Curriculum Vitae (CV)

About

I am an ECE Ph.D. student at Georgia Tech advised by Dr. Antonakakis. I work on the security of home-based IoT devices, mobile apps, cloud backends, and network security using active and passive techniques. Additionally, I am investigating malware threats affecting IoT, mobile apps, and cloud backends.

Education

• Georgia Institute of Technology, PhD in ECE (enrolled)
• Purdue University, Master’s of Information Security (CERIAS) 2009
• Purdue University, Bachelor of Science, Computer Science and Mathematics 2007

Honors & Awards

• CSAW’19 Applied Research Competition Finalist (The Betrayal At Cloud City)
• Create-X Launch Participant and Finalist - 2019 video
  • Award: $4,000
• First Place in Cyber Security Demo Day (Research Track) - 2019 press
  • Award: $4,000
• First Place in Institute for Information Security & Privacy Demo Day (Best Idea) - 2018 press, press
  • Award: $5,000
• President Fellowship - 2016-2020
  • Award: $5,000/year

Publication

1. R. Duan, O. Alrawi, R. P Kasturi, R. Elder, B. Saltaformaggio, W. Lee. Measuring and preventing supply chain attacks on package managers To appear in NDSS 2021.
2. R. Perdisci, T. Papastergiu, O. Alrawi, M. Antonakakis. IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis, EuroS&P, Septmber 2020
3. R. P Kasturi, Y. Sun, R. Duian, O. Alrawi, E. Asdar, V. Zhu, Y. Kwon, B. Saltaformaggio; TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, IEEE S&P (Oakland), May 2020.
4. Omar Alrawi*, Chaoshun Zuo*, Ruian Duan, Ranjita Kasturi, Zhiqiang Lin, Brendan Saltaformaggio; The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends, USENIX Security, August 2019.
   • slides
   • website
   • VIDEO: Conf. Presentation
   • MEDIA: Diginomica, InfoSec Magazine, Defense One, NextGov, NSF, BGR-IN, Digital Info World, Eng&Tech, Market Research, AppDevMag, Quint, Khaleej
5. Omar Alrawi, Chaz Lever, Manos Antonakakis, Fabian Monrose; SoK: Security Evaluation of Home-Based IoT Deployments, IEEE S&P (Oakland), May 2019.
   • slides-long
   • slides-short
   • website
   • VIDEO: One min Preview
   • VIDEO: Conf. Presentation
   • MEDIA: Newsweek, Tech Republic, Machine Design, The Ambient, GearBrain, Futurity, Fierce Elec., Tech Xplore, Computer Welt
6. R. Duan, A. Bijlani, Y. Ji, O. Alrawi, Y. Xiong, M. Ike, B. Saltaformaggio, W. Lee; Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries, NDSS, Feb 2019
7. Omar Alrawi, Aziz Mohaisen; Chains of Distrust: Towards Understanding Certificates Used for Signing Malicious Applications, WWW 2016 Companion, April 2016.
8. Aziz Mohaisen, Omar Alrawi; Behavior-based Automated Malware Analysis and Classification, Elsevier Computers & Security, 2015.
9. A Mohaisen, AG West, A Mankin, O Alrawi; Chatter: Classifying Malware Families Using System Event Ordering. IEEE CNS 2014.
10. Aziz Mohaisen, Omar Alrawi; AMAL: High-Fidelity, Behavior-based Automated Malware Analysis and Classification. WISA 2014. Best Paper Award.
11. Aziz Mohaisen, Omar Alrawi,; AV-Meter: An Evaluation of Antivirus Scans and Labels. DIMVA 2014.
12. Aziz Mohaisen, Omar Alrawi, Andrew G. West, and Allison Mankin; Babble: Identifying Malware by Its Dialects. IEEE CNS 2013.
13. Aziz Mohaisen, Omar Alrawi, Matt Larson, and Danny McPherson; Towards A Methodical Evaluation of Antivirus Scans and Labels. WISA 2013.
14. Aziz Mohaisen, Omar Alrawi; Unveiling Zeus Automated Classification of Malware Samples. WWW Workshops 2013.

Patents

• Systems and methods for behavior-based automated malware analysis and classification

SKILLS

• Specialization; Malware analysis and reverse engineering
• Programming; Python, C/C++, Java, etc.
• Data science; ML, numpy/scipy, scikit-learn, Keras, TensorFlow, gnuplot
• Design and architcture; software and infrastructure
• System engineering and administration; Linux, Virtualization, Docker, salt
• Project/people managment; mentoring, team lead, SME, consulting, training