About Me
I am currently a Computer Science Ph.D. candidate at Stony Brook University under the supervision of Omar Haider Chowdhury, Ph.D. Before transferring to Stony Brook, I was a Computer Science Ph.D. student at University of Iowa, and working as a Research Assistant of Dr. Chowdhury. I obtained my Bachelor degree in Computer Science and Engineering from the Bangladesh University of Engineering and Technology (BUET) in 2017.
Research Interests
My research interest lies at the intersection of computer security and automated reasoning. I have extensive experience on applying different techniques from formal verification to enhance security, reliability, and robustness of modern systems and protocols. I am also interested to automatically detect functional bugs in network protocols and safety-critical cyber-physical and IoT systems. Currently, I am investigating exploitable weaknesses in SSL/TLS protocol as well as analyzing the robustness of X.509 certificate validation implemented in various open-source implementations. I am committed to advancing the state-of-the-art in formal verification and computer security and making the digital world safer for everyone.
Recent Updates
Our formally verified implementation of X.509 certificate chain validation (ARMOR) is published in IEEE S&P 2024.
I will work as a research intern at GE Vernova with the Embedded System team during Summer 2024.
I am transferred to the Computer Science Ph.D. program at Stony Brook University in Spring 2023.
Our work on X.509 PKI has received the Best Student Paper Award (Runners-up) in ACM CCS 2021.
Our work on proxy-based mobile browsers' security has received the Best Student Paper Award (Winner) in ACNS 2020.
Publications
"ARMOR: A Formally Verified Implementation of X.509 Certificate Chain Validation".
* Slides * Paper (Full Version) * Github *
With Christa Jenkins, Yuteng Sun, Sze Yiu Chau, and Omar Chowdhury.
Appeared in the 45th IEEE Symposium on Security and Privacy (IEEE S&P 2024).
"Towards a Correct-by-Construction Design of Integrated Modular Avionics".
* Paper * Github *
With Baoluo Meng, Sarat Chandra Varanasi, Emmanuel Manoloios, Michael Durling, and Saswata Paul.
Appeared in the 23rd Formal Methods in Computer-Aided Design (FMCAD 2023).
"On Re-engineering the X.509 PKI with Executable Specification for Better Implementation Guarantees".
* Slides * Paper * Github *
With Sze Yiu Chau, and Omar Chowdhury.
Appeared in the Proceedings of the 28th ACM Conference on Computer and Communications Security (ACM CCS 2021).
*** Best Student Paper Award (Runners-up) ***
"All your credentials are belong to us: On Insecure WPA2-Enterprise Configurations".
* Paper *
With Man Hong Hue, Kin Man Leung, Li Li, Mohsen Minaei, M. Hammad Mazhar, Kailiang Xian, Endadul Hoque, Omar Chowdhury, and Sze Yiu Chau.
Appeared in the Proceedings of the 28th ACM Conference on Computer and Communications Security (ACM CCS 2021).
"Morpheus: Bringing The (PKCS) One To Meet the Oracle".
* Paper * Github *
With Moosa Yahyazadeh, Sze Yiu Chau, Li Li, Man Hong Hue, Sheung Chiu Ip, Li Chun Ngai, Endadul Hoque, and Omar Chowdhury.
Appeared in the Proceedings of the 28th ACM Conference on Computer and Communications Security (ACM CCS 2021).
"When TLS Meets Proxy on Mobile".
* Slides * Paper * Github *
With Sze Yiu Chau, and Omar Chowdhury.
Appeared in the 18th International Conference of Applied Cryptography and Network Security (ACNS 2020).
*** Best Student Paper Award (Winner) ***
Resume
Resume (Updated on 08.26.2024)