Omar Chowdhury.jpg

Omar Haider Chowdhury

Assistant Professor
Department of Computer Science
The University of Iowa

omar-chowdhury@uiowa.edu

319-335-0745

201G MacLean Hall

About Me About Me

I am an Assistant Professor of Computer Science at the University of Iowa. I lead the Computational Logic Center (CLC) along with my colleagues Aaron Stump and Cesare Tinelli. I am also involved with the Iowa Informatics Initiative.

Before joining the University of Iowa, I was a post-doctoral research associate at Cylab, Carnegie Mellon University (Host: Prof. Anupam Datta) and Purdue University (Host: Prof. Ninghui Li). I received my Ph.D. in Computer Science from the University of Texas at San Antonio under the supervision of Prof. Jianwei Niu and Prof. William H. Winsborough (deceased). I received my undergraduate education in Computer Science and Engineering (CSE) at the Bangladesh University of Engineering and Technology (BUET).


Research Research

My research interest lies in Computer Security and Privacy. Broadly, I am interested in applying techniques from formal verification and runtime monitoring in achieving provable security and privacy assurances of modern systems and protocols. I am also interested in applying formal verification and software engineering techniques to automatically detect functional bugs in network protocols and safety-critical cyber-physical and IoT systems.


Looking for Students SPRING 2017: I am currently looking for one or two motivated graduate students who are interested in tackling practical cyber security and privacy problems to join my group. If interested, please contact me through email.

News News

CHIRON SPRING 2017: Our paper titled "Analyzing Operational Behavior of Stateful Protocol Implementations for Detecting Semantic Bugs" has been accepted at IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) 2017. Congratulations Sze Yiu Chau and Endadul Hoque.

SymCerts SPRING 2017: Our paper titled "SymCerts: Practical Symbolic Execution For Exposing Noncompliance in X.509 Certificate Validation Implementations" has been accepted at IEEE S&P 2017. Congratulations Sze Yiu Chau and Endadul Hoque.

NSF-CRII SPRING 2017: Project on the development of a compliant Internet PKI has been funded under NSF SaTC CRII program. Thanks NSF. Unabridged award abstract may be found here.

daily-iowan SPRING 2017: Contributed to an article in the Daily Iowan.

Invited to CCS PC SPRING 2017: I have been invited to join the CCS 2017, PST 2017 PC.

bugs1 FALL 2016: [bugs] We tested MatrixSSL v3.7.2 for RFC compliance and other vulnerabilities.
The developers of MatrixSSL acknowledged our findings of a collision-prone OID comparison, an ineffective date range sanity check, a non-compliant UTCTime year interpretation, and a redundant and erroneous local timezone adjustment. Fixes have been implemented in a newer version.

bugs2 FALL 2016: [bugs] We tested axTLS 1.5.3 for RFC compliance and other vulnerabilities.
The developers of axTLS acknowledged our findings of certain attributes of distinguished names being ignored, X.509 version number not being checked, certificates with unrecognised extensions are not being rejected, hhmmss of UTCTime being ignored, and an off-by-one error in interpreting the year of UTCTime. Fixes are planned to be implemented in upcoming releases.

Joined UIOWA CS FALL 2016: Joined the University of Iowa as an Assistant Professor of Computer Science.

CCS 2016 SUMMER 2016: Two papers accepted in CCS 2016.

Students Students

Ruoyo Zhang (Co-advised with Cesare Tinelli)

Yahyazadeh Moosa (Co-advised with Octav Chipara)

Selected Publications Selected Publications

CHIRON-DSN17 Analyzing Operational Behavior of Stateful Protocol Implementations for Detecting Semantic Bugs
With Endadul Hoque (Purdue University), Sze Yiu Chau (Purdue University), Cristina Nita-Rotaru (Northeastern University), and Ninghui Li (Purdue University)
To appear in Proceedings of the 47th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2017) .

symcert-paper-OAKLAND17 SymCerts: Practical Symbolic Execution For Exposing Noncompliance in X.509 Certificate Validation Implementations
With Sze Yiu Chau (Purdue University), Endadul Hoque (Purdue University), Huangyi Ge (Purdue University), Aniket Kate (Purdue University), Cristina Nita-Rotaru (Northeastern University), and Ninghui Li (Purdue University)
To appear in Proceedings of the 38th IEEE Symposium on Security and Privacy (S&P 2017).

password-paper-CCS16 An Empirical Study of Mnemonic Sentence-based Password Generation Strategies
With Weining Yang, Ninghui Li, Aiping Xiong, and Robert Proctor
Appeared in the Proceeding of 23rd ACM Conference on Computer and Communications Security (CCS), 2016.

passwindow-paper-CCS16 On the Security and Usability of Segment-based Visual Cryptographic Authentication Protocols
With Tianhao Wang, Huangyi Ge, Hemanta K. Maji, and Ninghui Li
Appeared in the Proceeding of 23rd ACM Conference on Computer and Communications Security (CCS), 2016.

ereduce-paper-CCS16 Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
With Deepak Garg, Limin Jia, and Anupam Datta
Appeared in the Proceeding of 22nd ACM Conference on Computer and Communications Security (CCS), 2015.

ereduce-paper-CCS16 Temporal Mode-Checking for Runtime Monitoring of Privacy Policies
With Limin Jia, Deepak Garg, and Anupam Datta
Appeared in the Proceedings of 26th International Conference on Computer Aided Verification (CAV), 2014.