Syed Rafiul Hussain
@SyedRafiul
Followers
993
Following
2K
Media
24
Statuses
765
Assistant Professor of Computer Science and Engineering (@PennStateEECS, @PSUEngineering), Pennsylvania State University (@penn_state)
State College, PA
Joined May 2011
Open RAN, Open Risks! Super excited to have our second talk accepted at BlackHat USA'25:. Proud of my students Tianchang Yang, Yilu Dong, Syed Md Mukit Rashid, and Ali Ranjbar! Joint work with Gang (Gary) Tan!.
0
0
3
Check out our recent paper presented by Yilu Dong at WiSec’25 where we demonstrated such solutions can be integrated with PKI based schemes. Joint work with Tao Wan. Great job, Yilu.
0
0
0
Even if you sign the broadcast messages to prevent your phone from connecting to fake base stations, relay attackers can still launch attacks unless additional measures, e.g., distance/time bounded solutions are correctly enforced.
1
0
1
Learn about how you may bypass paywalls of inflight Wi-Fi systems! Great job by @AAIshtiaq1 and the folks from UMass!
Presenting our paper “Cloud Nine Connectivity: Security Analysis of In-Flight Wi-Fi Paywall Systems” today at #WiSec2025! . Huge thanks to my coauthors, esp. @RHasnainAnwar.
0
0
7
Congratulations, Ishtiaq! Way to go!.
I’m grateful to have been selected for the 2024–25 Vice Provost and Dean of the Graduate School Student Persistence Scholarship at Penn State. This recognition is a meaningful encouragement as I continue my Ph.D. journey. Congratulations to all fellow recipients!.
1
0
1
RT @sergeybratus: Cybersecurity is not about maintaining status quo, cost centers, and accepting risk. It is about creating safe code faste….
0
7
0
RT @sergeybratus: Papers and slides from the 11th LangSec IEEE Security & Privacy workshop are now posted on the LangSec website: https://t….
0
7
0
RT @sergeybratus: I am looking forward to sharing my thoughts and learnings from DARPA programs on the new kinds of tools we need for maint….
0
4
0
Super excited to have LORIS, a stateful analysis and fuzzing framework for commercial baseband firmware, accepted at @blackhatevent this year. See you all in Las Vegas! #BHUSA.
Stateful fuzzing on emulated basebands is extremely challenging as it requires complex manual harnessing to identify state variables and to resolve task dependencies in the RTOS baseband. Also, identifying states and corresponding path constraints runs into state explosion issues.
0
1
8
Great teamwork by Ali (@mustbastani), Tianchang, Kai (@HelloTKk), and Saaman! Let us know your feedback to improve it further. Paper: Code:
0
0
4
RT @CryptoGPS: Embarking on a new project that needs physical access to an H100 GPU. Any chance anyone is willing to let us borrow one (we….
0
2
0
We tested 61 access control properties with CoreScan and uncovered five new exploitable privilege escalation vulnerabilities in the 5G standards. Paper: source code:
0
0
1
For this, we (Mujtahid, Toufik, and yours truly) developed CoreScan, an assume-guarantee style compositional verification technique that decomposes system model into multiple disjoint components and applies split assertion principle to identify local assumptions and guarantees.
1
0
0
With the rollout of microservice-based 5G core networks and the provision of third-party tenants (e.g., MVNOs), the 3GPP's current access control design is not secure. Mujtahid Akon will highlight these design flaws and explain how we found them today at @IEEESSP.
1
0
2
Today at @IEEESSP, Ali Ranjbar will present how we have addressed these challenges with a new technique called iterative symbolic execution to enable stateful and grammar-aware fuzzing of commercial basebands. Loris uncovered seven zero-days in 5 commercial basebands.
1
0
2
Stateful fuzzing on emulated basebands is extremely challenging as it requires complex manual harnessing to identify state variables and to resolve task dependencies in the RTOS baseband. Also, identifying states and corresponding path constraints runs into state explosion issues.
1
1
10
RT @sergeybratus: 11th LangSec IEEE Security & Privacy workshop is happy to announce its preliminary program: Abstr….
0
11
0
RT @sergeybratus: A quick reminder that discounted registration rates for for the #LangSec workshop end tomorrow, April 14, at 11:59 pm PDT….
0
4
0
RT @ruizhang_nlp: 🚀If you're looking for inference-time techniques to max out the reasoning ability of your local LLMs, check our #ICLR2025….
0
8
0
RT @XtinaPoepper: A packed next week is ahead of us! Safe travels to everyone participating in #NDSSsymposium2025. The full program is now….
0
3
0