Suman Jana

Computer Science

Suman Jana works on building secure and privacy-preserving software. More specifically, he builds automated tools for finding and fixing security and privacy vulnerabilities in large real-world systems. Such tools often leverage techniques from diverse domains including machine learning, software engineering, and program analysis. 

  • Postdoctoral fellow, Stanford University, 2014-2015
  • Assistant professor of computer science, Columbia University, 2016–
  • IEEE
  • ACM
  • USENIX
  • PET Award for Outstanding Research in Privacy Enhancing Technologies, 2014 

  • IEEE Security & Privacy Symposium Best Paper Award, 2012 & 2014 

  • Theofilos Petsios, Adrian Tang, Salvatore Stolfo, Angelos D. Keromytis, and Suman Jana. NEZHA: Efficient Domain-independent Differential Testing. n Proceedings of the 35th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, 2017. 

  • Suphannee Sivakorn, George Argyros, Kexin pei, Angelos D. Keromytis, Suman Jana. HVLearn: Automated Black-box Analysis of Hostname Verification in SSL/TLS Implementations. n Proceed- ings of the 35th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, 2017. 

  • George Argyros, Ioannis Stais, Suman Jana, Angelos D. Keromytis, and Aggelos Kiayias. SFADiff: Automated Evasion Attacks and Fingerprinting Using Blackbox Differential Automata Learning. n Proceedings of the 23rd ACM Conference on Computer and Communications Security (CCS), Vienna, Austria, 2016 

  • Suman Jana, Yuan J. Kang, Samuel Roth, and Baishakhi Ray. Automatically Detecting Error Handling Bugs using Error Specifications. In Proceedings of the 25th USENIX Security Symposium (USENIX Security), Austin, TX, 2016. 

  • Richard McPherson, Suman Jana, and Vitaly Shmatikov. No Escape From Reality: Security and Privacy of Augmented Reality Browsers. In Proceedings of the 24th International World Wide Web Conference (WWW), Florence, Italy, 2015. 

  • Chad Brubaker, Suman Jana, Baishakhi Ray, Sarfraz Khurshid, and Vitaly Shmatikov. Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementa- tions. In Proceedings of the 35th IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, 2014.
  • Suman Jana, Arvind Narayanan, and Vitaly Shmatikov. A Scanner Darkly: Protecting User Privacy from Perceptual Applications. In Proceedings of the 34th IEEE Symposium on Security and Privacy (Oakland), San Francisco, CA, 2013. 

  • Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, and Vitaly Shmatikov. The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software. In Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS), Raleigh, NC, 2012. 

  • Suman Jana and Vitaly Shmatikov. Memento: Learning Secrets from Process Footprints. In Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland), Berkeley, CA, 2012.