I will join SDSU as a tenure-track assistant professor in Fall 2025, where I am also a member of the Cybersecurity Center.

My current research interests encompass security and privacy concerns within software supply chains, mobile systems, and Internet of Things (IoT) systems. I am committed to identifying novel attack vectors and emerging privacy issues in these domains. My methodology involves the application of reverse engineering, static and dynamic analysis, and formal verification techniques to detect, measure, and mitigate newly identified security and privacy vulnerabilities.

New PhD student: I am accepting PhD students with interests in systems security or AI security.

Research Areas & Interests:

• Software Supply Chain Security and Privacy: [USENIX Security’24], [USENIX Security’23]
• Mobile/IoT Security: [USENIX Security’23], [CCS’21], [CCS’20]
• Cybercrime: [EuroS&P’24]

News

• (05/2025) I will join SDSU as a tenure-track assistant professor in fall 2022.
• (01/2025) I will serve as a PC member of SafeThings 2025.
• (05/2024) One paper on the privacy compliance risks of the software supply chain is accepted to USENIX Security 2024.
• (01/2024) I will serve as a PC member of SDIoTSec 2024.
• (01/2024) I will serve as a PC member of SafeThings 2024.
• (07/2023) Thanks to Usenix Security’s student grant.
• (03/2023) Our paper on software supply chain security is accepted to USENIX Security 2023.
• (09/2022) Our paper on a large-scale analysis of IoT data exposure is accepted to USENIX Security 2023.
• (06/2020) Our paper on super app eccosystem security is accepted to CCS 2020.