Home

I am currently working as a Senior Staff Researcher in the Web Security Research team @ Palo Alto Networks. My work is focused on protecting internet users from persistent cyber threats. 

 I am a Ph.D. candidate at The  University of Iowa studying issues related to security and privacy under the supervision of Zubair Shafiq. My research focuses on systematically investigating various types of abuses (e.g. spam, fraud, data misuse) on popular online social networks such as Facebook and Twitter. To this end, I perform longitudinal measurement studies to design data-driven countermeasures that can help online social networks in mitigating this abuse.

Recent news:

• Authored a blog on An Evasive Large-Scale Scareware and PUP Delivery Campaign

• Authored a blog on a Early Detection of Malicious Stockpiled Domains

• Authored a blog on a widespread Malicious JavaScript Injection Campaign 

• 02/23: Attending NDSS 2023 and will be chairing a session @ MADWeb

• 06/22: Attending RSA 2022 

• 02/21: Joined Palo Alto Networks as a Web Security Researcher

• Our work "Understanding Incentivized Mobile App Installs on Google Play Store" was nominated for the best paper award at IMC 2020.

• I am attending IMC 2020 virtually and will be presenting our work on understanding incentivized mobile app Installs 

• Our work "Understanding Incentivized Mobile App Installs on Google Play Store" has been accepted in IMC 2020.

• My research on detecting data misuse by third-party apps was covered by [ZDNet ] [VentureBeat]

• Our work "Understanding Incentivized Mobile App Installs on Google Play Store" has been accepted in IMC 2020.

• Our work "CanaryTrap: Detecting Data Misuse by Third-Party Apps on Online Social Networks" has been accepted in PETS 2020.

• Our research on Facebook OAuth access token abuse published as Communications of the ACM Research Highlights (May Edition) .

• Awarded Ballard and Seashore Dissertation Fellowship by Graduate College of The University of Iowa

• My research on abuse of Third-Party applications on Twitter was covered by WIRED, Engadget

• Our work "Measurement and Early Detection of Third-Party Application Abuse on Twitter" has been accepted in WWW 2019.

• Awarded Post-Comprehensive Research Fellowship by Graduate College of The University of Iowa

• My research on the abuse of Facebook and Twitters apps was featured in Iowa Now 

• Interned at ICSI, Berkeley in summer 2018

• Received the Best Paper Award at ACM IMC 2017.

• My research on abuse of OAuth access tokens was covered by [ CNET ] [ Daily Mail ] [ Fortune ] [ CBS News ]

• I am attending ACM IMC 2017.

• Our work "Accurate Detection of Automatically Spun Content via Stylometric Analysis" has been accepted in ICDM 2017.

• Our work "Measuring and Mitigating OAuth Access Token Abuse by Collusion Networks" has been accepted in ACM IMC 2017.

• Shadow PC member for IMC 2017.

• Our work "Measuring, Characterizing, and Detecting Facebook Like Farms" has been accepted in ACM TOPS.

• I am attending IEEE S&P'17 in San Jose, CA.

• I have been awarded IEEE S&P'17 travel grant.

• Our work "Characterizing Key Stakeholders in an Online Black-Hat Marketplace" has been accepted in eCrime'17.

• I am attending NDSS'17 in San Diego, CA.

• I am attending ACM IMC'16 in Santa Monica, CA.

• I am attending IEEE CNS 2016 in Philadelphia, PA.

• I have been awarded ACM IMC'16 travel grant.

• I am attending USENIX Security '16 in Austin, TX.

• Our work on Malware propagation on traffic exchanges has been accepted in IEEE/IFIP DSN 2016.