My research interest broadly lies in the areas of network and systems security. More specifically, my research focuses on improving security and privacy postures of emerging networks and cyber-physical systems, including cellular networks, Internet-of-Things (IoT), embedded devices, software-defined networking, and cloud infrastructures.
My research philosophy is to take a holistic approach to fundamentally enhance the investigation of security and privacy of a system starting from analyzing designs, evaluating implementations, monitoring systems, and building verified/high-assurance defenses. As part of this process, I combine theory and practice by drawing inspirations from formal verification, program analysis, software testing, signal processing, and cryptography.
My previous research results have led to a number of changes in the design of 4G and 5G cellular standards. My recent works have been discussed by the Federal Communication Council (FCC) as well as covered by more than 100+ media outlets worldwide, including the New York Times, Forbes, The Washington Post, ACM Technews, and MIT Technology Review. The software artifacts from my research have also been made open-source.
August 20: ATFuzzer (journal version) has been accepted for publication to Digital Threats: Research and Practice.
August 20: Invited to serve on the PC of NDSS’21-fall.
August 20: Invited to serve on the PC of ASIACCS’21.
August 20: PatrIoT was conditionally accepted to Runtime Verification’20.
July 20: Invited to serve on the PC of WebConf’21.
April 20: Paper on Zigbee security has been accepted to WiSec’20. Congratulations to Weicheng and Fabrizio!
January 20: Invited to serve on the PC of ESORICS’20.
January 20: PKI based defense against fake base stations has been featured by Wired and News Dio.
December 19: ATFuzzer was awarded the Best Paper Award at ACSAC’19.
November 19: 5GReasoner was featured by Wired, TechCrunch, Forbes, MIT Technology Review, Yahoo Finance, and 70+ other media outlets worldwide.
November 19: ATFuzzer was featured in TechCrunch, Xiaomi, Deep Security News, My Digi Tech, Android Police, and 40+ other media outlets all over the world.
October 19: Intel awarded $72K for our work on IoT security.
October 19: Inducted by GSMA in the Mobile Security Research Hall of Fame for identifying design flaws/weaknesses in 5G network.
October 19: Side Channel Attacks in 4G and 5G Cellular Networks got accepted for presenting in Black Hat Europe’19.
August 19: ATFuzzer got accepted to ACSAC’19. Congrats to Imtiaz and Fabrizio! My first work as a mentor!
August 19: “Protecting the 4G and 5G Cellular Paging Protocols against Security and Privacy Attacks” got accepted to PETS’20. Congrats to Ankush!
July 19: 5GReasoner got accepted to CCS’19.
March 19: “Securing the Insecure Link of Internet-of-Things Using Next-Generation Smart Gateways” got accepted to DCOSS’19.
March 19: “Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil” got accepted to WiSec’19.
February 19: Our NDSS’19 paper has been featured by Washington Post, Wired, TechCrunch, MSN News, The Hacker News, and 100+ other media outlets worldwide.
December 18: Qualcomm awarded $10K for our work on cellular network security.
December 18: Intel awarded $65K for our work on cellular network security.
November 18: “Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side-Channel Information” got accepted to NDSS’19. Best Paper Award Honorable Mention.
March 18: Our NDSS’18 paper has been featured by New York Times, Forbes, CNet, ACM Tech News, ZDNet, The Register, and 100+ other media outlets worldwide.