cloud infrastructure. Some of Kevin's other research areas of interest include securing Internet routing, malware propagation, applied cryptosystems, adversarial machine learning, cyber-physical systems and trustworthy computing.

Areas of Expertise (6)

At-Risk Users


Embedded Systems Security

Mobile Security


Trustworthy Computing


Articles (3)

Side eye: characterizing the limits of POV acoustic eavesdropping from smartphone cameras with rolling shutters and movable lenses

IEEE Computer Society

Yan Long, et. al


Our research discovers how the rolling shutter and movable lens structures widely found in smartphone cameras modulate structure-borne sounds onto camera images, creating a point-of-view (POV) optical-acoustic side channel for acoustic eavesdropping. The movement of smartphone camera hardware leaks acoustic information because images unwittingly modulate ambient sound as imperceptible distortions.

view more

HallMonitor: A framework for identifying network policy violations in software


Daniel Olszewski, et. al


Debloating helps to remove unused and potentially vulnerable code from software. While such techniques are becoming more mature and practical, they focus on the features that are unwanted by users, and not on a wealth of functionality that is disallowed by administrative policy. For instance, while an administrator may use a firewall to block certain types of traffic, hosts readily interact with such traffic when the firewall is bypassed (e.g., via an encrypted tunnel).

view more

Blue's clues: practical discovery of non-discoverable bluetooth devices

IEEE Computer Society

Tyler Tucker, et. al


Bluetooth is overwhelmingly the protocol of choice for personal area networking, and the Bluetooth Classic standard has been in continuous use for over 20 years. Bluetooth devices make themselves discoverable to communicate, but best practice to protect privacy is to ensure that devices remain in non-discoverable mode. This paper demonstrates the futility of protecting devices by making them non-discoverable.

view more





Headshot loading image


UF expert breaks down ransomware attacks