Postdoctoral Researcher @ Northeastern University

Work Location Interdisciplinary Science and Research Complex (ISEC)
Northeastern University

Contact Email 1: sashank AT ccs DOT neu DOT edu
Email 2: s DOT narain AT northeastern DOT edu

Sashank Narain

My research is focused on user privacy, mobile security, IoT and cyber-physical systems security. I am passionate about demonstrating side-channel attacks that exploit sensors in mobile devices for privacy breaches. I am very interested in designing and implementing resilient systems for mobile security. My current goal is to implement a system that can detect and protect users from privacy breaches arising from various sensitive resources such as motion sensors, GPS, Wi-Fi, Cellular, Camera and Microphones. I am also passionate about the security of IoT and cyber-physical systems. To this end, I am currently working on a project analyzing the privacy and security of consumer drones.

I received the 'CCIS Outstanding PhD Research Award', 2017 for my research on side-channel attacks. My current research on building resilient systems for privacy breaches is supported by a Google Research Award. My research projects have been published in competitive venues such as IEEE Security and Privacy (S&P), Usenix Security, Privacy Enhancing Technologies (PETs) and ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). I have represented Northeastern University in competitions such as National Collegiate Cyber Defense Competition, 2012 (CCDC) and MITRE Embedded Capture The Flag (eCTF) as captain in 2017 and co-advisor in 2019. I am the co-founder of the Information Systems Security Association (ISSA) Northeastern University chapter, and was the PhD Student Representative, 2016-2017 for Information Assurance at Northeastern University.

I completed my Ph.D. in Information Assurance and MS in Information Assurance from Northeastern University. Prior to the Ph.D., I worked as a software engineer in a multi-national company. I have experience in various domains such as Software Engineering, Security Auditing, Penetration Testing, Web Application Security, IT Support, Web Application Development and Malware Remediation.

Publications

MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link  [ paper ][ bibtex ]
Milan Stute, Sashank Narain, Alex Mariotto, Alexander Heinrich, Guevara Noubir, and Matthias Hollick
USENIX Security Symposium, 2019 [To Appear]
Security of GPS/INS based On-road Location Tracking Systems  [ paper ][ bibtex ]
Sashank Narain, Aanjhan Ranganathan, and Guevara Noubir
IEEE Symposium on Security and Privacy, 2019 [To Appear]
Mitigating Location Privacy Attacks on Mobile Devices using Dynamic App Sandboxing  [ paper ][ bibtex ]
Sashank Narain, and Guevara Noubir
Privacy Enhancing Technologies Symposium (PETS), 2019 [To Appear]
Sensor Side-Channel Attacks on User Privacy - Analysis and Mitigation  [ dissertation ]
Sashank Narain
Ph.D. Dissertation, 2018
An autonomic and permissionless Android covert channel  [ paper ][ bibtex ]
Kenneth Block, Sashank Narain, and Guevara Noubir
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2017
The Perils of User Tracking Using Zero-Permission Mobile Apps  [ paper ][ bibtex ]
Sashank Narain, Triet D. Vo-Huu, Kenneth Block, and Guevara Noubir
IEEE Security and Privacy Magazine, Apr 2017
Inferring User Routes and Locations using Zero-Permission Mobile Sensors  [ paper ][ bibtex ]
Sashank Narain, Triet D. Vo-Huu, Kenneth Block, and Guevara Noubir
IEEE Symposium on Security and Privacy, 2016 [ Acceptance Rate: 13.3% ].
Single-stroke Language-Agnostic Keylogging using Stereo-Microphones and Domain Specific Machine Learning  [ paper ][ bibtex ]
Sashank Narain, Amirali Sanatinia, and Guevara Noubir
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2014
Wireless Spreading of WiFi APs Infections using WPS Flaws: an Epidemiological and Experimental Study  [ paper ][ bibtex ]
Amirali Sanatinia, Sashank Narain, and Guevara Noubir
IEEE Conference on Communications and Network Security (CNS), 2013

Teaching

  • Instructor (IA5001 Cyberspace Technology and Applications) - Summer 2 2019
  • Course Builder (IA5001 Cyberspace Technology and Applications) - Summer 1 2019
  • Instructor (IA5010 Foundations of Information Assurance) - Fall 2019
  • Course Builder (IA5010 Foundations of Information Assurance) - Fall 2017 and Spring 2018
  • Teaching Assistant (CS4740 / CS6740 Network Security) - Fall 2012, Spring 2014, Fall 2015, Fall 2016, Spring 2017 and Fall 2017

Posters

Inferring User Routes and Locations using Zero-Permission Mobile Sensors
Sashank Narain, Triet D. Vo-Huu, Kenneth Block, and Guevara Noubir
New England Security Day (NESD), Boston, MA, 2017
Inferring User Routes and Locations using Zero-Permission Mobile Sensors
Sashank Narain, Triet D. Vo-Huu, Kenneth Block, and Guevara Noubir
Advanced Cyber Security Center (ACSC), Boston, MA, 2016
Single-stroke Language-Agnostic Keylogging using Stereo-Microphones and Domain Specific Machine Learning
Sashank Narain, Amirali Sanatinia, and Guevara Noubir
Advanced Cyber Security Center (ACSC), Boston, MA, 2014
WiFi AP Infection Spread  [ paper ][ bibtex ]
Amirali Sanatinia, Sashank Narain, and Guevara Noubir
ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2014
WiFi AP Infection Spread
Amirali Sanatinia, Sashank Narain, and Guevara Noubir
Advanced Cyber Security Center (ACSC), Boston, MA, 2013

Awards

  • The CCIS Outstanding PhD Research Award, 2017 - College of Computer and Information Science, Northeastern University
  • 'Mass Attack' and Runner-up Awards, MITRE Embedded Capture The Flag (eCTF) Competition, 2017 - MITRE Cyber Academy
  • Student Travel Grant Award, 2016 - IEEE Symposium on Security and Privacy
  • Student Travel Grant Award, 2014 - ACM Conference on Security and Privacy in Wireless and Mobile Networks
  • Northeastern University Fellowship - Northeastern University
  • Dean's Graduate Merit Scholarship - College of Computer and Information Science, Northeastern University

Activities

  • Co-advisor of 'MITRE Embedded Capture The Flag Competition, 2019' team - Northeastern University
  • Captain of 'MITRE Embedded Capture The Flag Competition, 2017' team - Northeastern University
  • Ph.D. Student Representative for Information Assurance, 2016-2017 - Northeastern University
  • Speaker at 'RISCS Seminar on Practical Security, 2014' - Boston University
  • Co-founder of 'Information Systems Security Association (ISSA), NEU' chapter - Northeastern University
  • Senator in 'Graduate Student Government (GSG)', 2012 - Northeastern University
  • Member of 'National Collegiate Cyber Defense Competition, 2012' team - Northeastern University
  • Captain of a 'MIT Lincoln Lab / CSAIL Capture The Flag, 2011' team - Northeastern University

Services

  • Replicability Committee - ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2019
  • Poster/Demo Program Committee - ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2018
  • Reviewer - IEEE Access, 2018-2019
  • External Reviewer - Privacy Enhancing Technologies Symposium (PETS), 2018-2019
  • Reviewer - ACM Transactions on Privacy and Security (TOPS), 2017-2018
  • Reviewer - IEEE Transactions on Mobile Computing (TMC), 2016-2018
  • External Reviewer - ACM Asia Conference on Computer and Communications Security (AsiaCCS), 2017
  • Volunteer - ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), 2017
  • Volunteer - SecureWorld Boston Conference, 2012
  • Volunteer - OWASP Boston Application Security Conference, 2011