Scott Coull, PhD

BIO

Scott Coull is a Senior Staff Research Scientist at Google DeepMind, where he focuses on the intersection of cybersecurity and artificial intelligence. His research investigates the security and robustness of AI agents, their use in mission-critical security problems, and the practical limitations of deep learning when faced with adversarial evasion.

Prior to joining DeepMind, Scott served as the Head of Data Science Research for Google Cloud Security. Over a nine-year tenure spanning FireEye, Mandiant, and Google, he built and led a world-class research organization that applied machine learning to some of the industry's most challenging security problems.

Scott holds a Ph.D. in Computer Science from Johns Hopkins University, where he was advised by Prof. Fabian Monrose, and completed a post-doctoral fellowship at the University of North Carolina at Chapel Hill under the mentorship of Prof. Michael Reiter. He also received M.Sc. and B.Sc. degrees from Rensselaer Polytechnic Institute, working with Prof. Boleslaw Szymanski.

From developing censorship-resistance technologies to detecting cutting-edge malware to analyzing large-scale network threats, Scott’s defining mission has always been to use data and statistics to protect users and their privacy.

Senior Staff Research Scientist
Google DeepMind

My work sits at the intersection of cybersecurity and artificial intelligence. Whether creating privacy-enhancing technologies or exposing weaknesses in existing systems, I apply rigorous data science, machine learning, and artificial intelligence methods to solve critical security challenges.

Research contributions include technologies to:

Automate security operations using LLMs and agentic systems
Detect malicious Windows binaries using deep learning
Circumvent Internet censorship
Eavesdrop on encrypted Voice over IP (VoIP) and iMessage traffic
Stop child exploitation on the Internet
Understand complex network behaviors
Improve data privacy for the FCC and DHS

BIO

PUBLICATIONS

Book Chapters:

S. Coull, U. Shankar. Solving Domain-Specific Problems Using LLMs. In A. Gulli, A. Nawalgaria, G. Mollison (Eds.) Generative AI: A Technical Guide by Google Researchers and Engineers. 2024. pp. 530-566.
[article] [discussion]
S. Coull. Traffic Analysis. In H. van Tilborg and S. Jajodia (Eds.) Encyclopedia of Cryptography and Security (2nd Edition). Springer Publishing. 2011. pp.1311 - 1313.
[article] [book]

Journal Articles:

E. Rudd, D. Krisiloff, S. Coull, D. Olszewski, E. Raff, and J. Holt. Efficient Malware Analysis Using Metric Embeddings. Digital Threats: Research and Practice, Volume 5, Issue 1.
[paper] [arXiv]

L. Demetrio, S. Coull, B. Bigio, G. Lagorio, A. Armando, and F. Roli. Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection. ACM Transactions on Privacy and Security, 24(4), November, 2021.
[paper] [arXiv] [code]

S. Coull and K. Dyer. Traffic Analysis of Encrypted Messaging Services: Apple iMessage and Beyond. ACM SIGCOMM Computer Communications Review, 44(4), October, 2014.
(Featured in: MIT Tech Review)
[paper] [ePrint] [arXiv] [code]
S. Coull, A. White, T. F. Yen, F. Monrose, and M. Reiter. Understanding Domain Registration Abuses. Computers & Security, 31(7), October, 2012. pp. 806-815.
(Invited Paper)
[paper]
S. Coull, M. Green, and S. Hohenberger. Access Controls for Oblivious and Anonymous Systems. ACM Transactions on Information and Systems Security, 14(1), May, 2011. pp. 1-28.
[paper]
C. Wright, L. Ballard, S. Coull, F. Monrose, and G. Masson. Uncovering Spoken Phrases in Encrypted Voice over IP Conversations. ACM Transactions on Information and Systems Security, 13(4), December, 2010. pp. 1-30.
(Featured in: Slashdot)
[paper]
S. Coull, and B. Szymanski. On the Development of an Internetwork-centric Defense for Scanning Worms. Computers & Security, 28(7), October, 2009. pp. 637-647.
(Featured in: New Scientist)
[paper]
S. Coull, and B. Szymanski. Sequence Alignment for Masquerade Detection. Computational Statistics and Data Analysis, 52(8), April, 2008. pp. 4116-4131.
[paper] [code]

Conference Papers:

S. Rahman, S. Coull, Q. Yu, and M. Wright. MADAR: Efficient Continual Learning for Malware Analysis with Distribution-Aware Replay. In Proceedings of the Conference on Applied Machine Learning in Information Security (CAMLIS), October 2025.
[paper] [arXiv]
S. Rahman, S. Coull, and M. Wright. On the Limitations of Continual Learning for Malware Classification. In Proceedings of the 1st Conference on Lifelong Learning Agents (CoLLA), August 2022.
[paper] [arXiv] [code]

G. Severi, J. Meyer, S. Coull, and A. Oprea. Explanation-Guided Backdoor Poisoning Attacks Against Malware Classifiers. In Proceedings of the 30th USENIX Security Symposium, August 2021.
(Acceptance rate: 18.7%)
[paper] [arXiv] [code]

K. Dyer, S. Coull, and T. Shrimpton. Marionette: A Programmable Network-Traffic Obfuscation System. In Proceedings of the 24th USENIX Security Symposium, August, 2015.
(Acceptance rate: 15.7%)
(Featured in: MIT Tech Review, Engadget)
[paper][code]
S. Coull and E. Kenneally. Toward a Comprehensive Disclosure Control Framework for Shared Data. In Proceedings of the IEEE International Conference on Technologies for Homeland Security (HST), November, 2013.
[paper]
K. Dyer, S. Coull, T. Ristenpart, and T. Shrimpton. Protocol Misidentification Made Easy with Format-Transforming Encryption. In Proceedings of the 20th ACM Conference on Computer and Communications Security, November, 2013.
(Acceptance rate: 19.8%)
(2014 PET Award Runner Up)
[paper] [ePrint] [code]
T. Taylor, S. Coull, F. Monrose, and J. McHugh. Toward Efficient Querying of Compressed Network Payloads. In Proceedings of the USENIX Annual Technical Conference, June, 2012.
(Acceptance rate: 14.1%)
[paper]
K. Dyer, S. Coull, T. Ristenpart, and T. Shrimpton. Peek-a-Boo, I Still See You: Why Efficient Traffic Analysis Countermeasures Fail. In Proceedings of the 33rd IEEE Symposium on Security and Privacy, May, 2012.
(Acceptance rate: 13.0%)
[paper] [code]
L. Wei, S. Coull, and M. Reiter. Bounded Vector Signatures and their Applications.In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS '11), March, 2011. pp. 277-285.
(Acceptance rate: 16.1%)
[paper] [ePrint]
S. Coull, F. Monrose, and M. Bailey. On Measuring the Similarity of Network Hosts: Pitfalls, New Metrics, and Empirical Analyses. In Proceedings of the 18th Annual Network and Distributed Systems Security Symposium, February, 2011.
[paper]
S. Coull, A. White, T. F. Yen, F. Monrose, and M. Reiter. Understanding Domain Registration Abuses. In Proceedings of the 25th IFIP International Information Security Conference, September, 2010. pp. 68-79.
[paper]
S. Coull, M. Green, and S. Hohenberger. Controlling Access to an Oblivious Database using Stateful Anonymous Credentials. In Proceedings of the 12th International Conference on Practice and Theory of Public Key Cryptography (PKC), 2009. pp 501-520.
[paper] [ePrint]
S. Coull, F. Monrose, M. Reiter, and M. Bailey. The Challenges of Effectively Anonymizing Network Data. In Proceedings of the DHS Cybersecurity Applications and Technology Conference for Homeland Security (CATCH), 2009. pp. 230-236.
[paper]
C. Wright, S. Coull, and F. Monrose. Traffic Morphing: An Efficient Defense Against Statistical Traffic Analysis. In Proceedings of the 16th Annual Network and Distributed Systems Security Symposium, 2009. pp. 237-250.
(Acceptance rate: 11.7%)
[paper]
C. Wright, L. Ballard, S. Coull, F. Monrose, and G. Masson. Spot Me If You Can: Uncovering Spoken Phrases in Encrypted VoIP Conversations. In Proceedings of the 29th IEEE Symposium on Security and Privacy, May, 2008. pp. 35-49
(Acceptance rate: 11.2%)
(Featured in: Slashdot, New Scientist, The Register, MIT Technology Review)
[paper]
S. Coull, C. Wright, A. Keromytis, F. Monrose, and M. Reiter. Taming the Devil: Techniques for Evaluating Anonymized Network Data. In Proceedings of the 15th Annual Network and Distributed Systems Security Symposium, Februrary, 2008. pp. 125-135
(Acceptance rate: 17.8%)
[paper]
S. Coull, M. Collins, C. Wright, F. Monrose, and M. Reiter. On Web Browsing Privacy in Anonymized NetFlows. In Proceedings of the 16th USENIX Security Symposium, August, 2007. pp. 339-352
(Acceptance rate: 12.3%)
[paper]
S. Coull, C. Wright, F. Monrose, M. Collins, and M. Reiter. Playing Devil's Advocate: Inferring Sensitive Information from Anonymized Network Traces. In Proceedings of the 14th Annual Network and Distributed Systems Security Symposium, February 2007. pp. 35-47
(Acceptance rate: 15.0%)
[paper]
S. Coull and B. Szymanski. On the Development of an Internetwork-Centric Defense for Internet Worms. In Proceedings of the 40th Annual Hawaiian International Conference on System Sciences, Waikoloa, HI, January 2007.
[paper]
S. Coull, J. Branch, B. Szymanski and E. Breimer. Intrusion Detection: A Bioinformatics Approach. In Proceedings of the 19th Annual Computer Security Applications Conference, Las Vegas, NV, December 2003. pp. 24-33
(Best Student Paper Award)
[paper]

Workshop Papers:

O. Suciu, S. Coull, and J. Johns. Exploring Adversarial Examples in Malware Detection. In Proceedings of the 2nd Deep Learning and Security Workshop (DLS), San Francisco, CA, May, 2019.

[paper] [arXiv] [poster] [IEEE]

S. Coull and C. Gardner. Activation Analysis of a Byte-Based Deep Neural Network for Malware Classification. In Proceedings of the 2nd Deep Learning and Security Workshop (DLS), San Francisco, CA, May 2019.

[paper] [arXiv] [IEEE]

Manuscripts:

S. Coull, J. Branch, B. Szymanski, and E. Breimer. Sequence Alignment for Masquerade Detection. Rensselaer Polytechnic Institute Computer Science Technical Report 06-14.
[paper]
S. Coull and B. Szymanski. A Reputation-based System for the Quarantine of Random Scanning Worms. Rensselaer Polytechnic Institute Computer Science Technical Report 05-01.
[paper]
S. Coull and B. Szymanski. Reputation-based Security in Routed Networks.(Extended Abstract) In Supplemental Proceedings of the International Conference on Dependable Systems and Networks (DSN), Florence, Italy, June 2004.
[paper]

Invited Talks:

S. Coull. Paper to Practice: The Importance of Systems Thinking in Machine Learning for Cybersecurity. Keynote at AAAI Artificial Intelligence for Cyber Security (AICS) Workshop, Vancouver, Canada, February 2024.
[slides]

S. Coull. Efficient Malware Analysis Using Metric Embeddings. Presented at Machine Learning Security (MLSec) Seminar Series, University of Cagliari, Italy, May 2023.
[slides][recording]

S. Coull. Promises and Challenges of Security in Trustworthy AI. Presented at the 5th Deep Learning and Security Workshop (DLS), San Francisco, CA, May 2022.

S. Coull. Activation Analysis of a Byte-based Deep Neural Network for Malware Classification. Presented at Conference on Applied Machine Learning for Information Security (CAMLIS), Washington, DC. October 12, 2018.
[slides][recording]
S. Coull. Privacy vs. Security. Presented at the NIST Cloud Computing Forum. Gaithersburg, MD. July 8, 2015.
S. Coull. How (Not) to Apply Differential Privacy in Anonymity NetworksPresented at the DIMACS Working Group on Measuring Anonymity. Rutgers University, New Brunswick, NJ. May 30, 2013.
[slides][paper]
S. Coull and E. Kenneally. A Qualitative Risk Assessment Framework for Sharing Computer Network Data Presented at the 40th Research Conference on Communication, Information, and Internet Policy (TPRC). Arlington, VA. September 23, 2012.
[slides][paper]
S. Coull. Information Leakage in Encrypted Network Traffic: Attacks and Countermeasures. Presented at University of Maryland Computer Science Colloquium. College Park, MD. September 20, 2011.
[slides]
S. Coull. Network Data Anonymization. Presented at Pennsylvania State University Computer Science and Engineering Colloquium. State College, PA. March 25, 2010.
[slides]
S. Coull. Toward Privacy Definitions for Anonymized Network Data. Presented at the 23rd Annual IEEE Computer Communications Workshop. Lenox, MA. October 21, 2009.
[slides]

CONTACT

BIO

Scott Coull, PhD

Senior Staff Research Scientist Google DeepMind

PUBLICATIONS

Senior Staff Research Scientist
Google DeepMind