My research interest lies in studying and improving software security through a principled and informed approach. Specifically, I design research methods informed by system and network data measurements to assess the security of open-source software and binary programs. I use these empirical methods to study vulnerabilities and attacks on large-scale systems by combining network and program analyses. I aim to develop practical tools and principles to secure large-scale deployed systems that serve critical societal functions, such as medical and telecommunication systems.


Honors & Awards

Selected Publications

  1. Yufei Du, Omar Alrawi, Kevin Snow, Manos Antonakakis, Fabian Monrose; Improving Security Tasks Using Compiler Provenance Information Recovered At the Binary-Level, to appear in in The ACM Conference on Computer and Communications Security (CCS), November 2023. (Acceptance rate: 20%).

  2. Omar Alrawi*, Athanasios Avgetidis*, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos Keromytis, Fabian Monrose, Manos Antonakakis; Beyond The Gates: An Empirical Analysis of HTTP-Managed Password Stealers and Operators, in USENIX Security, August 2023. (Acceptance rate: 29%).

  3. Aaron Faulkenberry, Athanasios Avgetidis, Zane Ma, Omar Alrawi, Charles Lever, Panagiotis Kintis, Fabian Monrose, Angelos Keromytis, Manos Antonakakis; View from Above: Exploring the Malware Ecosystem from Upper DNS Hierarchy, to appear in The Annual Computer Security Applications Conference (ACSAC), December 2022. (Acceptance rate: 24.1%).

  4. Priyanka Dodia, Mashael Al Sabah, Omar Alrawi, Tao Wang; Exposing the Rat in the Tunnel: Using Traffic Analysis for Tor-based Malware Detection, in The ACM Conference on Computer and Communications Security (CCS), November 2022. (Acceptance rate: 18%).

  5. Omar Alrawi, Charles Lever, Kevin Valakuzhy, Ryan Court, Kevin Snow, Fabian Monrose, Manos Antonakakis; The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle, USENIX Security, August 2021. (Acceptance rate 18.8%).
  6. Omar Alrawi*, Moses Ike*, Matthew Pruett, Ranjita Pai Kasturi, Srimanta Barua, Taleb Hirani, Brennan Hill, Brendan Saltaformaggio; Forecasting Malware Capabilities From Cyber Attack Memory Images, USENIX Security, August 2021. (Acceptance rate 18.8%).
  7. R. Duan, O. Alrawi, R. P Kasturi, R. Elder, B. Saltaformaggio, W. Lee. Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages, NDSS 2021. (Acceptance rate 15.2%).

  8. R. Perdisci, T. Papastergiu, O. Alrawi, M. Antonakakis. IoTFinder: Efficient Large-Scale Identification of IoT Devices via Passive DNS Traffic Analysis, EuroS&P, Septmber 2020. (Acceptance rate 14.6%).
  9. R. P Kasturi, Y. Sun, R. Duan, O. Alrawi, E. Asdar, V. Zhu, Y. Kwon, B. Saltaformaggio; TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, IEEE S&P (Oakland), May 2020. (Acceptance rate 12.3%).

  10. Omar Alrawi*, Chaoshun Zuo*, Ruian Duan, Ranjita Kasturi, Zhiqiang Lin, Brendan Saltaformaggio; The Betrayal At Cloud City: An Empirical Analysis Of Cloud-Based Mobile Backends, USENIX Security, August 2019. (Acceptance rate 16.2%).
  11. Omar Alrawi, Chaz Lever, Manos Antonakakis, Fabian Monrose; SoK: Security Evaluation of Home-Based IoT Deployments, IEEE S&P (Oakland), May 2019. (Acceptance rate 12.4%).
  12. R. Duan, A. Bijlani, Y. Ji, O. Alrawi, Y. Xiong, M. Ike, B. Saltaformaggio, W. Lee; Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries, NDSS, Feb 2019. (Acceptance rate 17.1%).

  13. Aziz Mohaisen, Omar Alrawi; AMAL: High-Fidelity, Behavior-based Automated Malware Analysis and Classification., Elsevier Computers & Security, 2015.

  14. Aziz Mohaisen, Omar Alrawi,; AV-Meter: An Evaluation of Antivirus Scans and Labels. DIMVA 2014. (Acceptance rate 23.3%).

  15. Aziz Mohaisen, Omar Alrawi; Unveiling Zeus Automated Classification of Malware Samples. WWW Workshops 2013.