The Internet has become ubiquitous in every aspect of our lives - from entertainment, education, shopping and even day-to-day communication. The Covid-19 pandemic has further exacerbated our reliance on the Internet. One could go so far as to say that the Internet has become one of the primary necessities of human life.
This open access to the Internet has also made it a breeding ground for malicious users who target naïve Internet users and extort them for money, data or simply for fun. Cyberattacks have been growing at an alarming pace in the past few years, and it is of utmost importance that security specialists and enthusiasts join hands to make the Internet a safe place for users.
My primary area of research is web security, specifically focusing on defending web applications from malicious users.
As part of my M.Tech project, I worked on identifying State Violation Vulnerabilities in web applications. These vulnerabilities stem from improper validation of session variables at the server side and can lead to malicious users circumventing the intended business logic of a web application for their personal or monetary gain.
As part of my PhD research, I have worked on the detection of Application Layer DDoS attacks on web applications. DDoS attacks are a severe threat to web applications and cloud servers alike. The recent variations of DDoS attacks at the application layer are much more sophisticated and much harder to detect. As part of my PhD, I worked on developing a lightweight machine learning technique for the detection of Application Layer DDoS attacks.
I am currently working on the related areas of web security such as fake news detection and detection of cyberbullying.