|
|
About Me
My name is Seyedhamed (Hamed) Ghavamnia (written as سید حامد قوام نیا in Persian) and I am an Assistant Professor at the School of Computing at University of Connecticut.I completed my PhD at the Computer Science Department of Stony Brook University under the supervision of my advisor, Prof. Michalis Polychronakis where I worked on software security and more specifically on attack surface reduction. Prior to that I was the team lead for the security software development team in Irisa. I obtained my B.E. in Software Engineering from University of Isfahan and my M.S. in Computer Engineering with concentration on Network Security from Sharif University of Technology. My Master's thesis was about traffic analysis.
More information is available in my CV.
@s_hamedgh | Google Scholar
Prospective Students
If you are an undergraduate or masters student at UConn and looking to work on a research project, please send me an email with your CV.Research Interests
- System/Software Security
- Attack Surface Reduction through Program Analysis
- Memory Safe Languages
Teaching
- CSE4100: Programming Language Translation - Spring 2024
- CSE5095: Special Topics in Computer Science and Engineering - Fall 2023
Conference Publications
-
C2C: Fine-grained Configuration-driven System Call Filtering
Seyedhamed Ghavamnia, Tapti Palit, and Michalis Polychronakis. In Proceedings of the 29th ACM Conference on Computer and Communications Security (CCS). November 2022, Los Angeles, LA.
-
Decap: Deprivileging Programs by Reducing Their Capabilities
Md Mehedi Hasan, Seyedhamed Ghavamnia, and Michalis Polychronakis. In Proceedings of the 25th International Symposium on Research in Attacks, Intrusions, Defenses (RAID 2022). October 2022, Limassol, Cyprus.
-
Confine: Automated System Call Policy Generation for Container
Attack Surface Reduction
Seyedhamed Ghavamnia, Tapti Palit, Azzedine Benameur, and Michalis Polychronakis. In Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions, Defenses (RAID 2020). October 2020, San Sebastian, Spain.
-
Temporal System Call Specialization for Attack Surface Reduction
Seyedhamed Ghavamnia, Tapti Palit, Shachee Mishra, and Michalis Polychronakis. In Proceedings of the 29th USENIX Security Symposium. August 2020, Boston, MA
-
xMP: Selective Memory Protection for Kernel and User Space
Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios P. Kemerlis, and Michalis Polychronakis. In Proceedings of the 41st IEEE Symposium on Security & Privacy (S&P). May 2020, San Francisco, CA.
-
Classifying IDS Alerts Automatically for Use in Correlation Systems
Mohammadhosein MirshahJafari, Hamed Ghavamnia, Information Security and Cryptology (ISCISC)
2014 11th International ISC Conference, Tehran, Iran
Journal Publications
-
Confine: Fine-grained System Call Filtering for Container Attack Surface Reduction
Maryam Rostamipoor, Seyedhamed Ghavamnia, and Michalis Polychronakis. In Computers & Security (to appear). 2023.
Workshop Publications
-
K-resolver: Towards Decentralizing Encrypted DNS Resolutions
Nguyen Phong Hoang, Ivan Lin, Seyedhamed Ghavamnia and Michalis Polychronakis. In Proceedings of the 2nd Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb). February 2020, San Diego, CA.
-
Configuration-Driven Software Debloating
Hyungjoon Koo, Seyedhamed Ghavamnia, and Michalis Polychronakis. In Proceedings of the 12th European Workshop on System Security (EuroSec). March 2019, Dresden, Germany
Work Experience
- Assistant Professor - University of Connecticut (August 2023 - current)
- Software Engineer Intern at Bloomberg CTO Office (May 2022 - August 2022) Performing research on automated policy inference through program analysis.
- Research Assistant at Hexlab (May 2018 - May 2023) I worked on reducing software attack surface by removing unnecessary code which has been identified by performing static and dynamic analysis. Throughout the past years we have worked on identifying properties of specific applications which helps debloat or specialize the program to a larger extent than previously identified. In Temporal Specialization we considered how the phases of execution of server applications can be used to filter security critical system calls (e.g., execve). We are also looking into runtime configuration options and trying to extend our previous work on configuration-based software debloating to implement a more robust and automated framework for doing so. Our work has led to C2C (Configuration-to-Code) which will appear at CCS'22.
- Software Engineer Intern at Bloomberg CTO Office (May 2021 - August 2021) Performed research on automated policy inference through program analysis.
- Teacher Assistant (Aug. 2017 - May 2018) Designed and graded two homeworks for the Computer Security Fundamentals (CSE 331) course. Set up the automated grading framework which used Docker containers for the undergraduate course, Systems Fundamentals (CSE 320).
- Team Lead and Software Developer at Irisa (May 2013 - Aug. 2017) Led team in analsis, design and implementation of an SIEM tool with log collection, storage, correlation and incident response. Our tool consisted of java and python software development, debugging and research in the field of security. Other than software development, I was in charge of task planning and assignment using a SCRUM-like method.
- Instructor at Feiz College of Isfahan (Jan. 2015 - Dec. 2015) Engaged in teaching by taking a part time job as an instructor at one of the newly opened college institutes in Esfahan. I taught Fundamentals of Networking for two semesters there.
- Software Developer (Dec. 2011 - Apr. 2013) Implemented log storage for high collection rate based upon hadoop and hbase framework. As part of the task, I designed the complete hardware and software architecture and developed required software to fulfill the requirements of the project.
Research Projects
- Confine: Automated System Call Policy Generation for Attack Surface Reduction
- Temporal System Call Specialization for Attack Surface Reduction