Sixth Year Ph.D. Candidate & Graduate Research Assistant
ESL Global Cybersecurity Institute
Rochester Institute of Technology
Email: Saidur.Rahman [at] mail [dot] rit [dot] edu
Open for Tenure Track Asst. Professor/ Postdoc/ Research Scientist position from Summer/Fall 2024.
I am a Graduate Research Assistant at the
ESL Global Cybersecurity Institute (former Center for Cybersecurity)
at Rochester Institute of Technology (RIT),
working with Professor Dr. Matthew Wright.
I have been working at the Center for Cybersecurity since Spring 2017.
At present, I am pursuing Ph.D. in Computing & Information Sciences (CIS) at RIT.
I received an MS (August, 2018) in Computing Security from the Department of Computing Security at RIT.
I received Bachelors degree in Management Information Systems (MIS) in 2016 from University of Dhaka, Bangladesh.
Besides research and graduate study, I also enjoy travelling, fishing, swimming, and literature.
[August 2022] Continual Learning and Malware paper is accepted at the Conference on Lifelong Learning Agents - CoLLAs 2022.
[June 2022] SoK on Website Fingerprinting Defense paper is accepted at IEEE S&P (Oakland) 2023.
[March 2022] Transformer for Information Security paper is accepted at ACM Workshop on Robust Malware Analysis (WoRMA) 2022 (co-located with ACM AsiaCCS 2022).
[November 2021] DeepCoFFEA paper is accepted at IEEE S&P (Oakland) 2022.
[November 2021] Giving a Talk at Cybersecurity Healthy Arguments about Advancing The State-of-the-art (CHAATS).
[June 2021] Serving as a Program Committee (PC) member at SECURWARE 2021.
[February 2021] Accepted Research Intern offer at Bell Labs for Summer 2021.
[November 2020] GANDaLF paper is accepted at PETS 2021.
[October 2020] Mockingbird paper is accepted at IEEE TIFS.
[October 2020] Giving a Talk at Ph.D. Colloquium 2020 at RIT.
[September 2020] Giving a Talk at Cybersecurity Healthy Arguments about Advancing The State-of-the-art (CHAATS).
[April 2020] Accepted Summer Intern offer at FireEye.
[February 2020] One paper accepted in PETS 2020.
[November 2019] Awarded travel grant to attend ACM CCS 2019.
[September 2019] Two posters accepted in ACM CCS 2019.
[August 2019] One Paper accepted in ACM CCS 2019.
Research Summary
My research is firmly anchored at the intersection of machine learning, security, and privacy. My primary focus is on developing ML-driven intelligent systems, specifically tailored for malware analysis and network traffic analysis. Presently, my involvement is deep-seated in exploring continual learning systems for refined malware detection and categorization. Since Fall 2016, I have delved extensively into traffic analysis on Tor, encompassing website fingerprinting (WF) attacks, WF defenses, and flow correlation attacks. Additionally, my experiences extend to short-term projects involving defenses against adversarial examples, detection of adversarial patches, and predicting autonomous system paths on the Internet utilizing machine learning models.
Peering into the future, I am enthusiastic about exploring the defensive capabilities of quantum key distribution (QKD) networks. My aim is to fortify our networking infrastructure's resilience against the looming threats in the post-quantum era.
Malware Analysis
In this area of research, I am working on static malware analysis where we investigate
an intelligent dynamic malware classification/detection system using human learning properties in machine learning (ML) techniques,
more commonly referred to as continual learning/lifelong learning and some other variations. In particular, we are investigating how we can mitigate
catastrophic forgetting of a malware classification/detection model while the model is learning sequentially like the human learning process.
Our first ever investgation on this space is published in the CoLLAs 2022.
At present, we are investigating some more exciting questions from the outcome of our first paper.
I have had spent the summer of 2020 at Mandiant as a Data Science intern where I have worked on investigating the feasibility of a transformer model for static malware analysis which got published in the WoRMA 2022.
Traffic Analysis
I started working on this area while I was doing my Master's and continuted working on this as a PhD student.
The primary focus of this area of research is to investigate vulnerabilities in network traffic of
an anonymous system such as Tor. To measure the severity of discovered vulnerability as a
realistic attack known as website fingerprinting (WF), we apply several ML and
deep learning (DL) techniques. A flip side of the WF attack is to investigate an efficient (i.e., low bandwidth and low latency)
WF defense which can effectively defend these ML and DL based WF attacks which prompted us to investigate WF defenses as well.
Recently we have worked on flow correlation attack on Tor where we improve the current state-of-the-art leveraging metric learning.
Our work on WF attack, WF defense, and flow correlation space have been
recognized in several top security venues and journal including ACM CCS 2018, ACM CCS 2019,
PETS 2020, PETS 2021, IEEE TIFS 2020, IEEE S&P (Oakland) 2022, and IEEE S&P (Oakland) 2023.
Publications - Journals, Conferences, and Workshops
2023
"SoK: A Critical Evaluation of Efficient Website Fingerprinting Defenses", Nate Mathews, James K Holland, Se Eun Oh, Mohammad Saidur Rahman, Nike Hopper, and Matthew Wright,
IEEE Symposium on Security & Privacy (S&P) 2023.
[Paper] [Code]
2022
"On the Limitations of Continual Learning for Malware Classification", Mohammad Saidur Rahman, Scott Coull, and Matthew Wright,
First Conference on Lifelong Learning Agents - CoLLAs 2022.
[Paper] [Video] [Code]
2022
"Transformers for End-to-End InfoSec Tasks: A Feasibility Study", Ethan M. Rudd, Mohammad Saidur Rahman, and Philip Tully,
ACM Workshop on Robust Malware Analysis (WoRMA) 2022 (co-located with ACM AsiaCCS 2022).
[Paper]
2022
"DeepCoFFEA: Improved Flow Correlation Attacks on Tor via Metric Learning and Amplification", Se Eun Oh, Taiji Yang, Nate Mathews, James K Holland, Mohammad Saidur Rahman, Nike Hopper, and Matthew Wright,
IEEE Symposium on Security & Privacy (S&P) 2022.
[Paper] [Code]
2021
"GANDaLF: GAN for Data-Limited Fingerprinting", Se Eun Oh, Nate Mathews, Mohammad Saidur Rahman, Matthew Wright, and Nike Hopper,
Privacy Enhancing Technologies Symposium (PETS), 2021.
[Paper] [Code]
2021
"Mockingbird: Defending Against Deep-Learning-Based Website Fingerprinting Attacks with Adversarial Traces.", Mohammad Saidur Rahman, Mohsen Imani, Nate Mathews, and Matthew Wright,
IEEE Transactions on Information Forensics and Security (TIFS), Volume 16, 2021.
[Paper] [Code]
Media:
2020
"Tik-Tok: The Utility of Packet Timing in Website Fingerprinting Attacks", Mohammad Saidur Rahman, Payap Sirinam, Nate Mathews, Kantha Girish Gangadhara, and Matthew Wright,
Privacy Enhancing Technologies Symposium (PETS), 2020.
[Paper] [Code]
2019
"Triplet Fingerprinting: More Practical and Portable Website Fingerprinting with N-shot Learning", Payap Sirinam, Nate Mathews, Mohammad Saidur Rahman, and Matthew Wright,
ACM SIGSAC Conference on Computer and Communications Security (CCS), 2019.
[Paper] [Code]
CCS 2019
"Video Fingerprinting in Tor", Mohammad Saidur Rahman, Nate Mathews, and Matthew Wright,
ACM SIGSAC Conference on Computer and Communications Security (CCS) 2019.
Spring'17 "Password Hash Cracking Using Amazon Web Service (AWS) Elastic Compute Cloud (EC2)", Aadarsh Karumathil, Aniya Pandey, Christian Foster, Matt Johnson, Mohammad Saidur Rahman, Ryan Frank, Somasundaram MuthuKrishnan, Sukhpreet Singh, as part of the Course CSEC.759.01: Penetration Testing.
CCS 2019 Travel grant received to attend ACM Conference on Computer and Communications Security (CCS) 2019.
UpStat 2019 Bronze Medal, Category: Computations & Applications,
8th Annual Conference of the UPSTATE Chapters of the American Statistical Association.
RIT Winner , 3-Minutes Thesis Presentation Competition 2018.
RIT Winner , Graduate Research Showcase 2017.
Services
Reviewer. IEEE Transactions on Information Forensics and Security (TIFS).
