I am an Assistant Professor in the Department of Computer Science and Engineering at Pennsylvania State University. Prior to joining Penn State in fall 2020, I worked as a postdoc at Purdue University from where I received my Ph.D. in fall 2018.
My research interest broadly lies in the areas of network and systems security. I lead the Systems and Network Security (SyNSec) research group, which focuses on improving the security and privacy postures of emerging networks and complex systems, including cellular networks, Internet-of-Things (IoT), embedded devices, software-defined networking, and cloud infrastructures. We take a holistic approach to fundamentally enhance the security and privacy investigation of a system from the ground up, i.e., starting from analyzing designs, evaluating implementations, monitoring the runtime, and building verified/high-assurance defenses. As part of this process, we combine theory and practice by drawing inspirations from formal methods, program analysis, software testing, signal processing, and cryptography.
Our research results have led to a number of changes in the design of 4G and 5G cellular standards. In addition, our work has been discussed by the Federal Communication Council (FCC) as well as covered by more than 100+ media outlets worldwide, including the New York Times, Forbes, The Washington Post, ACM Technews, and MIT Technology Review. The software artifacts from my research group have also been made open-source.
September’21: DIKEUE – Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular Devices – has been accepted to CCS’21.
July’21: Acknowledged by GSMA on their Mobile Security Research Acknowledgments (formerly known as Hall of Fame) page for uncovering and fixing implementation flaws/weaknesses in 4G and 5G networks.
July’21: ProChecker accepted for publication to ICDCS’21 has been nominated for the Best Paper Award.
March’21: Inducted by GSMA in the Mobile Security Research Hall of Fame for identifying design flaws/weaknesses in 4G and 5G networks.
March’21: A paper dubbed ProChecker on security analysis of 4G LTE protocol implementations has been accepted to ICDCS’21.
February’21: Paper on defense against 5G fake base station has been accepted to AsiaCCS’21.
January’21: Gave a talk at Ohio State Cybersecurity Lecture Series.
January’21: Invited to serve on the PC of ICNP’21.
December’20: PHOENIX has been accepted to NDSS’21.
December’20: Invited to serve on the PC of ESORICS’21 and SACMAT’21.
December’20: Presented the keynote talk at the IEEE VNC’20.
December’20: Gave an invited talk at the NSysS’20.
November’20: Intel has awarded $27K for our IoT protocol security work.
November’20: Invited to serve on the PC of Usenix Security’21 (fall and winter cycles).
August’20: ATFuzzer (journal version) has been accepted for publication to Digital Threats: Research and Practice.
August’20: Invited to serve on the PC of NDSS’21-fall.
August’20: Invited to serve on the PC of ASIACCS’21.
August’20: PatrIoT has been conditionally accepted to Runtime Verification’20.
July’20: Invited to serve on the PC of WebConf’21.
April’20: Paper on Zigbee security has been accepted to WiSec’20. Congratulations to Weicheng and Fabrizio!
January’20: Invited to serve on the PC of ESORICS’20.
January’20: PKI based defense against fake base stations has been featured by Wired and News Dio.
December’19: ATFuzzer has been awarded the Best Paper Award at ACSAC’19.
November’19: 5GReasoner has been featured by Wired, TechCrunch, Forbes, MIT Technology Review, Yahoo Finance, and 70+ other media outlets worldwide.
November’19: ATFuzzer has been featured in TechCrunch, Xiaomi, Deep Security News, My Digi Tech, Android Police, and 40+ other media outlets all over the world.
October’19: Intel awarded $72K for our work on IoT security.
October’19: Inducted by GSMA in the Mobile Security Research Hall of Fame for identifying design flaws/weaknesses in 5G network.
October’19: Side Channel Attacks in 4G and 5G Cellular Networks got accepted for presenting in Black Hat Europe’19.
August’19: ATFuzzer got accepted to ACSAC’19. Congrats to Imtiaz and Fabrizio! My first work as a mentor!
August’19: “Protecting the 4G and 5G Cellular Paging Protocols against Security and Privacy Attacks” got accepted to PETS’20. Congrats to Ankush!
July’19: 5GReasoner got accepted to CCS’19.
March’19: “Securing the Insecure Link of Internet-of-Things Using Next-Generation Smart Gateways” got accepted to DCOSS’19.
March’19: “Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil” got accepted to WiSec’19.
February’19: Our NDSS’19 paper has been featured by Washington Post, Wired, TechCrunch, MSN News, The Hacker News, and 100+ other media outlets worldwide.
December’18: Qualcomm awarded $10K for our work on cellular network security.
December’18: Intel awarded $65K for our work on cellular network security.
November’18: “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side-Channel Information” got accepted to NDSS’19. Best Paper Award Honorable Mention.
March 18: Our NDSS’18 paper has been featured by New York Times, Forbes, CNet, ACM Tech News, ZDNet, The Register, and 100+ other media outlets worldwide.