November 2021
I will be serving in the program committee of
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) co-located with NDSS Symposium 2022.
October 2021
I am promoted to Senior Security SWE at
Google.
October 2021
I will be serving in the program committee of "Security, Privacy, and Trust" track at
TheWebConf (WWW) 2022.
August 2021
I participated in Social Engineering PenTesting competition organized by
Temple University CARE Lab. Check out the
podcast to learn more!
July 2021
I helped organizing
Google CTF as a pwn category co-lead.
June 2021
I presented at Android App Hacking Workshop, sponsored by Google Play, HackerOne, and PayPal.
December 2020
I presented at
Android App Hacking Workshop, sponsored by Google Play and HackerOne.
December 2020
I will be serving in the program committee of
ACM Conference on Computer and Communications Security (CCS) 2021.
November 2020
Our
USENIX Security paper on Web Cache Deception is nominated for
PwnieAwards's Most Innovative Research.
November 2020
I will be serving in the program committee of
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) co-located with NDSS Symposium 2021.
November 2020
I participated in virtual speed mentoring session (Cybersecurity) organized by
Iranian Women in Computing (IranWiC).
October 2020
Our
USENIX Security paper on Web Cache Deception qualifid to participate in
CSAW's Applied Research Competition finals.
September 2020
I presented two talks on Android Malware Analysis at
Dartmouth College.
August 2020
We presented our
talk (
slides) at
H@cktivityCon.
July 2020
I will be serving in the program committee of "Security, Privacy, and Trust" track at
TheWebConf (WWW) 2021.
July 2020
Our talk on
Web Cache Deception has been accepted to
H@cktivityCon hosted by
HackerOne.
April 2020
I will be serving as the session chair for "Security, Privacy, and Trust" track of
WWW 2020.
March 2020
Our
WCD paper has appeared among the
Top 10 Application Vulnerabilities of 2019 by
WhiteHat Security.
February 2020
William Blair presented our
HotFuzz system at
NDSS in San Diego, CA, USA (See the talk on
YouTube).
February 2020
Our
WCD paper has been named the
top Web hacking technique of 2019 by
PortSwigger.
February 2020
Our
Fuzzing paper has been accepted to
NDSS 2020.
January 2020
My talk on
WCD has been accepted to
php[tek] 2020.
November 2019
Our
Web Cache Deception (WCD) paper has been accepted to
USENIX Security 2020.
October 2019
Christo Wilson and I attended
IMC in Amsterdam, Netherlands and he presented our
ads.txt Standard study.
August 2019
I will be serving in the program committee of "Security, Privacy, and Trust" track at
TheWebConf (WWW) 2020.
July 2019
Our
ads.txt Standard paper has been accepted to
IMC 2019.
May 2019
I started working at
Google as a Security SWE.
April 2019
I defended my
PhD thesis in Cybersecurity and graduated from
Northeastern University.
January 2019
I proposed my
PhD thesis on security risks of content inclusion in Web browsers.
December 2018
Reza Mirzazade farkhani and I attended
ACSAC in San Juan, Puerto Rico, USA and he presented our
TROP system.
November 2018
Muhammad Ahmad Bashir and I attended
IMC in Boston, MA, USA and he presented our
WebSockets study.
October 2018
I was awarded a Student Travel Grant to attend
ACSAC 2018.
September 2018
I was awarded a Student Travel Grant to attend
IMC 2018.
August 2018
Our
CFI paper has been accepted to
ACSAC 2018.
August 2018
I attended
Black Hat USA and
DEF CON 26 in Las Vegas, NV, USA.
July 2018
I was awarded a Student Scholarship to attend
Black Hat USA 2018.
May 2018
Muhammad Ahmad Bashir presented our
WebSockets study at
ConPro in San Francisco, CA, USA.
April 2018
Tobias Lauinger presented our
RPO study at
WWW in Lyon, France.
February 2018
Our
WebSockets paper has been accepted to
IMC 2018.
February 2018
Our
WebSockets paper has been accepted to
ConPro 2018.
December 2017
Our
Relative Path Overwrite (RPO) paper has been accepted to
WWW 2018.
June 2017
I started a summer internship at
Mozilla Corporation as a security researcher.
February 2017
Tobias Lauinger and I attended
NDSS in San Diego, CA, USA and he presented our
JavaScript Libraries study.
February 2017
I was awarded a Student Travel Grant to attend
NDSS 2017.
November 2016
Muhammad Ahmad Bashir and I attended
IMC in Santa Monica, CA, USA and he presented our
CRN study.
October 2016
Our
JavaScript Libraries paper has been accepted to
NDSS 2017.
September 2016
I was awarded a Student Travel Grant to attend
IMC 2016.
September 2016
William Robertson presented our
OriginTracer system at
RAID in Evry, France.
August 2016
Muhammad Ahmad Bashir and I attended
USENIX Security in Austin, TX, USA and he presented our
Retargeted Ads study.
August 2016
Amin Kharraz and I attended
USENIX Security in Austin, TX, USA and he presented our
UNVEIL system.
July 2016
Our
Content Recommendation Networks (CRN) paper has been accepted to
IMC 2016.
July 2016
I was awarded a Student Travel Grant to attend
USENIX Security 2016.
June 2016
Our
Ad Injection paper has been accepted to
RAID 2016.
May 2016
I started a summer internship at
Verisign Inc as a security researcher.
May 2016
Our
Retargeted Ads paper has been accepted to
USENIX Security 2016.
May 2016
Our
Ransomware paper has been accepted to
USENIX Security 2016.
February 2016
William Robertson presented our
Excision system at
FC in Barbados.
February 2016
I attended
NDSS in San Diego, CA, USA.
November 2015
Our
Content Inclusion paper has been accepted to
FC 2016.
September 2013
I started my PhD in Cybersecurity (Information Assurance) at
Systems Security Lab (NEU SecLab).