Sanjeev Das

Recently I joined IBM Research. I was a Postdoctoral Research Associate in the Department of Computer Science at the University of North Carolina at Chapel Hill under the supervision of Professor Fabian Monrose.
My research interests revolve around software and system security: exploit detection, vulnerability detection, malware analysis, program analysis and reverse engineering.

• Google Scholar
• Linkedin
• CV
• Email: sdas@cs.unc.edu
  201 South Columbia St
  Sitterson Hall
  Chapel Hill, NC 27599

Work Experience

• Department of Computer Science, University of North Carolina at Chapel Hill, USA
  Postdoctoral Research Associate, Feb. 2017 - Present
• Cybersecurity Lab, NTU, Singapore
  Research Assistant, Aug. 2016 - Jan. 2017
• IBM, Bangalore, India
  System Engineer, May 2010 - June 2012

Education

• Nanyang Technological University (NTU), Singapore (Fall 2012 - 2016)
  Ph.D., Computer Engineering
  Thesis: Hardware-Assisted Online Defense Against Malware and Exploits
  Advisors: Professor Yang Liu and Professor Wei Zhang
  
• National Institute of Technology, Surat, India (Fall 2006 - 2010)
  Bachelor of Technology, Electronics Engineering
  

CVE

• CVE-2019-19221: Out-of-bounds read in Libarchive 3.4.0.
• CVE-2019-14615: Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics
  may allow an unauthenticated user to potentially enable information disclosure via local access.

Publications

1. SoK: The Challenges, Pitfalls, and Perils of Using Hardware Performance Counters for Security
   Sanjeev Das, Jan Werner, Manos Antonakakis, Michalis Polychronakis, and Fabian Monrose.
   In Proceedings of the 40th IEEE Symposium on Security & Privacy (S&P). May 2019, San Francisco, CA.
2. iGPU Leak: An Information Leakage Vulnerability on Intel Integrated GPU
   Wenjian He, Wei Zhang, Sharad Sinha and Sanjeev Das In Proceedings of the 25th Asia and South Pacific Design Automation Conference (ASP-DAC'20).
3. SGXlinger: A New Side-channel Attack Vector Based on Interrupt Latency against Enclave Execution
   Wenjian He, Wei Zhang, Sanjeev Das and Yang Liu.
   In 36th IEEE International Conference on Computer Design (ICCD), 2018.
4. ROPSentry: Runtime Defense against ROP Attacks using Hardware Performance Counters
   Sanjeev Das, Chen Bihuan, Mahintham Chandramohan, Yang Liu, and Wei Zhang.
   Computers & Security 73, 374-388 (2018). Impact Factor 2.849.
5. No-Jump-into-Basic-Block: Enforce Basic Block CFI on the Fly for Real-world Binaries (Best paper nomination)
   Wenjian He, Sanjeev Das, Wei Zhang, Yang Liu.
   In Proceedings of Design Automation Conference (DAC) (Best paper nomination), 2017.
6. Semantics-based Online Malware Detection: Towards Efficient Real-time Protection Against Malware
   Sanjeev Das, Yang Liu, Wei Zhang and Mahintham Chandramohan.
   IEEE Transactions on Information Forensics and Security (TIFS) 11.2 (2016): 289-302. Impact Factor 5.824.
7. A Fine-Grained Control Flow Integrity Approach Against Runtime Memory Attacks for Embedded Systems
   Sanjeev Das, Wei Zhang, and Yang Liu.
   IEEE Transactions on Very Large Scale Integration Systems (TVLSI), 24.11 (2016): 3193-3207. Impact Factor 1.744.
8. Online Malware Defense Using Attack Behavior Model
   Sanjeev Das, Hao Xiao, Yang Liu, Wei Zhang.
   In Proceedings of IEEE International Symposium on Circuits & Systems (ISCAS), 2016.
9. Reconfigurable Dynamic Trusted Platform Module for Control Flow Checking
   Sanjeev Das, Wei Zhang, Yang Liu.
   In Proceedings of IEEE Computer Society Annual Symposium on VLSI (ISVLSI), 2014.
10. FPGA Based Control Flow Checking
    Sanjeev Das, Wei Zhang, Yang Liu.
    In Proceedings of Design Automation Conference (DAC), 2014 (poster).

Technology Disclosure

1. Semantics-Based Online Malware Detection: Towards Efficient Real-Time Protection Against Malware.
   Yang Liu, Thambipillai Srikanthan, Sanjeev Das.
   Technology Disclosure for Nanyang Technological University (TD/098/16), 2016.
2. Malware Defense Using Attack Behavior Model.
   Yang Liu, Thambipillai Srikanthan, Sanjeev Das.
   Technology Disclosure for Nanyang Technological University (TD/099/16), 2016.
3. Runtime Security Protection Using Hardware Specific Features.
   Yang Liu, Thambipillai Srikanthan, Sanjeev Das.
   Technology Disclosure for Nanyang Technological University (TD/100/16), 2016.

Professional Services

Conference Reviewer

• Served on RAID 2019 Program Committee (September 23-25, 2019 - Beijing, China)

Journal Reviewer

• ACM Computing Survey
• International Journal of Information Security
• IET Information Security
• IEEE Access
• IET Computers & Digital Techniques

External Reviewer

• RAID'18
• IEEE S&P'19

Awards & Scholarship

• Singapore International Graduate Award (SINGA), Aug. 2012 - July 2016
  Full scholarship to pursue PhD study at Nanyang Technological University.
• Nepal Aid Fund Scholarship, 2006 - 2010
  Selected in top 70 students (out of 10,000) to pursue undergraduate study by Ministry of External Affairs, India, with a full scholarship.
• IBM - Roll of Honor for the excellence in design and coding of the application.