Updates
Apr 03, 2023:
Our paper on benchmarking application debloaters got accepted in ESORICS '23! Congrats, to the team!
Nov 19, 2022:
Our paper on security analysis of native extensions got accepted in USENIX Security'23! Congrats, everyone!
Apr 13, 2022:
TPC member for NDSS'23!
Mar 10, 2022:
TPC member for USENIX Security'23!
Mar 10, 2022:
TPC member for PETS'23!
Feb 14, 2022:
Invited talk at the CS Colloquium at Marquette University, Milwaukee, Wisconsin.
Aug 18, 2021:
Our project on payment system security in collaboration with Loukas Lazos(Co-PI), received Funding support from TRIF NSS!
Jul 19, 2021:
Invited talk at FACC Workshop@CAV'21!
Apr 24, 2021:
TPC member for NDSS'22!
Mar 13, 2021:
TPC member for PETS'22!
Sep 18, 2020:
Invited talk at Clemson School of Computing seminar.
Aug 15, 2020:
TPC member for NDSS'21!
I work towards making security research more democratized and affordable. I am broadly interested in
building robust systems and methodologies by using program analysis, formal verification, applied
cryptography, internet measurement and machine learning-based techniques. I emphasize on
transitioning my work into practice. I lead
Security, Privacy and Reliability Lab ()
at the University of Arizona.
I completed my Ph.D. in Computer Science from CS@VT, under the supervision of Dr. Danfeng (Daphne) Yao. Before that, I worked as a software engineer. I completed my under graduation from Bangladesh University of Engineering and technology.
Selected Recent Publications (See All)
Bilingual Problems: Studying the Security Risks Incurred by Native Extensions in Scripting Languages. |
|
A Tale of Reduction, Security and Correctness: Evaluating Program Debloating Paradigms and Their Compositions. |
|
Optimization to the Rescue: Evading Binary Code Stylometry with Adversarial Use of Code Optimizations. |
|
From Theory to Code: Identifying Logical Flaws in Cryptographic
Implementations. |
|
Coding Practices and Recommendations of Spring Security for Enterprise
Applications. |
|
Security Certification in Payment Card Industry: Testbeds, Measurements, and
Recommendations. |
|
CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in
Massive-sized Java Projects. |
|
Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable
Sublinear Revocation. |
Selected Professional Services
Technical Program Committee:
Journal Reviewer:
Notice Board
We always look for motivated students to join our newly formed Security,
Privacy and Reliability Lab ().
The following are some of the topics of our current interest.
If you are interested in working with me, please send me your CV, research interest and a paragraph on why do you want a PhD.
Classes
University of Arizona:
Virginia Tech:
Department of Computer Science, Gould-Simpson, Room 917, 1040 E 4th St, Tucson, AZ - 85721.