Research

Graduate Research Assistant, Carnegie Mellon University, 2009 - 2015


Causality/ Blame assignment for security violations: My dissertation is titled `Interaction-aware Actual Causation: A Building Block for Accountability in Security Protocols.' In this work I formalized a logic-based definition to determine causes of violations on security logs in multi-agent systems. As an application, I analyzed causes of failures of authentication protocols for public key certification. In this project, I combined viewpoints on causation from philosophical, theoretical, security and privacy-centric perspectives.
Collaborators: Anupam Datta, Deepak Garg, Dilsun Kaynar, Arunesh Sinha

Linking attacks: Identified background information and database characteristics that enable de- anonymization. Determined provable mathematical bounds showing amount of de- anonymization possible. Evaluated theoretical assumptions empirically on an `anonymized' Netflix database.
Collaborators: Anupam Datta, Arunesh Sinha

Privacy of court records: Analyzed privacy implications of moving court records online on individual privacy using a philosophical/legal framework to analyze information flows. Demonstrated that cost of information retrieval is significantly lower online as compared to physical records. Identified factors which contribute to differences.
Collaborators: Anupam Datta, Helen Nissenbaum, Amanda Conley

Privacy of property records: Evaluated the level of privacy protection provided by removal of `Search by name' feature in Allegheny property assessment database through user studies.
Collaborators: Lorrie Cranor, Manya Sleeper

Internships

Research Intern, Microsoft Research, Cambridge, UK, Summer 2014
Mentors: Cedric Fournet, Olya Ohrimenko
Demonstrated information leakage via composition attacks on MapReduce computations in datasets containing sensitive information. Determined a solution that mitigates composition attacks.

Research Intern, Symantec Research Labs, Mountain View, CA, Summer 2013
Mentors: Sanjay Sawhney, Sharada Sundaram, Darren Shou
Automated compliance with privacy laws for unstructured data. Developed a method for specifying and enforcing privacy laws and rules for access control in enterprises. Lead author on a white paper for best practices in compliance with US privacy laws.

Research Intern, D-ITET, ETH Zurich, Switzerland, Spring 2008
Mentor: Bernhard Plattner, Computer Engineering and Networks Laboratory
Proposed two approaches for enhancing security of field-based routing protocol (for wireless ad-hoc routing). Integrated these approaches with existing security mechanisms. Thesis can be found here.

Research Intern, Indian Institute of Technology, Mumbai, India, Summer 2007
Mentor: Abhay Karandikar, Department of Electrical Engineering
Evaluated performance of O-DRR scheduler in presence of TCP sources in WiMAX on the basis of fairness in allocation of slots. Analyzed BE, rtPS and nrtPS traffic in contention for scheduling.