Faysal Hossain Shezan
Current Institution: University of Virginia
Bio: Faysal Hossain Shezan is currently pursuing a Ph.D. degree in the Department of Computer Science at the University of Virginia, working with prof. Yuan Tian. His research interest lies in the intersection of security & privacy, machine learning, software engineering, and cyber-physical systems. He is especially interested in data-driven security and privacy analysis in emerging systems. The goal of his research is to measure the attack surface of the IoT platforms, analyze privacy leakages among inter-connected home automation applications and investigate the enforcement of privacy policies. His research findings are acknowledged by several well-known companies (such as., Google) and resulted in the publishing of several CVEs. He is fortunate to receive a few awards and recognition during his Ph.D., including- UVA endowed graduate fellowship award, Link Lab outstanding graduate research award, travel grants from the Web conference, and BlackHat USA.
Abstract: Ensuring Safe, Secure & Privacy-aware Emerging Systems using Limited Data
Now, I want to highlight my works on identifying and measuring security and privacy risks as well as implementing and vetting privacy schemes for emerging platforms. First, in the interaction step, I study an in-depth analysis of the sensitivity of voice applications. To that end, I built an active learning-based tool to detect sensitive voice applications. Second, in the implementation stage, I investigate the existing problems of the permission-based access control system. This helps me to design and implement TKPERM, a transfer learning-based software, which transfers knowledge of permission correlation systems across mobile, web, and IoT platforms. Third, at the certification level, I performed a security analysis of the current vetting process of voice applications. With these insights, I built an automatic chatbot to unfold the behavior of malicious voice applications which request unauthorized access to user health and medical data. The overall goal of my research is to ensure security and privacy for the end-users with a secure implementation of a privacy-preserving end-to-end system.