| Feb 01, 2026 | 🔥 Our paper “BACFuzz: Exposing the Silence on Broken Access Control Vulnerabilities in Web Applications” has been accepted to DIMVA’26! |
| Nov 01, 2025 | 🔥 I discovered a critical bug in Syft SBOM generation tools, affecting software supply chain security. |
| Jul 01, 2025 | 🔥 I started my appointment as a Scientist at the Qatar Computing Research Institute (QCRI). |
| Jun 01, 2025 | 🔥 Our paper “An Empirical Evaluation of Pre-trained Large Language Models for Repairing Declarative Formal Specifications” has been accepted to EMSE’25! |
| May 01, 2025 | 🏆 Our DSN’25 paper received the Distinguished Artifact Award! |
| Apr 01, 2025 | 🔥 Honored to be invited to serve on the IEEE S&P’26 Program Committee. |
| Mar 01, 2025 | 🔥 Our paper “Towards More Dependable Specifications: An Empirical Study Exploring the Synergy of Traditional and LLM-Based Repair Approaches” has been accepted to DSN’25! |
| Jan 01, 2025 | 🔥 I started my appointment as Assistant Professor at Chalmers University of Technology and the University of Gothenburg. |
| Oct 01, 2024 | 🔥 Our paper “DepsRAG: Towards Agentic Reasoning and Planning for Software Dependency Management” has been accepted to the NeurIPS’24 Workshop on Open-World Agents! |
| Sep 01, 2024 | 🔥 Our patent “Computer Implemented Program Specialization” has issued (US 20220357933A1). |
| Aug 01, 2024 | 🔥 Two papers accepted to FEAST’24: “SoK: Software Debloating Landscape and Future Directions” and “Software Debloating from Exception-Handler Lenses”. |
| Jan 01, 2024 | 🔥 Released Python Dependency Chatbot (RAG over Knowledge Graph). Also, our patent “Method and Apparatus for Improved Security in Trigger Action Platforms” has issued (US 11856000B2). |
| Dec 01, 2023 | 🔥 Paper “Machine Learning Systems are Bloated and Vulnerable” accepted to SIGMETRICS’24. Also invited to serve on the CCS’24 TPC Software Security Track. |
| Nov 01, 2023 | 🔥 Our ONR grant “Holistic Debloating in the Age of LLM Technology” is funded. Thank you, ONR! |
| Jul 01, 2023 | 🔥 Released Langroid, a multi-agent LLM application framework for developers. |
| Jun 01, 2023 | 🔥 ONR open-sourced the tech-transferred versions of our debloating tools LMCAS and SLASH. |
| Dec 01, 2022 | 🔥 Paper “autoMPI: Automated Multiple Perspective Attack Investigation with Semantics Aware Execution Partitioning” accepted to IEEE TSE. |
| Sep 01, 2022 | 🔥 Paper “Robust Learning against Relational Adversaries” accepted to NeurIPS’22 (oral-designated). |
| Jun 01, 2022 | 🔥 Paper “IoTCOM: Dissecting Interaction Threats in IoT Systems” accepted to IEEE TSE. |
| Feb 01, 2022 | 🔥 Paper “Lightweight, Multi-Stage, Compiler-Assisted Application Specialization” accepted to Euro S&P’22. |
| Jul 01, 2021 | 🔥 Paper “Practical Data Access Minimization in Trigger-Action Platforms” accepted to USENIX Security’22. Our debloating tool was accepted for Tech Transfer by ONR. |
| Apr 01, 2020 | 🏆 Paper “Scalable Analysis of Interaction Threats in IoT Systems” (ISSTA’20) received the ACM SIGSOFT Distinguished Paper Award! |
| Dec 01, 2018 | 🔥 Paper “Detecting Vulnerable Android Inter-App Communication in Dynamically Loaded Code” accepted to INFOCOM’19. |