IoT Security Research Group

News

Open Positions

Note: To apply, please send an email to us (suryadipta.majumdar (at) concordia.ca) with your CV and transcripts (you will only hear from us if you are shortlisted for the interview). To check admission requirements for MASc students click here, and for PhD students click here please.

Multiple MASc/PhD positions in IoT/5G/Container/Cloud security (starting from Fall 2025)

With outstanding academic background, strong system skills and research experience.
(Preferably) with industrial experience and/or high-quality security/system publication(s).

Latest News

	[08/2024] The paper on an empirical study on IoT anomaly detection models is accepted by IEEE Conference on Communications and Network Security (CNS). Congrats Alireza!
	[06/2024] Sofya has passed her master defence with flying colors
	[06/2024] The paper on IoT-specific threat intelligence using dynamic app-device interactions is accepted by IEEE Internet of Things Journal. Congrats Sofya and Ehsan!
	[05/2024] CISR welcomed a new member: Faisal (MASc)
	[05/2024] CISR research success is featured at Concordia news.
	[05/2024] CISR welcomed a new member: Aathira (MASc)
	[04/2024] CISR member, Shafayat, has been selected for FRQNT - 2024-2025 - Master's Training Scholarship (with the 2nd rank). Congrats Shafayat!
	[03/2024] The paper on continuously verifying functional integrity of smart home devices is accepted by WiSec'24.
	[02/2024] CISR research (in collaboration with Sunphinx Inc., DRDC, and uOttawa) on IoT security monitoring received an NSERC Alliance grant (2024-2029). Thanks all partners!
	[02/2024] CISR research (in collaboration with Sunphinx Inc.) on container security received Mitacs Accelerate fund (2024). Thanks Mitacs and Sunphinx!
	[02/2024] The paper (with Dr. Wang's IRC) on building cross-cluster security models for edge-core Kubernetes environments is accepted by CODASPY'24.
	[02/2024] Another undergraduate research on container security (in collaboration with BUET) is accepted by CLOSER'24. Congrats, Shafayat!
	[12/2023] Jiawei has passed his master defence with flying colors
	[11/2023] The paper (with Dr. Wang's IRC) on patching vulnerabilities via efficiently blocking system call sequences is accepted by NDSS'24. Congrats Hugo!
	[09/2023] CISR welcomed three new members: Shafayat (MASc), Sourov (MASc), and Piyush (MASc)
	[09/2023] Shiva has passed his master defence with flying colors
	[08/2023] The paper on evaluating the security posture of 5G networks is accepted by ESORICS'23. Congrats, Md Nazmul and Jia Wei!
	[06/2023] The paper on layered security analysis for container images (in collaboration with BUET) is accepted by PST'23. Congrats, Shafayat and Sourov!
	[05/2023] Wasi has passed his master defence with flying colors
	[03/2023] CISR research (in collaboration with Carleton University and Laval University) on IoT security has been selected for the NSERC/FRQNT NOVA program (2023-2026)
	[02/2023] Our Master's student, Wasi, has published his thesis work at Security Standardisation Research Conference 2023. Congrats, Wasi!
	[01/2023] The paper on proactive non-disruptive attack mitigation for Kubernetes is accepted by ICC'23
	[01/2023] CISR welcomed a new member: Mahdieh (MASc)
	[12/2022] CISR research on IoT security has been selected for the Gina Cody Research and Innovation Fellowship (2022-2024)
	[12/2022] Our PhD student, Ehsan, has published his Master's thesis work (with Dr. Alieraza Shameli-Sendi) at Journal of Parallel and Distributed Computing . Congrats, Ehsan!
	[10/2022] The paper on functional integrity verification for 5G cloud-native network functions is accepted by CloudCom'22
	[09/2022] CISR welcomed a new member: Alireza (MASc)
	[05/2022] CISR welcomed a new member: Armin (MASc)
	[03/2022] The paper on combining machine learning and formal method for NFV security verification is accepted by ESORICS'22
	[03/2022] Dr. Majumdar will be serving as an Associate Editor in the Peer-to-Peer Networking and Applications (Springer) - please consider submitting to PPNA
	[02/2022] Dr. Majumdar will be serving as a track co-chair (Security) at the 19th Annual International Conference on Privacy, Security, and Trust (PST 2022)
	[01/2022] Dr. Majumdar will be serving as a program co-chair at the 4th Workshop on Cloud Security and Privacy (CLOUD S&P 2022), collocated with ACNS 2022
	[11/2021] Dr. Majumdar (as a mentor) and Ehsan and Sofya (as mentees) attended the Individualized Cybersecurity Research Mentoring Workshop (iMentor), collocated with ACM CCS 2021
	[12/2021] The paper on Proactive Security Policy Enforcement for Containers is accepted by CODASPY'22
	[11/2021] The paper on Feature Reduction through Data Preprocessing for IDS is accepted by TPS'21
	[09/2021] CISR received DND/NSERC Discovery supplement for three years
	[09/2021] CISR welcomed two new members: Ehsan (PhD) and Sofya (MASc)
	[08/2021] The paper on Artificial Packet-Pair Dispersion (APPD) is accepted by CNS'21
	[08/2021] The paper on Context-Aware IoT Device Functionality Extraction is accepted by CNS'21
	[08/2021] The paper on Attention-based Accurate Intrusion Detection is accepted by QSHINE'21
	[06/2021] CISR received Mitacs Accelerate with Rheinmetall Inc. for five years (with Dr. Mohsen Ghafouri)
	[04/2021] CISR received NSERC Discovery grant
	[02/2021] The paper on proactive security auditing for clouds (ProSAS) is accepted by IEEE TDSC
	[01/2021] CISR welcomed two new members: Nazmul (PhD) and Shiva (MASc)

Publications

Journal & Conference Articles
2024	"An Empirical Study on Learning Models and Data Augmentation for IoT Anomaly Detection", Alireza Toghiani Khorasgani, Paria Shirani, Suryadipta Majumdar, IEEE Conference on Communications and Network Security (CNS), Accepted, 2024 (Acceptance ratio 35/119≈29%)
	"ACE-WARP: A Cost-Effective Approach to Proactive and Non-disruptive Attack Mitigation in Kubernetes Clusters", Sima Bagheri, Hugo Kermabon-Bobinnec, Mohammad Ekramul Kabir, Suryadipta Majumdar, Lingyu Wang, Yosr Jarraya, Boubakr Nour, Makan Pouzandi, IEEE Transactions on Information Forensics and Security (TIFS), Accepted, 2024
	"PerfSPEC: Performance Profiling-based Proactive Security Policy Enforcement for Containers", Hugo Kermabon-Bobinnec, Mahmood Gholipourchoubeh, Sima Bagheri, Suryadipta Majumdar, Yosr Jarraya, Lingyu Wang, and Makan Pourzandi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted, 2024
	"Traditional Indicators of Compromise (IOCs) Meet Dynamic App-Device Interactions for IoT-specific Threat Intelligence", Sofya Smolyakova, Ehsan Khodayarseresht, and Suryadipta Majumdar, IEEE Internet of Things Journal, 2024
	"On Continuously Verifying Device-level Functional Integrity by Monitoring Correlated Smart Home Devices", Shiva Sunar, Paria Shirani, Suryadipta Majumdar, J. David Brown, 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec'24), Seoul, Korea, May 27-30, 2024 (Acceptance ratio 23/109≈21.1%)
	"CCSM: Building Cross-Cluster Security Models for Edge-Core Environments Involving Multiple Kubernetes Clusters", Mahmood Gholipourchoubeh, Hugo Kermabon-Bobinnec, Suryadipta Majumdar, Yosr Jarraya, Lingyu Wang, Boubakr Nour, and Makan Pourzandi, Proc. the 14th ACM Conference on Data and Application Security and Privacy (CODASPY 2024), Porto, Portugal, 19–21 June, 2024 (Acceptance ratio 34/160≈21%)
	"On Detecting Malicious Code Injection by Monitoring Multi-level Container Activities", Md. Olid Hasan Bhuiyan, Souvik Das, Shafayat Hossain Majumder, Suryadipta Majumdar, and Md. Shohrab Hossain, The 14th International Conference on Cloud Computing and Services Science (CLOSER 2024), Anges, France, 2-4 May, 2024
	“Phoenix: Surviving Unpatched Vulnerabilities via Accurate and Efficient Filtering of Syscall Sequences”, Hugo Kermabon-Bobinnec, Yosr Jarraya, Lingyu Wang, Suryadipta Majumdar and Makan Pourzandi, Proc. the Network and Distributed System Security Symposium (NDSS 2024), San Diego, USA, February 26 - March 1, 2024
2023	“iCAT+: An Interactive Customizable Anonymization Tool using Automated Translation through Deep Learning”, Momen Oqaily, Mohammad Ekramul Kabir, Suryadipta Majumdar,Yosr Jarraya, Makan Pourzandi, Lingyu Wang, and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted, 2023
	“Caught-in-Translation (CiT): Detecting Cross-level Inconsistency Attacks in Network Functions Virtualization (NFV)”, Sudershan Lakshmanan, Mengyuan Zhang, Suryadipta Majumdar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted, 2023
	“Towards Evaluation and Understanding of Large Language Models for Cyber Operation Automation”, Madeena Sultana, Adrian A Taylor, Li Li and Suryadipta Majumdar, Cyber Resilience Workshop (CRW) at IEEE CNS 2023 on October 05, 2023
	“Evaluating the Security Posture of 5G Networks by Combining State Auditing and Event Monitoring”, Md Nazmul Hoq, Jia Wei Yao, Suryadipta Majumdar, Luis Suárez, Lingyu Wang, Makan Pourzandi, Amine Boukhtouta and Mourad Debbabi, Proc. the 28th European Symposium on Research in Computer Security (ESORICS), The Hague, The Netherlands, September 25-29, 2023
	“Layered Security Analysis for Container Images: Expanding Lightweight Pre-Deployment Scanning”, Shafayat Hossain Majumder, Sourov Jajodia, Suryadipta Majumdar, Md. Shohrab Hossain, Proc. the 20th International Conference on Privacy, Security, and Trust (PST), Copenhagen, Denmark, August 21-23, 2023
	“Innovations in Digital Forensics”, Eds. Suryadipta Majumdar, Paria Shirani, Lingyu Wang, World Scientific Series in Digital Forensics and Cybersecurity: Volume 2, July, 2023
	“On Reducing Underutilization of Security Standards by Deriving Actionable Rules: An Application to IoT”, Md Wasiuddin Pathan Shuvo, Md Nazmul Hoq, Suryadipta Majumdar, Paria Shirani, Proc. the 8th Security Standardisation Research Conference, Lyon, France, April 22-23, 2023
	“Warping the Defence Timeline: Non-disruptive Proactive Attack Mitigation for Kubernetes Clusters”, Sima Bagheri, Hugo Kermabon-Bobinnec, Suryadipta Majumdar, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Proc. the IEEE International Conference on Communications (ICC 2023), Rome, Italy, 28 May – 01 June, 2023
	“A Tenant-based Two-stage Approach to Auditing the Integrity of Virtual Network Function Chains Hosted on Third-Party Clouds”, Momen Oqaily, Suryadipta Majumdar, Lingyu Wang, Mohammad Ekramul Kabir, Yosr Jarraya, A S M Asadujjaman, Makan Pourzandi, Mourad Debbabi, Proc. the 13th ACM Conference on Data and Application Security and Privacy (CODASPY), Charlotte, NC, USA, April 24-26, 2023
2022	“5GFIVer: Functional Integrity Verification for 5G Cloud-Native Network Functions”, A S M Asadujjaman, Mohammad Ekramul Kabir, Hinddeep Purohit, Suryadipta Majumdar, Lingyu Wang, Yosr Jarraya, Makan Pourzandi, Proc. The 13th IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Bangkok, Thailand, December 13-16 2022
	“MLFM: Machine Learning Meets Formal Method for Efficient Security Verification in Network Functions Virtualization (NFV)”, Alaa Oqaily, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Suryadipta Majumdar, Proc. the 27th European Symposium on Research in Computer Security (ESORICS), Copenhagen, Denmark, 26-30 September 2022
	“ProSPEC: Proactive Security Policy Enforcement for Containers”, Hugo Kermabon-Bobinnec, Mahmood Gholipourchoubeh, Sima Bagheri, Suryadipta Majumdar, Yosr Jarraya, Makan Pourzandi and Lingyu Wang, Proc. the 12th ACM Conference on Data and Application Security and Privacy (CODASPY), Baltimore-Washington DC Area, USA, April 24-26, 2022

2021	“Feature Reduction through Data Preprocessing for Intrusion Detection in IoT Networks”, Tania Tahmina Jui, Md. Nazmul Hoq, Suryadipta Majumdar, Md. Shohrab Hossain, Proc. The Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications December 13 - 15, 2021
	“Towards an Attention-based Accurate Intrusion Detection Approach”, Arunavo Dey, Md. Shohrab Hossain, Md. Nazmul Hoq, and Suryadipta Majumdar, Proc. the 17th EAI International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), Virtual, November 29-30, 2021
	“Context-Aware IoT Device Functionality Extraction from Specifications for Ensuring Consumer Security”, Upakar Paudel, Andy Dolan, Suryadipta Majumdar and Indrakshi Ray, Proc. the 9th IEEE Conference on Communications and Network Security (CNS 2021), Online, October 4 - 6, 2021 (Acceptance ratio 32/113≈28%)
	“Artificial Packet-Pair Dispersion (APPD): A Blackbox Approach to Verifying the Integrity of NFV Service Chains”, A S M Asadujjaman, Momen Oqaily, Yosr Jarraya, Suryadipta Majumdar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 9th IEEE Conference on Communications and Network Security (CNS 2021), Online, October 4 - 6, 2021 (Acceptance ratio 32/113≈28%)
	“ProSAS: Proactive Security Auditing System for Clouds”, Suryadipta Majumdar, Gagandeep Singh Chawla, Amir Alimohammadifar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted “An Invisible Warfare with the Internet of Battlefield Things (IoBT): A Literature Review”, Lin Zhu, Suryadipta Majumdar and Chinwe Ekenna, Human Behavior and Emerging Technologies, Vol. 3, No. 2, April 2021, pages 255-260
	“An Invisible Warfare with the Internet of Battlefield Things (IoBT): A Literature Review”, Lin Zhu, Suryadipta Majumdar and Chinwe Ekenna, Human Behavior and Emerging Technologies, Vol. 3, No. 2, April 2021, pages 255-260
	“Security Auditing of Internet of Things Devices in a Smart Home”, Suryadipta Majumdar, Daniel Bastos and Anoop Singhal, Proc. the 17th IFIP WG 11.9 International Conference on Digital Forensics, Virtual, February 1 - 2, 2021
2020	“VMGuard: State-based Proactive Verification of Virtual Network Isolation with Application to NFV”, Gagandeep Singh Chawla, Mengyuan Zhang, Suryadipta Majumdar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted
	“NFVGuard : Verifying the Security of Multilevel Network Functions Virtualization (NFV) Stack”, Alaa Oqaily, Sudershan Lakshmanan, Yosr Jarraya, Suryadipta Majumdar, Mengyuan Zhang, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 12th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2020), Bangkok, Thailand, December 14 - 17, 2020
	“A Multi-Level Proactive Security Auditing Framework for Clouds through Automated Dependency Building”, Suryadipta Majumdar, CCF Transactions on Networking, Vol. 3, No. 2, October 2020, pages 112-127
	“Poster: Defining Actionable Rules for Verifying IoT Security”, Kayla E Ibrahim, Suryadipta Majumdar, Daniel Bastos and Anoop Singhal, 41st IEEE Symposium on Security and Privacy (S&P 2020), San Francisco, USA Online, May 18 - 20, 2020
	“Proactively Extracting IoT Device Capabilities: An Application to Smart Homes”, Andy Dolan, Indrakshi Ray and Suryadipta Majumdar, Proc. the 34th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2020), Regensburg, Germany Online, June 25 - 27, 2020
2019	“SegGuard: Segmentation-based Anonymization of Network Data in Clouds for Privacy-Preserving Security Auditing”, Momen Oqaily, Yosr Jarraya, Meisam Mohammady, Suryadipta Majumdar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted
	"Multi-Level Proactive Security Auditing for Cloud", Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the IEEE Conference on Dependable and Secure Computing (DSC 2019), Hangzhou, China, November 18-20, 2019
	"Proactivizer: Transforming Existing Verification Tools into Efficient Solutions for Runtime Security Enforcement", Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 24th European Symposium on Research in Computer Security (ESORICS 2019), Luxembourg, September 23-27, 2019 (Acceptance ratio 67/344≈19.5%)
	[Book] “Cloud Security Auditing”, Suryadipta Majumdar, Taous Madi, Yushun Wang, Azadeh Tabiban, Momen Oqaily, Amir Alimohammadifar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Springer, 2019, ISBN 978-3-030-23127-9
	[Non-Refereed Conference Presentation] “Current Challenges in IoT Security”, Jivan A Ramjisingh, Domenic Recchia, Michael A Cahill, Suryadipta Majumdar and Sanjay Goel, 14th Annual Symposium on Information Assurance (ASIA 2019), June 4-6, 2019, Albany, NY, USA
	“Learning Probabilistic Dependencies among Events for Proactive Security Auditing in Clouds”, Suryadipta Majumdar, Azadeh Tabiban, Yosr Jarraya, Momen Oqaily, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Journal of Computer Security (JCS), Vol. 27, No. 2, March 2019, pages 165-202
2018	"Cloud Security Auditing: Major Approaches and Existing Challenges", Suryadipta Majumdar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 11th International Symposium on Foundations & Practice of Security (FPS 2018), Montreal, Canada, November 13-15, 2018
	"ISOTOP: Auditing Virtual Networks Isolation Across Cloud Layers in OpenStack", Taous Madi, Amir Alimohammadifar, Yosr Jarraya, Suryadipta Majumdar, Yushun Wang, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, ACM Transactions on Privacy and Security (TOPS), Vol. 22, No. 1, December 2018, pages 1:1-1:35
	"Stealthy Probing-based Verification (SPV): An Active Approach to Defending Software Defined Networks against Topology Poisoning Attacks", Amir Alimohammadifar, Suryadipta Majumdar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 23rd European Symposium on Research in Computer Security (ESORICS 2018), Barcelona, Spain, September 3-7, 2018 (Acceptance ratio 56/283≈20%)
	"Proactive Security Auditing for Clouds", PhD Thesis, 2018 [Awarded with Doctoral Prize]
	"Fast Control Channel Recovery for Resilient In-band OpenFlow Networks", Abu Asadujjaman, Elisa Rojas, Mohammad Shah Alam, Suryadipta Majumdar, Proc. the 4th IEEE International Conference on Network Softwarization (NetSoft 2018), Montreal, Canada, June 25-29, 2018
	"PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds", Azadeh Tabiban, Suryadipta Majumdar, Lingyu Wang and Mourad Debbabi, Proc. the 4th IEEE Workshop on Security and Privacy in the Cloud (SPC 2018), Beijing, China, May 30-June 1, 2018
	"User-Level Runtime Security Auditing for the Cloud", Suryadipta Majumdar, Taous Madi, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Information Forensics and Security (TIFS), Vol. 13, No. 5, May 2018, pages 1185-1199
Till 2017	"LeaPS: Learning-Based Proactive Security Auditing for Clouds", Suryadipta Majumdar, Yosr Jarraya, Momen Oqaily, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 22nd European Symposium on Research in Computer Security (ESORICS 2017), Oslo, Norway, September 11-13, 2017 (Acceptance ratio 54/340≈16%)
	"TenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation", Yushun Wang, Taous Madi, Suryadipta Majumdar, Yosr Jarraya, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the Network and Distributed System Security Symposium (NDSS 2017), San Diego, USA, February 26 - March 1, 2017 (Acceptance ratio 68/423≈16%)
	"Proactive Verification of Security Compliance for Clouds through Pre-Computation: Application to OpenStack", Suryadipta Majumdar, Yosr Jarraya, Taous Madi, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 21st European Symposium on Research in Computer Security (ESORICS 2016), Heraklion, Greece, September 28-30, 2016 (Acceptance ratio 60/285≈21%)
	"Auditing Security Compliance of the Virtualized Infrastructure in the Cloud: Application to OpenStack", Taous Madi, Suryadipta Majumdar, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. The 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016), New Orleans, USA, March 09-11, 2016 (Acceptance ratio 22/115≈19%)
	“Security Compliance Auditing of Identity and Access Management in the Cloud: Application to OpenStack”, Suryadipta Majumdar, Taous Madi, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. The 7th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2015), Vancouver, Canada, November 30-December 3, 2015 (Acceptance ratio 48/189≈25%)
	"On End-to-end encryption for Cloud-based Services", MASc Thesis, 2014
	"Analysis and design of individual Tax return systems in Bangladesh", 12th International Conference on Computers and Information Technology (ICCIT 2009)