Sazzadur Rahaman
Assistant Professor,
Department of Computer Science,
University of Arizona.

Email:

Updates

Apr 03, 2023:

Our paper on benchmarking application debloaters got accepted in ESORICS '23! Congrats, to the team!

Nov 19, 2022:

Our paper on security analysis of native extensions got accepted in USENIX Security'23! Congrats, everyone!

Apr 13, 2022:

TPC member for NDSS'23!

Mar 10, 2022:

TPC member for USENIX Security'23!

Mar 10, 2022:

TPC member for PETS'23!

Feb 14, 2022:

Invited talk at the CS Colloquium at Marquette University, Milwaukee, Wisconsin.

Aug 18, 2021:

Our project on payment system security in collaboration with Loukas Lazos(Co-PI), received Funding support from TRIF NSS!

Jul 19, 2021:

Invited talk at FACC Workshop@CAV'21!

Apr 24, 2021:

TPC member for NDSS'22!

Mar 13, 2021:

TPC member for PETS'22!

Sep 18, 2020:

Invited talk at Clemson School of Computing seminar.

Aug 15, 2020:

TPC member for NDSS'21!

I work towards making security research more democratized and affordable. I am broadly interested in building robust systems and methodologies by using program analysis, formal verification, applied cryptography, internet measurement and machine learning-based techniques. I emphasize on transitioning my work into practice. I lead Security, Privacy and Reliability Lab () at the University of Arizona.

I completed my Ph.D. in Computer Science from CS@VT, under the supervision of Dr. Danfeng (Daphne) Yao. Before that, I worked as a software engineer. I completed my under graduation from Bangladesh University of Engineering and technology.

Selected Recent Publications (See All)

Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages.
Cristian-Alexandru Staicu, Sazzadur Rahaman, Ágnes Kiss, Michael Backes.
32nd USENIX Security Symposium. Anaheim, CA, USA. August, 2023.
[Conference]

A Tale of Reduction, Security and Correctness: Evaluating Program Debloating Paradigms and Their Compositions.
Muaz Ali, Muhammad Muzammil, Faraz Karim, Ayesha Naeem, Rukhshan Haroon, Muhammad Haris, Huzaifa Nadeem, Waseem Sabir, Fahad Shaon, Fareed Zaffar, Vinod Yegneswaran, Ashish Gehani and Sazzadur Rahaman
28th European Symposium on Research in Computer Security (ESORICS). Hague, Netherlands. September, 2023.
[Coming soon] [Conference]

Optimization to the Rescue: Evading Binary Code Stylometry with Adversarial Use of Code Optimizations.
Ben Jacobsen, Sazzadur Rahaman, Saumya Debray.
The CheckMATE workshop collocated with the ACM Conference on Computer and Communications Security (CCS'21). Virtual Conference, November 2021.
[Conference]

From Theory to Code: Identifying Logical Flaws in Cryptographic Implementations.
Sazzadur Rahaman, Haipeng Cai, Omar Chowdhury and Danfeng (Daphne) Yao.
IEEE Transactions on Dependable and Secure Computing (TDSC). 2021.
[Journal]

Coding Practices and Recommendations of Spring Security for Enterprise Applications.
Mazharul Islam, Sazzadur Rahaman, Na Meng, Behnaz Hassanshahi, Padmanabhan Krishnan, Danfeng (Daphne) Yao.
IEEE Secure Development Conference. Atlanta, GA, September 2020.
[Conference]

Security Certification in Payment Card Industry: Testbeds, Measurements, and Recommendations.
Sazzadur Rahaman, Gang Wang, Danfeng (Daphne) Yao.
ACM Conference on Computer and Communications Security (CCS'19). London, United Kingdom. November 2019.
[Conference] [Source code: PciCheckerLite, BuggyCart]

CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects.
Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Fahad Shaon, Ke Tian, Miles Frantz, Murat Kantarcioglu, Danfeng (Daphne) Yao.
ACM Conference on Computer and Communications Security (CCS'19). London, United Kingdom. November 2019.
[Conference] [Source Code] [Adopted by Oracle] [ACM news Article]

Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocation.
Sazzadur Rahaman,Long Cheng, Danfeng (Daphne) Yao, He Li, and Jung-Min (Jerry) Park.
The 17th Privacy Enhancing Technologies Symposium (PETS). Minneapolis, MN, USA. July, 2017.
[Journal] [Conference]

Selected Professional Services

Technical Program Committee:

  • [USENIX Security] USENIX Security Symposium: 2023
  • [ACM CCS] ACM Conference on Computer and Communications Security: 2023
  • [NDSS] The Network and Distributed System Security Symposium: 2021, 2022, 2023
  • [IEEE SecDev] IEEE Secure Development Conference: 2023
  • [PETS] Privacy Enhancing Technologies Symposium: 2022, 2023
  • [IEEE SecDev] IEEE Secure Development Conference: 2023
  • [CNS] IEEE Conference on Communications and Network Security: 2022
  • [SACMAT] Symposium on Access Control Models and Technologies: 2022
  • [NSysS] International Conference on Networking, Systems and Security: 2021

Journal Reviewer:

  • [TECS] Transactions on Embedded Computing Systems: 2021
  • [IoT Journal] IEEE Internet of Things Journal: 2020
  • [TDSC] IEEE Transactions on Dependable and Secure Computing: 2017, 2018

Notice Board

We always look for motivated students to join our newly formed Security, Privacy and Reliability Lab (). The following are some of the topics of our current interest.

  • Automated software verification for security and correctness.
  • Software specialization for performance and security.
  • Internet measurement of security and privacy problems.
  • Rethinking the security of parallel and distributed systems.
  • Privacy-preserving techniques for emerging applications.
  • Adversarial machine learning in software security.

If you are interested in working with me, please send me your CV, research interest and a paragraph on why do you want a PhD.

See Detail

Classes

University of Arizona:

  • Spring 23: CSC 466 (Computer Security)
  • Fall 22: CSC 566 (Computer Security)
  • Spring 22: CSC 466/566 (Computer Security)
  • Spring 21: CSC 696I (Advanced Topics in Security)

Virginia Tech:

  • Spring 2020: CS 4264 (Principles of Computer Security)
Email
Address

Department of Computer Science, Gould-Simpson, Room 917, 1040 E 4th St, Tucson, AZ - 85721.