Last Updated: September 20, 2023.
My research is firmly anchored at the intersection of machine learning, security, and privacy. My primary focus is on developing ML-driven intelligent systems, specifically tailored for malware analysis and network traffic analysis. Presently, my involvement is deep-seated in exploring continual learning systems for refined malware detection and categorization. Since Fall 2016, I have delved extensively into traffic analysis on Tor, encompassing website fingerprinting (WF) attacks, WF defenses, and flow correlation attacks. Additionally, my experiences extend to short-term projects involving defenses against adversarial examples, detection of adversarial patches, and predicting autonomous system paths on the Internet utilizing machine learning models. Peering into the future, I am enthusiastic about exploring the defensive capabilities of quantum key distribution (QKD) networks. My aim is to fortify our networking infrastructure's resilience against the looming threats in the post-quantum era.
In this area of research, I am working on static malware analysis where we investigate an intelligent dynamic malware classification/detection system using human learning properties in machine learning (ML) techniques, more commonly referred to as continual learning/lifelong learning and some other variations. In particular, we are investigating how we can mitigate catastrophic forgetting of a malware classification/detection model while the model is learning sequentially like the human learning process. Our first ever investgation on this space is published in the CoLLAs 2022. At present, we are investigating some more exciting questions from the outcome of our first paper. I have had spent the summer of 2020 at Mandiant as a Data Science intern where I have worked on investigating the feasibility of a transformer model for static malware analysis which got published in the WoRMA 2022.
I started working on this area while I was doing my Master's and continuted working on this as a PhD student.
The primary focus of this area of research is to investigate vulnerabilities in network traffic of
an anonymous system such as Tor. To measure the severity of discovered vulnerability as a
realistic attack known as website fingerprinting (WF), we apply several ML and
deep learning (DL) techniques. A flip side of the WF attack is to investigate an efficient (i.e., low bandwidth and low latency)
WF defense which can effectively defend these ML and DL based WF attacks which prompted us to investigate WF defenses as well.
Recently we have worked on flow correlation attack on Tor where we improve the current state-of-the-art leveraging metric learning. Our work on WF attack, WF defense, and flow correlation space have been recognized in several top security venues and journal including ACM CCS 2018, ACM CCS 2019, PETS 2020, PETS 2021, IEEE TIFS 2020, IEEE S&P (Oakland) 2022, and IEEE S&P (Oakland) 2023.
ESL Global Cybersecurity Institute,
Rochester Institute of Technology,
Rochester, NY 14623