M. Mannan -- Students and Teaching

Prospective students

If you are interested in Ph.D., you must have at least one publication in a decent security venue. For both Ph.D. and Master's, I expect you to have the following qualities: highly motivated to solve difficult security/privacy problems; strong academic background (e.g., good university with good GPA); and strong systems knowledge and programming experience. Students with diverse background and life experiences will be given special consideration. If you meet my criteria, please send me an email with your CV and transcripts. I will definitely try to respond within a day or two.

Ph.D. Students

  1. Sajjad Pourali

Master's Students

  1. Bhaskar Tejaswi
  2. Rohan Pagey
  3. Vladimir Rabotka
  4. Xiufen Yu
  5. Hamed Mohammadi
  6. Supraja Baskaran
  7. Abdelrahman Ragab
  8. Ajmain Alam
  9. Kazi Farhat Lamisa
  10. Xin Sun
  11. Adivardhan Maheshwari
  12. Philippe Mangeard
  13. Burak Hotan

Student Success Highlights

  1. Dr. Lianying Zhao has joined as an assistant professor at Carleton!
  2. Dr. Xavier de Carné de Carnavalet has joined as a research assistant professor at the Hong Kong Polytechnic University!
  3. My students published at top systems security conferences, including: NDSS 2013-16, NDSS 2019, ACM CCS 2016, and journals: ACM TISSEC, IEEE TIFS, IEEE TDSC.
  4. Our research has been Slashdotted several times. Other media include: BBC, CBC, CTV, ACM Technews; see press coverage.
  5. Xavier de Carné de Carnavalet is the first ENCS/Concordia recipient of Vanier Canada Graduate Scholarship (the most prominent Ph.D. scholarship in Canada).


  1. Nayanamana Samarasinghe PhD thesis (Nov 17, 2022), Measuring for privacy: From tracking to cloaking
  2. Pranay Kapoor MASc thesis (Aug 24, 2022), Silver Surfers on the Tech Wave: Privacy Analysis of Android Apps for the Elderly
  3. Maryna Kluban MASc thesis (Apr 29, 2022), On Measuring JavaScript Vulnerabilities in the NPM Packages, Websites and Chrome Extensions
  4. Mehdi Salehi MASc thesis (Apr 28, 2022), An Analysis of Upgradeability, Oracles, and Stablecoins in the Ethereum Blockchain
  5. Behnam Shobiri MASc thesis (Dec 8, 2021), CDNs' Dark Side: Identifying Security Problems in CDN-to-Origin
  6. Mounir Elgharabawy MASc thesis (Oct 5, 2021), Cross-vendor Security Analysis of Android Unix Domain Sockets
  7. Md. Shahab Uddin MASc thesis (Aug 25, 2021), HORUS: A Security Assessment Framework for Android Crypto Wallets
  8. Tina Safaie MASc thesis (Mar 31, 2021), ByPass: Reconsidering the Usability of Password Managers
  9. Quentin Duchaussoy MASc thesis (Nov 3, 2020), Security and Privacy Analysis of Parental Control Solutions
  10. Tousif Osman MASc thesis (Sept 9, 2020), AppVeto: Securing Android Applications through Resource Access Veto
  11. Mina Jafari, MASc thesis (Sept 3, 2020), Measuring the Effectiveness of Microsoft Authenticode: A Systematic Analysis of Signed Freeware
  12. Suzan Ali, MASc thesis (May 25, 2020), A Large-Scale Evaluation of Privacy Practices of Public Wifi Captive Portals
  13. Xavier de Carné de Carnavalet, PhD thesis (July 24, 2019), Last-Mile TLS Interception: Analysis and Observation of the Non-Public HTTPS Ecosystem
  14. Md Zakir Hossen, MASc thesis (December 11, 2018), On Understanding Permission Usage Contextuality of Android Apps
  15. Lianying Zhao, PhD thesis (July 23, 2018), Authentication and Data Protection under Strong Adversarial Model
  16. Abhimanyu Khanna, MASc thesis (April 24, 2017), Towards Usable and Fine-grained Security for HTTPS with Middleboxes
  17. Parul Khanna, MASc thesis (April 18, 2017), Detecting Privacy Leaks Through Existing Android Frameworks
  18. Briti Sundar Mondal, MASc thesis (August 24, 2016), Bintype: A Scalable Type Inference Tool for Compiled C Programs
  19. Arash Shahkar, MASc thesis (March 1, 2016), On Matching Binary to Source Code
  20. Suryadipta Majumdar, MASc thesis (September 8, 2014), On End-to-end Encryption for Cloud-based Services
  21. Xavier de Carné de Carnavalet, MASc thesis (April 7, 2014), A Large-scale Evaluation of High-impact Password Strength Meters
  22. A. Mert Kara, MASc thesis (January 10, 2014), Malicious Payload Distribution Channels in Domain Name System
  23. Atieh Saberi Pirouz, MASc thesis (August 27, 2013), Securing Email through Online Social Networks
  24. Adam Skillen, MASc thesis (April 3, 2013), Deniable Storage Encryption for Mobile Devices

  25. Chelsea Guan (CUSRA 2021)
  26. Adam Slimi (ENSTA Paris, Summer Intern 2021)
  27. Simon Brillant-Giroux (NSERC USRA 2019)
  28. Nohan Fleurant (NSERC USRA 2019)
  29. Sebastian Proctor-Shah (NSERC USRA 2016)
  30. Philippe Fisher (NSERC USRA 2016)
  31. Devirs Isler, Mitacs Globalink Intern from Zirve University, Turkey (summer 2014)

Some students are/were co-supervised with A. Youssef, Jeremy Clark, Lianying Zhao, Elizabeth Stobert, Mourad Debbabi