Associate Professor, Department of Computer Science (eff 8/8/17)
Associate Professor (joint), Electrical and Computer Engineering
Director, Security Analytics Lab Research (SEAL)
Member, Cyber Security and Privacy Faculty Cluster
Founder, zfs labs (coming soon).

Bio: Before joining the faculty of the University of Central Florida, I was a researcher at ETRI (2007-2009), a graduate student at the University of Minnesota (2009-2012), a (senior) researcher at Verisign Labs (2012-2015), a faculty fellow and a visiting faculty at AFRL (2016 and 2017), and a faculty member at SUNY Buffalo (2015-2017). I work on computer security and privacy with applications to malware, DDoS, DNS, IoT, blockchain, and mobile systems. Member of ACM and a senior member of IEEE (DBLP and Google Scholar)

⚑ Teaching // Fall 2017: CIS 4615, Fall 2016: CSE 709; CSE 410, Spring 2016: CSE 664, Fall 2015: CSE 709. ⚑ Services // ISOC NDSS 2018, IEEE INFOCOM 2018
⚑ Advising // (Ph.D. students) Hisham Alasmary, Afsah Anwar, Jiyoo Jang, Aminollah Khormali, Heather Lawrence, Jeman Park, Muhammad Saad, Jeff Spaulding.

▬ Selected Publications

IEEE ICDCS 2017
An Adversary-Centric Behavior Modeling of DDoS Attacks
IEEE ICDCS 2017
Defending Against Voice Impersonation Attacks on Smartphones (Best student paper)
Media
Phys.org, Sci. Amer., CBS, Financial Express, Tech Radar, NDTV, Science Daily, Gizmodo, etc.
IEEE ICDCS 2017
Privacy Implications of DNSSEC-Lookaside Validation
IEEE INFOCOM 2017
Large-scale Invisible Attack on AFC Systems with NFC-equipped Smartphones
Financial Crypto 2017
Graph Encryption for Exact Shortest Distance Queries with Efficient Updates
ACM/IEEE ToN 2017
Leakage of .onion at the DNS Root: Measurements, Causes, and Countermeasures (2.12)
ACM MobiSys 2017
Android Malware Detection using Multi-Flows and API Patterns (Poster)
ACM WiSec 2017
Highly-Accurate Access Point Detection using Intentional Interference
ACM WiSec 2017
Two-level Network Monitoring in WLAN using Software-Defined Networking
USPTO 2017
Access control for named domain networking (Patent)
USPTO 2017
Methods and systems for domain name data networking (Patent)
IRTF 2017
XMSS: Extended Hash-Based Signatures (Standard)
IEEE TIFS 2017
Crime Scene Reconstruction: Online Gold Farming Network Analysis (2.44)
ISOC NDSS 2016
Uncovering game bots in MMORPGs via self-similarity in the wild (15%)
IEEE TKDE 2016
Private Over-threshold Aggregation Protocols over Distributed Databases (1.82)
DIMVA 2015
Revealing DDoS Attack Dynamics behind the Scenes (23%)
ACM ASIACCS 2015
Measuring Botnets in the Wild: Some New Trends (22%)
IEEE CNS 2015
Separating Benign and Malicious Network Events for Malware Classification (28%)
IEEE DSN 2015
Delving into Internet DDoS Attacks by Botnets: Characterization and Analysis (22%)
IEEE TDSC 2015
Timing Attacks on Access Privacy in ICN and Countermeasures (1.59)
ACM IMC 2014
Measuring Domain Forwarding and Applications at the Internet Scale (20.3%)
DIMVA 2014
Metadata-driven Threat Classification of Network Endpoints Appearing in Malware (23%)
DIMVA 2014
AV-Meter: An Evaluation of Antivirus Scans and Labels (23%)
ACM WPES 2014
Measuring the Leakage of Onion at the Root (25%)
IEEE TMC 2014
Keylogging-resistant Visual Authentication Protocols (2.91)
IEEE TDSC 2014
Secure encounter-based social networks: Requirements, challenges, and designs (1.59)
ACM ASIACCS 2013
Dynamix: anonymity on dynamic social structures (28%)
IEEE TSC 2013
Trustworthy Distributed Computing on Social Networks (2.37)
Media
MIT Technology Review, The Verge, Data News, Atelier, msn.com.
IEEE TVT 2013
Trading Optimality for Scalability in Large-scale Opportunistic Routing (2.64)
ACM ASIACCS 2012
On the mixing time of directed social graphs and security implications (18%)
IEEE INFOCOM 2012
Dynamic energy-oriented scheduling for sustainable wireless sensor networks (18%)
ISOC NDSS 2011
Losing control of the Internet: Using the data plane to attack the control plane (18%)
Media
New Scientist, CBS News, Slashdot, METRO, The Register, Gizmodo, etc.
IEEE INFOCOM 2011
Incorporating trust into social network-based Sybil defenses (16%)
ACM IMC 2010
Measuring the mixing time of social graphs (22%)

▬ Features

Rogue AP Detection
Voice Impersonation
IoT and Usable Interactions