M. Mannan -- Students and Teaching
Prospective students
If you are interested in Ph.D., you must have at least one publication in a decent security venue. For both Ph.D. and Master's, I expect you to have the following qualities: highly motivated to solve difficult security/privacy problems; strong academic background (e.g., good university with good GPA); and strong systems knowledge and programming experience. Students with diverse background and life experiences will be given special consideration. If you meet my criteria, please send me an email with your CV and transcripts. I will definitely try to respond within a day or two. I have open positions for both Ph.D. (fully funded), MASc (partial support).
Ph.D. Students
Master's Students
- Kazi Farhat Lamisa
- Xin Sun
- Fahimeh Rezaei
- Tariq Houis
- Manar Adel Mohamed Taha Hamed
Student Success Highlights
- Dr. Lianying Zhao has joined as an assistant professor at Carleton!
- Dr. Xavier de Carné de Carnavalet has joined as a research assistant professor at the Hong Kong Polytechnic University! The Masters graduates went mostly into leading security companies or security positions in other small and large companies, including: Fortinet, Meta/Facebook, Deloitte, Offchain Labs, Tigera, SAP Canada, RBC Canada, BNP Paribas, Amazon.
- My students published at top systems security conferences, including: NDSS 2013-16, NDSS 2019, ACM CCS 2016, 2022 and journals: ACM TISSEC, IEEE TIFS, IEEE TDSC.
- Our research has been Slashdotted several times. Other media include: BBC, CBC, CTV, ACM Technews; see press coverage.
- Xavier de Carné de Carnavalet is the first ENCS/Concordia recipient of Vanier Canada Graduate Scholarship (the most prominent Ph.D. scholarship in Canada).
Alumni
- Philippe Mangeard Master's thesis (Aug 27, 2024), WARNE: A Stalkerware Evidence Collection Tool
- Abdelrahman Ragab Master's thesis (Aug 20, 2024), Privacy and Security Analysis of Virtual Shopping and AI Companion Platforms
- Supraja Baskaran Master's thesis (Oct 30, 2023), Measuring the Leakage and Exploitability of Authentication Secrets in Super-apps: The WeChat Case
- Xiufen Yu Master's thesis (Sept 12, 2023), Privacy Analysis of Technological Solutions Designed for Victims of Intimate Partner Abuse
- Rohan Pagey Master's thesis (Jan 23, 2023), Security Weaknesses in E-commerce Platforms
- Bhaskar Tejaswi Master's thesis (Jan 25, 2023), Security Weaknesses in IoT Management Platforms
- Nayanamana Samarasinghe PhD thesis (Nov 17, 2022), Measuring for privacy: From tracking to cloaking
- Pranay Kapoor, MASc thesis (Aug 24, 2022), Silver Surfers on the Tech Wave: Privacy Analysis of Android Apps for the Elderly
- Maryna Kluban, MASc thesis (Apr 29, 2022), On Measuring JavaScript Vulnerabilities in the NPM Packages, Websites and Chrome Extensions
- Mehdi Salehi, MASc thesis (Apr 28, 2022), An Analysis of Upgradeability, Oracles, and Stablecoins in the Ethereum Blockchain
- Behnam Shobiri, MASc thesis (Dec 8, 2021), CDNs' Dark Side: Identifying Security Problems in CDN-to-Origin
- Mounir Elgharabawy, MASc thesis (Oct 5, 2021), Cross-vendor Security Analysis of Android Unix Domain Sockets
- Md. Shahab Uddin MASc thesis (Aug 25, 2021), HORUS: A Security Assessment Framework for Android Crypto Wallets
- Tina Safaie MASc thesis (Mar 31, 2021), ByPass: Reconsidering the Usability of Password Managers
- Quentin Duchaussoy, MASc thesis (Nov 3, 2020), Security and Privacy Analysis of Parental Control Solutions
- Tousif Osman, MASc thesis (Sept 9, 2020), AppVeto: Securing Android Applications through Resource Access Veto
- Mina Jafari, MASc thesis (Sept 3, 2020), Measuring the Effectiveness of Microsoft Authenticode: A Systematic Analysis of Signed Freeware
- Suzan Ali, MASc thesis (May 25, 2020), A Large-Scale Evaluation of Privacy Practices of Public Wifi Captive Portals
- Xavier de Carné de Carnavalet, PhD thesis (July 24, 2019), Last-Mile TLS Interception: Analysis and Observation of the Non-Public HTTPS Ecosystem
- Md Zakir Hossen, MASc thesis (December 11, 2018), On Understanding Permission Usage Contextuality of Android Apps
- Lianying Zhao, PhD thesis (July 23, 2018), Authentication and Data Protection under Strong Adversarial Model
- Abhimanyu Khanna, MASc thesis (April 24, 2017), Towards Usable and Fine-grained Security for HTTPS with Middleboxes
- Parul Khanna, MASc thesis (April 18, 2017), Detecting Privacy Leaks Through Existing Android Frameworks
- Briti Sundar Mondal, MASc thesis (August 24, 2016), Bintype: A Scalable Type Inference Tool for Compiled C Programs
- Arash Shahkar, MASc thesis (March 1, 2016), On Matching Binary to Source Code
- Suryadipta Majumdar, MASc thesis (September 8, 2014), On End-to-end Encryption for Cloud-based Services
- Xavier de Carné de Carnavalet, MASc thesis (April 7, 2014), A Large-scale Evaluation of High-impact Password Strength Meters
- A. Mert Kara, MASc thesis (January 10, 2014), Malicious Payload Distribution Channels in Domain Name System
- Atieh Saberi Pirouz, MASc thesis (August 27, 2013), Securing Email through Online Social Networks
- Adam Skillen, MASc thesis (April 3, 2013), Deniable Storage Encryption for Mobile Devices
- Chelsea Guan (CUSRA 2021)
- Adam Slimi (ENSTA Paris, Summer Intern 2021)
- Simon Brillant-Giroux (NSERC USRA 2019)
- Nohan Fleurant (NSERC USRA 2019)
- Sebastian Proctor-Shah (NSERC USRA 2016)
- Philippe Fisher (NSERC USRA 2016)
- Devirs Isler, Mitacs Globalink Intern from Zirve University, Turkey (summer 2014)
Some students are/were co-supervised with A. Youssef, Jeremy Clark, Lianying Zhao, Elizabeth Stobert, Mourad Debbabi