Komail Dharsee

Komail Dharsee

PhD Candidate
Computer Science
University of Rochester

About Me

Hello!

I am a Ph.D. candidate in the Department of Computer Science at University of Rochester, advised by John Criswell. I also serve the department community as the Events Chair, hosting regular community-building events, and Graduate Student Representative.

I grew up in Dar es Salaam, Tanzania, and (besides research) I enjoy talking about coffee and new recipes!

Research Interests

I work in systems security. I use compilers (LLVM) and modifications to operating systems to combat threats in hardware such as design-time hardware bugs and trojans. More recently I’ve gained significant interest in applying formal methods to specify and translate security between system abstractions such as the ISA and microarchitecture. My recent work has unconvered a new threat of hardware trojans that attack critical code sequences that guarantee memory safety – these trojans break memory-safety guarantees and push the complexity of an attack into control-flow hijacking attacks, logic which would classically be implemented within a hardware trojan. My current work leverages formal specification of compiler-level security policies (such as those enforcing memory-safety) to preempt the placement of stealthy, yet devastating, hardware trojans by translating these high-level security policies to SystemVerilog Assertions. We then use information-flow analyses to create static-slices of hardware designs that correspond to security-critical subsets of hardware logic.

Publications

  • Jinn: Hijacking Safe Programs with Trojans (UsenixSec ‘23)
  • Randezvous: Making Randomization Effective on MCUs (ACSAC ‘22)
  • Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage (UsenixSec ‘22)
  • Fast Execute-only Memory for Embedded Systems (SecDev ‘20)
  • Secure Guest Virtual Machine Support in Apparition (VEE ‘19)
  • A Software Solution for Hardware Vulnerabilities (SecDev ‘17)

Experience

  • University of Rochester Research Assistant (Sept 2016 - Present)
    • Implementing malicious hardware that attacks high level software security policies.
    • Modeling Rust compiler-based security policies in SystemVerilog to identify security critical hardware components.
    • Writing LLVM Passes to mitigate vulnerabilities from (1) memory safety errors on ARM microcontrollers, and (2) security critical hardware bugs in x86 microprocessors.
  • Pacific Northwest National Laboratory Intern (March - July 2020)
    • Used Coq to precisely specify and embed ISA-based security policies in Kami/Bluespec microarchitectural designs.
  • MIT Lincoln Laboratory Intern (June - Sept 2018, May - Aug 2019)
    • Modeled hardware trojans in Python.
    • Analyzed hardware trojans detected by sophisticated hardware trojan detection mechanisms (FANCI/UCI/VeriTrust).
    • Identified and designed hardware trojans that enable/evade detection.
    • Designed measures to evaluate detection mechanism reliability based on hardware properties.
  • AcquireMedia Software Engineer (June 2015 - Aug 2016)
    • Back-end (C/C++) engineer working on the feed handler team.
    • Designed and wrote feed handlers which collect and clean raw feed (commonly received in XML or JSON) fetched from various web scrapers, ftp sources, and other feed delivery tools.
    • Reviewed colleagues’ feed handler implementations prior to release.
  • Rutgers University Undergraduate Assistant Researcher (Sept 2012 - Dec 2013)
    • Developed a Microsoft Kinect-driven mouse cursor interface.
    • Involved with setup and presentation of various computer science department showcases throughout the year.
    • Explored the construction of a novel file system that includes new content paradigms hooked to MongoDB.
    • Built a prototype FUSE user-level file system to allow a dual (shell and MongoDB) file-system interface.
    • Explored the applications of Hadoop cluster programming utilizing the Map/Reduce framework towards indexing file systems for search focused application.

Education

  • Ph.D. in Computer Science, University of Rochester, May 2023 (expected)
  • M.S in Computer Science, University of Rochester, May 2018
  • B.S in Computer Science, Rutgers University, May 2014

Community

  • UofR CS Grad Rep Chair (Sept 2021 - Present)
  • UofR CS Events Committee Chair (Sept 2017 - Present)
  • University of Rochester Strategic Planning Committee Grad Rep (Fall 2021)
  • iMentor Workshop (CCS 2020) Mentor (Nov 2020)
  • EuroSys 2020 Shadow PC (Apr 2020)
  • Microsoft Technical Evangelist (Sept 2013 - June 2014)

Collaboration

Let’s talk about research! I’m always eager to meet new potential collaborators. I have an itch to work more with formal reasoning and explore security in quantum systems. The best way to reach me is through email (at komail.dharsee@gmail.com).