Research
My research centers on advancing AI and Software Supply Chain Security.
My research integrates program analysis, large language models (LLMs), and cybersecurity techniques to evaluate and enhance application safety across Android, IoT, AI/LLM ecosystems, and software supply chains.
Research Areas
IoT Safety and Privacy
Developing automated techniques to detect security vulnerabilities in IoT systems, focusing on inter-app communication and interaction threats.
Selected Papers: USENIX’22, IEEE TSE’22, ISSTA’20 🏆
Software Debloating
Removing unnecessary code from C/C++ applications and containers to reduce attack surface and improve performance.
Selected Papers: SOCC’25, SIGMETRICS’24, FEAST’24, EuroS&P’22
Tools: FitStack (commercialized), LMCAS, SLASH (ONR Tech Transfer)
AI/ML/LLM Security
Investigating adversarial attacks and defenses for ML systems, and using LLM agents for software dependency management and program repair.
AI/ML Robustness: NeurIPS’22, SIGMETRICS’24
Agentic LLM: DSN’25 🏆, EMSE’25, NeurIPS’24 OWA
Android Security
Analyzing security vulnerabilities in Android applications, particularly inter-app communication and dynamically loaded code.
Selected Papers: IEEE TIFS’20, INFOCOM’19
Patents & Awards
Issued Patents:
- Computer Implemented Program Specialization (US 20220357933A1, 2024)
- Improved Security in Trigger Action Platforms (US 11856000B2, 2024)
Awards:
- 🏆 DSN Distinguished Artifact Award (2025)
- 🏆 ACM SIGSOFT Distinguished Paper Award (2020)
- (ISC)² Graduate Scholarship
For the complete publication list, see Publications.