Students Seeking Positions

The following students affiliated with the Software Systems Lab will be on the job market during this academic year.

Qi Alfred Chen


Qi Alfred Chen

Research Area: System Security, Network Security, Mobile Systems

Position Sought: Tenure Track Faculty

Website: http://web.eecs.umich.edu/~alfchen/

Statement: Technology revolution brings new security challenges due to new usage models of new technologies and their interoperations with older technologies. Existing defenses are mostly passive and reactive, creating case-by-case solutions which cannot easily evolve with technology changes. My research is dedicated to develop proactive defense approaches using systematic techniques such as formalism, and thus fundamentally address security challenges from technology revolution. Three general approaches guide my research: 1) problem identification from inherent weaknesses of new features and their unexpected conflicts with previous assumptions, 2) systematic vulnerability detection and analysis using rigorous techniques, and 3) mitigation proposals and their evaluation in practice. By applying these steps, vulnerabilities from technology revolution are systematically uncovered, analyzed and mitigated. By applying these approaches to recent revolution in personal computing and Internet naming, my past and ongoing research uncovered a series of vulnerabilities including a new form of GUI confidentiality breach on Android (Usenix Security '14), and a new type of man-in-the-middle attack that is easier than ever as a side effect of new gTLD delegation (IEEE S&P '16). We subsequently use program analysis and attack surface quantification to perform systematic detection and analysis, and develop practical solutions (ACM CCS '15, NDSS '16, FC '16, and several ones under submission). Some of my work (e.g., papers at Usenix Security '14 and IEEE S&P '16) were reported by a number of major technology websites and attracted great attention from both academia and industry.


David A. Devecsery


David Devecsery

Research Area: Software Systems

Position Sought: Tenure Track Faculty

Website: http://web.eecs.umich.edu/~ddevec/

Statement: Today computers by default discard their rich history of prior computation and memory states. My vision is to create a computer system with the default of remembering all past computation, and furthermore making it practical to query the rich, but massive database of computation recorded. My research focuses on creating system level abstractions and developing novel analysis methodologies to accomplish this goal. My work on "Eidetic Systems" (OSDI 14) shows that it is practical to record and query years of computation, at an instruction level, on commodity hardware. Once this information is recorded, I have worked on several methods to query it in a timely manner, including: parallelizing dynamic information flow queries (OSDI 16), parallelizing dynamic data-race detection (ASPLOS 13), and my ongoing work on accelerating dynamic analysis (under submission). My ongoing work focuses on applying a novel combination of speculation and static analysis to accelerate dynamic analyses. Current results show order of magnitude speed-ups on a prototype dynamic slicing analysis.


Zakir Durumeric


Zakir Durumeric

Research Area: Security and Privacy

Position Sought: Tenure Track Faculty

Website: https://zakird.com/

Statement: Zakir Durumeric is a Ph.D. Candidate and Google Ph.D. Fellow in Computer Security. His research focuses on network security, particularly how global network measurement can improve the security of heterogeneous distributed systems. Zakir is widely known for his work on Internet-wide scanning, including creating ZMap – the network scanner capable of scanning the entire public IPv4 address space in minutes. His work has been awarded numerous distinctions, including the IRTF Applied Networking Research Prize and best paper awards from USENIX Security, ACM Conference on Computer and Communications Security, and ACM Internet Measurement Conference. He was named one of MIT Technology Review's 35 Innovators under 35 in 2015, and has recently been involved in uncovering the Logjam attack on TLS and documenting real-world attacks against STARTTLS.


Kassem M. Fawaz


Kassem Fawaz

Research Area: Mobile Systems Privacy and Security, Usable Privacy and Security, Internet of Things

Position Sought: Tenure Track Faculty

Website: http://kassemfawaz.com/

Statement: My research interests primarily include security and privacy for mobile users with emphasis on usable security and privacy, data privacy, as well as wireless security and privacy. My overall research objective is to bring effective, practical, and usable security and privacy protection to the masses especially in the emerging computing paradigm of the Internet of Things. In the past, I made research contributions to software systems as well as wireless communications and networks.

Currently, I am investigating the security challenges related to the now-popular voice assistant systems. Also, I am researching the use of chat bots as privacy assistants to provide notice and choice for users. As part of my Ph.D., I proposed three tools LP-Guardian, PR-LBS and LP-Doctor (an open source tool) that employ theoretical privacy guarantees to effectively and practically protect the location privacy of mobile users in various situations at a minimal cost.

In addition, my work on dynamically reconfiguring classifiers for mobile malware detection lies at the core of Qualcomm's Smart Protect platform. Recently, I proposed BLE-Guardian, a system that protects Bluetooth Low Energy-equipped devices and sensors from external security and privacy threats.

In addition to multiple funded research proposals, my graduate research work has resulted in numerous research publications in top tier conferences and journals as well as several filed and granted patents.


Huan Feng


Huan Feng

Research Area: Mobile Security and Privacy

Position Sought: Industrial Research Labs

Website: https://windofeng.github.io/bio.html

Statement: My research focuses on mobile security and privacy, with an emphasis on understanding and regulating the communication channels between mobile apps, mobile OS and end users. Specifically, I identified and assessed emerging attack surfaces in Android Binder (client-side IPC channel), mobile user tracking/profiling (cloud-side aggregation channel), and personal voice assistants (human-computer interaction channel). The dynamics between these communicating parties, in combination with their trust relationship, create many interesting problems.


Earlence Fernandes


Earlence Fernandes

Research Area: Systems Security, Internet of Things, Cyber-Physical Systems

Position Sought: Tenure Track Faculty, Research Faculty, Industrial Research Labs

Website: http://web.eecs.umich.edu/~earlence/

Statement: My research explores the security of the Internet of Things from a systems perspective. I am interested in developing techniques to analyze existing IoT systems to discover how they fail in practice, and in designing better systems, as well as improving current systems, to support a more secure and safe future Internet of Things. Examples of my current work include an empirical analysis of the popular SmartThings platform, which received the Distinguished Practical Paper Award at the IEEE Symposium on Security and Privacy in 2016, and FlowFence, a system that addresses the flow control problem for IoT apps, and shows how developers can restructure their code to build more privacy-respecting IoT apps. This work will appear at the USENIX Security Symposium, 2016. My past work has focused on mobile system security, where I developed techniques to enable privacy-respecting analytics (Mobicom 2016), techniques to prevent UI phishing (FC 2016), and techniques to enable better permission granting in smartphone OSes (IEEE TIFS 2014). 


Eugene Kim (Sunmin Kim)


Eugene Kim

Research Area: Battery Management System, Energy Storage System and Cyber-Physical System

Position Sought: Research Faculty, Industrial Research and Development

Website: http://www-personal.umich.edu/~kimsun/index.html

Statement: Research proposes and tests a holistic battery management system (BMS). The BMS can develop a battery degradation model, predict power requirements, and search efficient operational conditions based on power demand and driving history. It regulates battery current and temperature via switched mode DC/DC converter and thermal fins to achieve optimal operational conditions. Current project is the creation of a remote battery prognosis/diagnosis system with an efficient database to develop battery degradation models based on their behavior history.


Yongjoo Park


Yongjoo Park

Research Area: Database, Big Data Processing, Data Mining

Position Sought: Tenure Track Faculty, Industrial Research Labs

Website: http://yongjoopark.com/

Statement: Yongjoo Park is a Ph.D. Candidate in Computer Science and Engineering. His research interests lie in big data processing and its applications to data mining. In particular, he focuses on building smarter and faster big data analysis systems by leveraging advanced machine learning and statistical techniques. His works include real-time data analytics, data visualizations, searching in high-dimensional space, etc., for which harnessing big data is of great practical importance, but at the same time, brings novel challenges.


Amir Rahmati


Amir Rahmati

Research Area: System Security, IOT and Embedded Systems

Position Sought: Tenure Track Faculty, Industrial Research & Development

Website: http://amir.rahmati.com/

Statement: Amir Rahmati is a Ph.D. candidate in Computer Science and Engineering. His research falls within the intersection of security, networks, and pervasive systems and tackles various challenges in designing secure ubiquitous computing systems. His work has been presented in venues including USENIX Security and International Symposium on Computer Architecture and covered by various media outlets including IEEE Spectrum, Washington Post, and MIT Technology Review.