Publication
Conference:
Imtiaz Karim, Kazi Samin Mubasshir, Mirza Masfiqur Rahman, Elisa Bertino, (under submission). [github] [dataset]
Imtiaz Karim, Abdullah Al Ishtiaq, Syed Rafiul Hussain, and Elisa Bertino, The 44th IEEE Symposium on Security and Privacy (IEEE S&P), 2023. [github] [website]
Hyunwoo Lee, Imtiaz Karim, Ninghui Li, and Elisa Bertino, The 17th ACM ASIA Conference on Computer and Communications Security (ASIACCS), 2022. [github]
Elisa Bertino and Imtiaz Karim, The 8th International Conference on Networking, Systems, and Security (NSysS), 2021.
(Research directional paper)
Imtiaz Karim*, Syed Rafiul Hussain*, Abdullah Al Ishtiaq, Omar Chowdhury, and Elisa Bertino, The 28th ACM Conference on Computer (CCS), 2021 (*joint first authors) [github] [video]
ProChecker: An Automated Security and Privacy Analysis Framework for 4G LTE Protocol Implementations
Imtiaz Karim, Syed Rafiul Hussain, and Elisa Bertino, The 41st IEEE International Conference on Distributed Computing Systems (ICDCS), 2021.
Best paper award nomination
Imtiaz Karim, Fabrizio Cicala, Syed Rafiul Hussain, Omar Chowdhury, and Elisa Bertino, The 35th Annual Computer Security Applications Conference (ACSAC), 2019. [github]
Distinguished paper award
Syed Rafiul Hussain, Mitziu Echeverria, Imtiaz Karim, Omar Chowdhury, and Elisa Bertino, The 26th ACM Conference on Computer and Communications Security (CCS), 2019. [github]
Journal:
Imtiaz Karim, Fabrizio Cicala, Syed Rafiul Hussain, Omar Chowdhury, and Elisa Bertino, ACM Digital Threats: Research and Practice (DTRAP), 2020. [github]
Abdullah Al Zishan, Imtiaz Karim, Sudipta Saha Shubha, Ashikur Rahman, The Journal of Network and Computer Applications, Elsevier (JNCA), Volume 124, 15 December 2018, Pages 44-62.
Industrial Conference and Talks:
ProChecker: An AutomatedSecurity and Privacy Analysis Framework for Communication Protocol Implementations
Imtiaz Karim, Sayak Ray, Arun Kanuparthi, and Jason M. Fung, Intel Software Practitioners Conference, (Intel SWPC) 2020 and talk at The second annual Side Channel Academic Program (SCAP) workshop, Intel 2020.
Utilizing Symbolic Execution for Property-Guided Security and Privacy Testing in Communication Protocol Implementations,
Imtiaz Karim, Sayak Ray, Arun Kanuparthi, Stephan Heuser and Jason M. Fung, Intel Software Practitioners Conference, (Intel SWPC) 2020
Bug reports and CVDs/CVEs:
BLEDiff: Scalable and Property-Agnostic Noncompliance Checking for BLE Implementations, (IEEE S&P), 2023
Google/Android Security bug bounty reward of $10,000 USD
Huawei Security Acknowledgements: HWPSIRT-2022-56262, HWPSIRT-2022-13244, HWPSIRT-2022-96208
Security advisory from STMicroelectronics (TN1436-ST-PSIRT)
High and medium-severity CVE's assigned to some of the implementation issues we found in different BLE implementations: CVE-2022-40480, CVE-2022-41768, CVE-2022-45190, CVE-2022-45192, CVE-2022-45191
Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular Devices, (CCS), 2021
Inducted to GSMA Mobile Security Research Acknowledgements (formerly hall of fame) [GSMA CVD-2021-0050]
Google Bug Bounty Reward, Samsung Bug Bounty Reward, MediaTek Security Acknowledgements, Qualcomm Security Bulletins
High-severity CVE's assigned to some of the implementation issues we found in different UE implementations: CVE-2021-25471, CVE-2021-25480, CVE-2021-40148, CVE-2021-30344, SVE-2021-22327, SVE-2021-22324
ProChecker: An Automated Security and Privacy Analysis Framework for 4G LTE Protocol Implementations, (ICDCS), 2021.
Inducted to GSMA Mobile Security Research Hall of Fame [GSMA CVD-2021-0043]
Opening Pandora’s Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones, 2019. [github]
Samsung Bug Bounty Reward
CVE: CVE-2019-16401, CVE-2019-16400
5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol, (CCS), 2019.
Inducted to GSMA Mobile Security Research Hall of Fame [GSMA CVD-2019-0029]