IoT Security Research Group

News

Open Positions

Note: To apply, please send an email to us (suryadipta.majumdar (at) concordia.ca) with your CV and transcripts (you will only hear from us if you are shortlisted for the interview). To check admission requirements for MASc students click here, and for PhD students click here please.

One funded PhD student in 5G/Container/Cloud security (starting from Fall 2023 / Winter 2024)

With outstanding academic background, strong system skills and research experience.

Latest News

	[03/2023] CISR research (in collaboration with Carleton University and Laval University) on IoT security has been selected for the NSERC/FRQNT NOVA program (2023-2026)
	[02/2023] Our Master's student, Wasi, has published his thesis work at Security Standardisation Research Conference 2023. Congrats, Wasi!
	[01/2023] The paper on proactive non-disruptive attack mitigation for Kubernetes is accepted by ICC'23
	[01/2023] CISR welcomed a new member: Mahdieh (MASc)
	[12/2022] CISR research on IoT security has been selected for the Gina Cody Research and Innovation Fellowship (2022-2024)
	[12/2022] Our PhD student, Ehsan, has published his Master's thesis work (with Dr. Alieraza Shameli-Sendi) at Journal of Parallel and Distributed Computing . Congrats, Ehsan!
	[10/2022] The paper on functional integrity verification for 5G cloud-native network functions is accepted by CloudCom'22
	[09/2022] CISR welcomed a new member: Alireza (MASc)
	[05/2022] CISR welcomed a new member: Armin (MASc)
	[03/2022] The paper on combining machine learning and formal method for NFV security verification is accepted by ESORICS'22
	[03/2022] Dr. Majumdar will be serving as an Associate Editor in the Peer-to-Peer Networking and Applications (Springer) - please consider submitting to PPNA
	[02/2022] Dr. Majumdar will be serving as a track co-chair (Security) at the 19th Annual International Conference on Privacy, Security, and Trust (PST 2022)
	[01/2022] Dr. Majumdar will be serving as a program co-chair at the 4th Workshop on Cloud Security and Privacy (CLOUD S&P 2022), collocated with ACNS 2022
	[11/2021] Dr. Majumdar (as a mentor) and Ehsan and Sofya (as mentees) attended the Individualized Cybersecurity Research Mentoring Workshop (iMentor), collocated with ACM CCS 2021
	[12/2021] The paper on Proactive Security Policy Enforcement for Containers is accepted by CODASPY'22
	[11/2021] The paper on Feature Reduction through Data Preprocessing for IDS is accepted by TPS'21
	[09/2021] CISR received DND/NSERC Discovery supplement for three years
	[09/2021] CISR welcomed two new members: Ehsan (PhD) and Sofya (MASc)
	[08/2021] The paper on Artificial Packet-Pair Dispersion (APPD) is accepted by CNS'21
	[08/2021] The paper on Context-Aware IoT Device Functionality Extraction is accepted by CNS'21
	[08/2021] The paper on Attention-based Accurate Intrusion Detection is accepted by QSHINE'21
	[06/2021] CISR received Mitacs Accelerate with Rheinmetall Inc. for five years (with Dr. Mohsen Ghafouri)
	[04/2021] CISR received NSERC Discovery grant
	[02/2021] The paper on proactive security auditing for clouds (ProSAS) is accepted by IEEE TDSC
	[01/2021] CISR welcomed two new members: Nazmul (PhD) and Shiva (MASc)

Publications

Journal & Conference Articles
2023	“On Reducing Underutilization of Security Standards by Deriving Actionable Rules: An Application to IoT”, Md Wasiuddin Pathan Shuvo, Md Nazmul Hoq, Suryadipta Majumdar, Paria Shirani, Proc. the 8th Security Standardisation Research Conference, Lyon, France, April 22-23, 2023
	“Warping the Defence Timeline: Non-disruptive Proactive Attack Mitigation for Kubernetes Clusters”, Sima Bagheri, Hugo Kermabon-Bobinnec, Suryadipta Majumdar, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Proc. the IEEE International Conference on Communications (ICC 2023), Rome, Italy, 28 May – 01 June, 2023
	“A Tenant-based Two-stage Approach to Auditing the Integrity of Virtual Network Function Chains Hosted on Third-Party Clouds”, Momen Oqaily, Suryadipta Majumdar, Lingyu Wang, Mohammad Ekramul Kabir, Yosr Jarraya, A S M Asadujjaman, Makan Pourzandi, Mourad Debbabi, Proc. the 13th ACM Conference on Data and Application Security and Privacy (CODASPY), Charlotte, NC, USA, April 24-26, 2023
2022	“5GFIVer: Functional Integrity Verification for 5G Cloud-Native Network Functions”, A S M Asadujjaman, Mohammad Ekramul Kabir, Hinddeep Purohit, Suryadipta Majumdar, Lingyu Wang, Yosr Jarraya, Makan Pourzandi, Proc. The 13th IEEE International Conference on Cloud Computing Technology and Science (CloudCom), Bangkok, Thailand, December 13-16 2022
	“MLFM: Machine Learning Meets Formal Method for Efficient Security Verification in Network Functions Virtualization (NFV)”, Alaa Oqaily, Yosr Jarraya, Lingyu Wang, Makan Pourzandi, Suryadipta Majumdar, Proc. the 27th European Symposium on Research in Computer Security (ESORICS), Copenhagen, Denmark, 26-30 September 2022
	“ProSPEC: Proactive Security Policy Enforcement for Containers”, Hugo Kermabon-Bobinnec, Mahmood Gholipourchoubeh, Sima Bagheri, Suryadipta Majumdar, Yosr Jarraya, Makan Pourzandi and Lingyu Wang, Proc. the 12th ACM Conference on Data and Application Security and Privacy (CODASPY), Baltimore-Washington DC Area, USA, April 24-26, 2022
2021	“Feature Reduction through Data Preprocessing for Intrusion Detection in IoT Networks”, Tania Tahmina Jui, Md. Nazmul Hoq, Suryadipta Majumdar, Md. Shohrab Hossain, Proc. The Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications December 13 - 15, 2021
	“Towards an Attention-based Accurate Intrusion Detection Approach”, Arunavo Dey, Md. Shohrab Hossain, Md. Nazmul Hoq, and Suryadipta Majumdar, Proc. the 17th EAI International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), Virtual, November 29-30, 2021
	“Context-Aware IoT Device Functionality Extraction from Specifications for Ensuring Consumer Security”, Upakar Paudel, Andy Dolan, Suryadipta Majumdar and Indrakshi Ray, Proc. the 9th IEEE Conference on Communications and Network Security (CNS 2021), Online, October 4 - 6, 2021 (Acceptance ratio 32/113≈28%)
	“Artificial Packet-Pair Dispersion (APPD): A Blackbox Approach to Verifying the Integrity of NFV Service Chains”, A S M Asadujjaman, Momen Oqaily, Yosr Jarraya, Suryadipta Majumdar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 9th IEEE Conference on Communications and Network Security (CNS 2021), Online, October 4 - 6, 2021 (Acceptance ratio 32/113≈28%)
	“ProSAS: Proactive Security Auditing System for Clouds”, Suryadipta Majumdar, Gagandeep Singh Chawla, Amir Alimohammadifar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted “An Invisible Warfare with the Internet of Battlefield Things (IoBT): A Literature Review”, Lin Zhu, Suryadipta Majumdar and Chinwe Ekenna, Human Behavior and Emerging Technologies, Vol. 3, No. 2, April 2021, pages 255-260
	“An Invisible Warfare with the Internet of Battlefield Things (IoBT): A Literature Review”, Lin Zhu, Suryadipta Majumdar and Chinwe Ekenna, Human Behavior and Emerging Technologies, Vol. 3, No. 2, April 2021, pages 255-260
	“Security Auditing of Internet of Things Devices in a Smart Home”, Suryadipta Majumdar, Daniel Bastos and Anoop Singhal, Proc. the 17th IFIP WG 11.9 International Conference on Digital Forensics, Virtual, February 1 - 2, 2021

2020	“VMGuard: State-based Proactive Verification of Virtual Network Isolation with Application to NFV”, Gagandeep Singh Chawla, Mengyuan Zhang, Suryadipta Majumdar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted
	“NFVGuard : Verifying the Security of Multilevel Network Functions Virtualization (NFV) Stack”, Alaa Oqaily, Sudershan Lakshmanan, Yosr Jarraya, Suryadipta Majumdar, Mengyuan Zhang, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 12th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2020), Bangkok, Thailand, December 14 - 17, 2020
	“A Multi-Level Proactive Security Auditing Framework for Clouds through Automated Dependency Building”, Suryadipta Majumdar, CCF Transactions on Networking, Vol. 3, No. 2, October 2020, pages 112-127
	“Poster: Defining Actionable Rules for Verifying IoT Security”, Kayla E Ibrahim, Suryadipta Majumdar, Daniel Bastos and Anoop Singhal, 41st IEEE Symposium on Security and Privacy (S&P 2020), San Francisco, USA Online, May 18 - 20, 2020
	“Proactively Extracting IoT Device Capabilities: An Application to Smart Homes”, Andy Dolan, Indrakshi Ray and Suryadipta Majumdar, Proc. the 34th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2020), Regensburg, Germany Online, June 25 - 27, 2020
2019	“SegGuard: Segmentation-based Anonymization of Network Data in Clouds for Privacy-Preserving Security Auditing”, Momen Oqaily, Yosr Jarraya, Meisam Mohammady, Suryadipta Majumdar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Dependable and Secure Computing (TDSC), Accepted
	"Multi-Level Proactive Security Auditing for Cloud", Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the IEEE Conference on Dependable and Secure Computing (DSC 2019), Hangzhou, China, November 18-20, 2019
	"Proactivizer: Transforming Existing Verification Tools into Efficient Solutions for Runtime Security Enforcement", Suryadipta Majumdar, Azadeh Tabiban, Meisam Mohammady, Alaa Oqaily, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 24th European Symposium on Research in Computer Security (ESORICS 2019), Luxembourg, September 23-27, 2019 (Acceptance ratio 67/344≈19.5%)
	[Book] “Cloud Security Auditing”, Suryadipta Majumdar, Taous Madi, Yushun Wang, Azadeh Tabiban, Momen Oqaily, Amir Alimohammadifar, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Springer, 2019, ISBN 978-3-030-23127-9
	[Non-Refereed Conference Presentation] “Current Challenges in IoT Security”, Jivan A Ramjisingh, Domenic Recchia, Michael A Cahill, Suryadipta Majumdar and Sanjay Goel, 14th Annual Symposium on Information Assurance (ASIA 2019), June 4-6, 2019, Albany, NY, USA
	“Learning Probabilistic Dependencies among Events for Proactive Security Auditing in Clouds”, Suryadipta Majumdar, Azadeh Tabiban, Yosr Jarraya, Momen Oqaily, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Journal of Computer Security (JCS), Vol. 27, No. 2, March 2019, pages 165-202
2018	"Cloud Security Auditing: Major Approaches and Existing Challenges", Suryadipta Majumdar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 11th International Symposium on Foundations & Practice of Security (FPS 2018), Montreal, Canada, November 13-15, 2018
	"ISOTOP: Auditing Virtual Networks Isolation Across Cloud Layers in OpenStack", Taous Madi, Amir Alimohammadifar, Yosr Jarraya, Suryadipta Majumdar, Yushun Wang, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, ACM Transactions on Privacy and Security (TOPS), Vol. 22, No. 1, December 2018, pages 1:1-1:35
	"Stealthy Probing-based Verification (SPV): An Active Approach to Defending Software Defined Networks against Topology Poisoning Attacks", Amir Alimohammadifar, Suryadipta Majumdar, Taous Madi, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 23rd European Symposium on Research in Computer Security (ESORICS 2018), Barcelona, Spain, September 3-7, 2018 (Acceptance ratio 56/283≈20%)
	"Proactive Security Auditing for Clouds", PhD Thesis, 2018 [Awarded with Doctoral Prize]
	"Fast Control Channel Recovery for Resilient In-band OpenFlow Networks", Abu Asadujjaman, Elisa Rojas, Mohammad Shah Alam, Suryadipta Majumdar, Proc. the 4th IEEE International Conference on Network Softwarization (NetSoft 2018), Montreal, Canada, June 25-29, 2018
	"PERMON: An OpenStack Middleware for Runtime Security Policy Enforcement in Clouds", Azadeh Tabiban, Suryadipta Majumdar, Lingyu Wang and Mourad Debbabi, Proc. the 4th IEEE Workshop on Security and Privacy in the Cloud (SPC 2018), Beijing, China, May 30-June 1, 2018
	"User-Level Runtime Security Auditing for the Cloud", Suryadipta Majumdar, Taous Madi, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, IEEE Transactions on Information Forensics and Security (TIFS), Vol. 13, No. 5, May 2018, pages 1185-1199
Till 2017	"LeaPS: Learning-Based Proactive Security Auditing for Clouds", Suryadipta Majumdar, Yosr Jarraya, Momen Oqaily, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 22nd European Symposium on Research in Computer Security (ESORICS 2017), Oslo, Norway, September 11-13, 2017 (Acceptance ratio 54/340≈16%)
	"TenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation", Yushun Wang, Taous Madi, Suryadipta Majumdar, Yosr Jarraya, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the Network and Distributed System Security Symposium (NDSS 2017), San Diego, USA, February 26 - March 1, 2017 (Acceptance ratio 68/423≈16%)
	"Proactive Verification of Security Compliance for Clouds through Pre-Computation: Application to OpenStack", Suryadipta Majumdar, Yosr Jarraya, Taous Madi, Amir Alimohammadifar, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. the 21st European Symposium on Research in Computer Security (ESORICS 2016), Heraklion, Greece, September 28-30, 2016 (Acceptance ratio 60/285≈21%)
	"Auditing Security Compliance of the Virtualized Infrastructure in the Cloud: Application to OpenStack", Taous Madi, Suryadipta Majumdar, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. The 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016), New Orleans, USA, March 09-11, 2016 (Acceptance ratio 22/115≈19%)
	“Security Compliance Auditing of Identity and Access Management in the Cloud: Application to OpenStack”, Suryadipta Majumdar, Taous Madi, Yushun Wang, Yosr Jarraya, Makan Pourzandi, Lingyu Wang and Mourad Debbabi, Proc. The 7th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2015), Vancouver, Canada, November 30-December 3, 2015 (Acceptance ratio 48/189≈25%)
	"On End-to-end encryption for Cloud-based Services", MASc Thesis, 2014
	"Analysis and design of individual Tax return systems in Bangladesh", 12th International Conference on Computers and Information Technology (ICCIT 2009)