Research Interests
My research areas broadly span topics in Computer Systems Security, with use of ideas from compilers, operating systems and formal methods for defending cyber attacks. My recent work has focused on the topics given below.
My CV is available here. My complete publication list available here. Some recent samples:
- Preventing injection attacks on web based systems. SQL injection (ACM CCS 2007), Cross-site Scripting (DIMVA 2008).
- Browser Security : Security for Firefox Extensions (DIMVA 2007), Browser support for XSS Prevention (W2SP08).
- Runtime approaches for privacy and information flow policies : See the Shadowed Executions (ACSAC08), Data Sandboxing (ACSAC'06) and Runtime checking for information flow policy enforcement(published in ICICS'06) papers.
- CMV: Using static analysis and model checking techniques for ensuring complete mediation in authorization systems. (ASIACCS'08).
- Secure execution of untrusted programs : Safe-execution environments (NDSS 2005), Secure Software Installation (DIMVA 2008).
Research Support
My research is sponsored by grants from NSF (CyberTrust and CRI programs), UIC Campus Research Board.
|
Recent and Ongoing Professional Activities
Program Committees
- TPC member. 16th ACM Conference on Computer and Communications Security (CCS 2009). Chicago, IL.
- TPC member. 29th Int'l Conference on Distributed Computing Systems (ICDCS 2009). Quebec, Canada.
- TPC member. 18th World Wide Web Conference (WWW) . Madrid, Spain, April 2009.
> TPC member. 24th Annual Computer Applications Security Conference (ACSAC). Anaheim, California, December 2008.
- TPC member. Fourth International Conference on Information Systems Security (ICISS). Hyderabad, India, December 2008.
- Program Chair, Fifth Midwest Security Workshop (MSW), Indianapolis, Apr 2008.
Conference Organization
Other Professional Activities
Member, Election Review Panel, Cook County, Illinois (advising the Clerk's office on E-voting security).
|
