Hello. I am Sazzadur Rahaman

PhD Candidate • Security Enthusiast

I am a PhD candidate in Computer Science Department @VT, working under the supervision of Dr. Danfeng (Daphne) Yao. My research objective is to minimize the gap between the theory of cryptography and its applications in software.

Before moving in Blacksburg, I worked as a software engineer. I have 3.5+ years of industry experience in OOP, AOP and soul JavaEE technologies, smart card and payment based solutions. I completed my under graduation from BUET. I am greatly indebted to my undergrad thesis supervisor, Dr. Md. Saidur Rahman for his guidance, support and inspiration.

Education.

2015-Current

PhD
CS@VT

Blacksburg, VA, USA

CGPA: 3.96/4.   Advisor: Dr. Danfeng (Daphne) Yao.
Thesis committee: Dr. David Evans, Dr. Naren Ramakrishnan, Dr. Patrick Schaumont, Dr. Gang Wang.
Research Focus: Minimizing the gap between theory and the applications of cryptography.
#Publications: 4 conference papers, 3 posters, 1 tutorial.

2006 - 2010

B.Sc
CSE@BUET

Dhaka, Bangladesh

CGPA: 3.64/4.   Advisor:Md. Saidur Rahman.
Research Focus: Research Focus: Solving graph theoretic problems; Employing technologies to solve real-life day-to-day problems, etc.
#Publications: 2 conference papers, 1 newsletter.

Publications.

Journal
[TDSC'19]

Sazzadur Rahaman, Haipeng Cai, Omar Chowdhury and Danfeng (Daphne) Yao. From Theory to Code: Identifying Logical Flaws in Cryptographic Implementations. IEEE Transactions on Dependable and Secure Computing (TDSC). 2019. [Forthcoming]

Conference
[CCS'19]

Sazzadur Rahaman, Gang Wang, Danfeng (Daphne) Yao. Security Certification in Payment Card Industry: Testbeds, Measurements, and Recommendations. ACM Conference on Computer and Communications Security (CCS'19). London, United Kingdom. November 2019. [PDF]

[CCS'19]

Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Fahad Shaon, Ke Tian, Miles Frantz, Murat Kantarcioglu, Danfeng (Daphne) Yao. CryptoGuard: High Precision Detection of Cryptographic Vulnerabilities in Massive-sized Java Projects. ACM Conference on Computer and Communications Security (CCS'19). London, United Kingdom. November 2019. [PDF]

[SecDeV'19]

Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao. CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic API Misuses. 2019 IEEE Secure Development Conference. McLean, VA. September 2019. [PDF]

[PETS'17]

Sazzadur Rahaman, Long Cheng, Danfeng (Daphne) Yao, He Li, and Jung-Min (Jerry) Park. Provably Secure Anonymous-yet-Accountable Crowdsensing with Scalable Sublinear Revocation. The 17th Privacy Enhancing Technologies Symposium (PETS). Minneapolis, MN, USA. July, 2017. [PDF]

[SecDeV'17]

Sazzadur Rahaman, Danfeng (Daphne) Yao. Toward Automatic Program Analysis of Cryptography Implementations for Security. 2017 IEEE Secure Development Conference. Cambridge, MA, USA. September, 2017. [PDF]

[ICIEV'14]

Sazzadur Rahaman, Tousif Ahmed Eshan, Sad Al Abdullah. Antibandwidth Problem for Itchy Caterpillars. 2014 International Conference on International Conference on Informatics, Electronics & Vision (ICIEV). Dhaka, Bangladesh. May, 2014. [PDF]

[ISMS'13]

Mohammad Raihanul Islam, Sazzadur Rahaman, Rakibul Hasan, Ridwan Rashid Noel, Asif Salekin, and Hasan Shahid Ferdous. A Novel Approach for Constructing Emulator for Microsoft Kinect XBOX 360 Sensor in the .NET Platform. 4th International Conference on Intelligent Systems Modelling & Simulation (ISMS). Bangkok, Thailand. January, 2013. [PDF]

Posters and Tutorials
[S&P'19]

Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Ke Tian, Miles Frantz, Danfeng (Daphne) Yao, Na Meng, Barton P. Miller, Fahad Shaon, Murat Kantarcioglu. Poster: Deployment-quality and Accessible Solutions for Cryptography Code Development. 2019 IEEE Symposium on Security and Privacy (IEEE S&P'19). San Francisco, CA, USA . May, 2019.

[CCS'19]

Sazzadur Rahaman, Ya Xiao, Sharmin Afrose, Ke Tian, Miles Frantz, Danfeng (Daphne) Yao, Na Meng, Barton P. Miller, Fahad Shaon, Murat Kantarcioglu. POSTER: Deployment-quality and Accessible Solutions for Cryptography Code Development. 2019 ACM Conference on Computer and Communications Security (ACM CCS'19). London, United Kingdom. November 2019.

[SecDev'19]

Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao. A Comprehensive Benchmark on Java Cryptographic API Misuses. 2019 IEEE Secure Development Conference. McLean, VA. September 2019.

[SecDev'18]

Sazzadur Rahaman, Na Meng and Danfeng (Daphne) Yao. Tutorial: Principles and Practices of Secure Crypto Coding In Java (90 minutes Tutorial). 2018 IEEE Secure Development Conference (SecDev'18). Cambridge, MA, USA. September, 2018.

[SecDev'17]

Sazzadur Rahaman, Long Cheng, Danfeng (Daphne) Yao, He Li, and Jung-Min (Jerry) Park. Enabling Large-scale Anonymous-yet-Accountable Crowdsensing" (Poster). 2017 IEEE Secure Development Conference (SecDev'17). Cambridge, MA, USA. September, 2017.

[SEC'16]

Sazzadur Rahaman, Long Cheng, He Li, Danfeng (Daphne) Yao and Jung-Min (Jerry) Park. GroupSense: Scalable Crowdsensing with Privacy and Accountability. (Poster). 2016 USENIX Security (USENIX SEC'16). Austin, TX. August, 2016.

Experience.

August, 2017 - Current

August, 2015 - May, 2017

Virginia Tech.
Research Assistant

Blacksburg, VA

Projects:
•   CryptoGuard: A deployment-grade tool to find cryptographic API misuses (Java, Android).
•   TaintCrypt: A tool to find numerous vulnerabilities in cryptographic implementations (C/C++).
•   GroupSense: Privacy-preserving scalable crowdsensing based on a new VLR-based group signature.

May, 2019 - August, 2019

May, 2017 - August, 2017

Data Sec. Tech., LLC.
Software Engineer Intern

Dallas, TX

Responsibilities:
•   Design and development of secure platform for big data analytics frameworks (e.g., Hadoop, Spark, etc.).
•   Peer code review, source code analysis.

March, 2014 - July, 2015

Kona Software Lab, Ltd.
Software Engineer

Dhaka, Bangladesh

Responsibilities:
•   Significant contribution in architecture level design of core products (e.g., Kona Pay [news], Kona TSM).
•   Following payment industry specs (e.g., GlobalPlatform, ISO/IEC, Visa, MasterCard, AmEx, EMVCo, etc.).
•   Significant contribution in standardizing software engineering practices and tools.

Apr, 2012 - February, 2014

Therap Services, LLC.
Software Engineer

Dhaka, Bangladesh

Responsibilities:
•   Development, system performance monitoring, analysis & optimization, peer code reviewing.
•   Wrote utility frameworks for significant reductions in boilerplate codes.

Honors and Awards.

Pratt Fellowship, Fall 2019 and Spring 2020

Bitshare Fellowship, Fall 2018 and Spring 2019

Champion in .Net platform, Inter University System Design Competition-2011, BUET

Dean'sList Award, BUET, Session 2009-2010

Grants.

Contribution in Accepted Proposals

NSF CBET Division (Award no. 1645121, 1645285). Amount: $100,000

NSF CNS Division Of Computer and Network Systems (Award no. 1929701) Amount: $700,000

Research Contribution in Other Grants

Office of Naval Research (ONR) (Award no. N00014-17-1-2498) Amount: $1,200,000

NSF CNS Division Of Computer and Network Systems (Award no. 1717028) Amount: $500,000

Mentoring Experience.

PhD Students:

Sharmin Afrose, Ya Xiao

MS Students:

Miles Frantz, Hannah Roth (2017)

Professional Services.

Journal Review:

IEEE Transactions on Dependable and Secure Computing (TDSC)

External Reviewer:

PETS '18 '19, SecDev '18

Sub Reviewer:

CCS '17 '18 '19, S&P '18 '19 '20, NDSS '19, WWW '19, AsiaCCS '17 '18, DSN '17

Student Volunteer:

CCS 2017

Skills.

Java
JavaEE technologies (e.g., JSF, Spring, Hibernate, etc.)
Python
Scala
C/C++
LLVM, Clang, Soot
Mysql, Oracle
Big Data Frameworks (e.g., Hadoop, Spark)

Contact.

Email

sazzad14 [at] vt [dot] edu

Address

Department of Computer Science,
2202 Kraft Drive, KnowledgeWork II, Blacksburg, VA, USA - 24060.