About me

Hello! I am an Assistant Professor and a founding member of Purdue Systems and Software Security (PurS3) Lab at Purdue University in the Electrical and Computer Engineering Department. I am a recipient of the NSF CAREER award, and Amazon Research award.

I am interested in designing principled yet practical solutions to system security problems. I currently work on Security threats from AI Accelerators, Rust for Embedded Systems, vulnerability detection, prevention, and mechanisms for developing secure systems. My solutions have a flavor of static/dynamic program analysis, fuzzing, type systems, language-based techniques, machine learning, or a combination of the above.

Selected Academic Recognitions

• Test of Time Award for DynoDroid at FSE 2023.
• Distinguished Paper Award for 3c at OOPSLA 2022.
• Distinguished Paper Award for Ramblr at NDSS 2017.

Selected External Awards

• NSF CAREER award 2024 for securing deeply embedded software.
• Amazon Research Award for Securing CI Workflows in Fall 2022.
• Qualified (as part of Shellphish) for DARPA AixCC Finals.
• Third Place (as part of Shellphish) in DARPA CGC Competition.

Recent Research Highlights

• FuzzUEr (accepted at NDSS 2025) found 20 zero day security issues in the latest version of EDK-II.
• ARGUS (presented at USENIX Security 2023) found thousands of (previously unknown) Command Injection vulnerabilities in GitHub Workflows of various open-source repositories.

Recent News

• MadCap got accepted at CODASPY 2025.
• 2 papers (e3c and SAST for embedded) got accepted at ISSTA 2025.
• 2 papers (FuzzUErr and VeriBin) got accepted at NDSS 2025.