Apr 03, 2023:
Our paper on benchmarking application debloaters got accepted in ESORICS '23! Congrats, to the team!
Nov 19, 2022:
Our paper on security analysis of native extensions got accepted in USENIX Security'23! Congrats, everyone!
Apr 13, 2022:
TPC member for NDSS'23!
Mar 10, 2022:
TPC member for USENIX Security'23!
Mar 10, 2022:
TPC member for PETS'23!
Feb 14, 2022:
Invited talk at the CS Colloquium at Marquette University, Milwaukee, Wisconsin.
Aug 18, 2021:
Our project on payment system security in collaboration with Loukas Lazos(Co-PI), received Funding support from TRIF NSS!
Jul 19, 2021:
Invited talk at FACC Workshop@CAV'21!
Apr 24, 2021:
TPC member for NDSS'22!
Mar 13, 2021:
TPC member for PETS'22!
Sep 18, 2020:
Invited talk at Clemson School of Computing seminar.
Aug 15, 2020:
TPC member for NDSS'21!
I work towards making security research more democratized and affordable. I am broadly interested in building robust systems and methodologies by using program analysis, formal verification, applied cryptography, internet measurement and machine learning-based techniques. I emphasize on transitioning my work into practice. I lead Security, Privacy and Reliability Lab () at the University of Arizona.
I completed my Ph.D. in Computer Science from CS@VT, under the supervision of Dr. Danfeng (Daphne) Yao. Before that, I worked as a software engineer. I completed my under graduation from Bangladesh University of Engineering and technology.
Selected Recent Publications (See All)
Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages.
The Queen’s Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms.
A Tale of Reduction, Security and Correctness: Evaluating Program Debloating Paradigms and Their Compositions.
Optimization to the Rescue: Evading Binary Code Stylometry with Adversarial Use of Code Optimizations.
From Theory to Code: Identifying Logical Flaws in Cryptographic
Coding Practices and Recommendations of Spring Security for Enterprise
Security Certification in Payment Card Industry: Testbeds, Measurements, and
CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in
Massive-sized Java Projects.
Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable
Selected Professional Services
Technical Program Committee:
We always look for motivated students to join our newly formed Security, Privacy and Reliability Lab (). The following are some of the topics of our current interest.
If you are interested in working with me, please send me your CV, research interest and a paragraph on why do you want a PhD.
University of Arizona:
Department of Computer Science, Gould-Simpson, Room 917, 1040 E 4th St, Tucson, AZ - 85721.