Publications


Note: Within the domain of computer security, the following conferences are considered top-tier venues: the (1) IEEE Symposium on Security & Privacy (S&P), (2) the USENIX Security Symposium (USENIX), (3) the ACM Conference on Computer and Communications Security (CCS), and, (4) the ISOC Network and Distributed Systems Security Symposium (NDSS). Further, the ACM Transactions on Privacy & Security (TOPS) and the ACM Transactions on Cyber-physical Systems (TCPS) are premier journals in security and cyber-physical systems respectively. Finally, my work has also appeared in conferences such as ACM CODASPY and ACM WiSEC. Although these conferences have higher acceptance rates (around 30%), they have consistently attracted top quality researchers. The names of students advised by me are underlined.

Google Scholar: https://scholar.google.com/citations?user=Al2MvLoAAAAJ&hl=en

Conference

[1]S. Manandhar, K. Kafle, B. Andow, K. Singh, and A. Nadkarni, “‘Smart Home Privacy Policies Demystified: A Study of Availability, Content, and Coverage,” in Proceedings of the 31st USENIX Security Symposium (USENIX), Boston, MA, USA, 2022. Accepted, to appear.

Bibtex

@inproceedings{manandhar-sec22,
  author = {Manandhar, Sunil and Kafle, Kaushal and Andow, Benjamin and Singh, Kapil and Nadkarni, Adwait},
  title = {{“Smart Home Privacy Policies Demystified: A Study of Availability, Content, and Coverage}},
  booktitle = {Proceedings of the 31st USENIX Security Symposium (USENIX)},
  year = {2022},
  month = aug,
  address = {Boston, MA, USA},
  note = {Accepted, to appear}
}

[2]A. S. Ami, N. Cooper, K. Kafle, K. Moran, D. Poshyvanyk, and A. Nadkarni, “Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques,” in Proceedings of the 2022 IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, USA, 2022, pp. 397–414. descriptionPDF codeArtifact

Bibtex

@inproceedings{ami-oakland22,
  author = {Ami, Amit Seal and Cooper, Nathan and Kafle, Kaushal and Moran, Kevin and Poshyvanyk, Denys and Nadkarni, Adwait},
  booktitle = {Proceedings of the 2022 IEEE Symposium on Security and Privacy (S&P)},
  title = {{Why Crypto-detectors Fail: A Systematic Evaluation of Cryptographic Misuse Detection Techniques}},
  year = {2022},
  address = {San Francisco, CA, USA},
  month = may,
  pages = {397--414},
  pdf = {/downloads/ami-oakland22.pdf},
  sourcecode = {https://github.com/Secure-Platforms-Lab-W-M/masc-artifact}
}

[3]A. S. Ami, K. Kafle, K. Moran, A. Nadkarni, and D. Poshyvanyk, “Demo: Mutation-based Evaluation of Security-focused Static Analysis Tools for Android.,” in Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering (ICSE’21), Formal Tool Demonstration Track, Madrid, Spain, 2021.

Bibtex

@inproceedings{akm+21-demo,
  author = {Ami, Amit Seal and Kafle, Kaushal and Moran, Kevin and Nadkarni, Adwait and Poshyvanyk, Denys},
  title = {{Demo: Mutation-based Evaluation of Security-focused Static Analysis Tools for Android.}},
  booktitle = {Proceedings of the 43rd IEEE/ACM International Conference on Software Engineering (ICSE'21), Formal Tool Demonstration Track},
  year = {2021},
  address = {Madrid, Spain},
  month = may
}

[4]S. Manandhar, K. Moran, K. Kafle, R. Tang, D. Poshyvanyk, and A. Nadkarni, “Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses.,” in Proceedings of the IEEE Symposium on Security & Privacy (S&P), San Francisco, CA, USA, 2020. descriptionPDF codeArtifact

Bibtex

@inproceedings{mmk+20,
  author = {Manandhar, Sunil and Moran, Kevin and Kafle, Kaushal and Tang, Ruhao and Poshyvanyk, Denys and Nadkarni, Adwait},
  title = {{Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses.}},
  booktitle = {Proceedings of the IEEE Symposium on Security \& Privacy (S&P)},
  year = {2020},
  address = {San Francisco, CA, USA},
  month = may,
  pdf = {/downloads/manandhar-oakland20.pdf},
  sourcecode = {https://github.com/helion-security/helion}
}

[5]S. A. Gorski III et al., “ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware,” in Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY), Dallas, TX, USA, 2019, pp. 25–36. descriptionPDF codeArtifact

Bibtex

@inproceedings{gan+19,
  author = {{Gorski III}, Sigmund A and Andow, Benjamin and Nadkarni, Adwait and Manandhar, Sunil and Enck, William and Bodden, Eric and Bartel, Alexandre},
  title = {{ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware}},
  booktitle = {Proceedings of the 9th ACM Conference on Data and Application Security and Privacy
    (CODASPY)},
  year = {2019},
  address = {Dallas, TX, USA},
  month = mar,
  pages = {25-36},
  pdf = {/downloads/gorski-codaspy19.pdf},
  sourcecode = {https://wspr.csc.ncsu.edu/acminer/}
}

[6]K. Kafle, K. Moran, S. Manandhar, A. Nadkarni, and D. Poshyvanyk, “A Study of Data Store-based Home Automation,” in Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY), Dallas, TX, USA, 2019, pp. 73–84. descriptionPDF emoji_eventsBest Paper Award!

Bibtex

@inproceedings{kmm+19,
  author = {Kafle, Kaushal and Moran, Kevin and Manandhar, Sunil and Nadkarni, Adwait and Poshyvanyk, Denys},
  title = {{A Study of Data Store-based Home Automation}},
  booktitle = {Proceedings of the 9th ACM Conference on Data and Application Security and Privacy
    (CODASPY)},
  year = {2019},
  address = {Dallas, TX, USA},
  month = mar,
  pages = {73-84},
  pdf = {/downloads/kafle-codaspy19.pdf},
  award = {Best Paper Award!}
}

[7]R. Bonett, K. Kafle, K. Moran, A. Nadkarni, and D. Poshyvanyk, “Discovering Vulnerabilities in Security-Focused Static Analysis Tools for Android using Systematic Mutation,” in Proceedings of the 27th USENIX Security Symposium (USENIX), Baltimore, MD, USA, 2018, pp. 1263–1280. descriptionPDF codeArtifact

Bibtex

@inproceedings{bkm+18,
  author = {Bonett, Richard and Kafle, Kaushal and Moran, Kevin and Nadkarni, Adwait and Poshyvanyk, Denys},
  title = {{Discovering Vulnerabilities in Security-Focused Static Analysis Tools for Android using Systematic Mutation}},
  booktitle = {Proceedings of the 27th USENIX Security Symposium (USENIX)},
  year = {2018},
  address = {Baltimore, MD, USA},
  month = aug,
  pages = {1263-1280},
  pdf = {/downloads/bonett-usenix18.pdf},
  sourcecode = {https://secure-platforms-lab-w-m.github.io/muse/}
}

[8]A. Nadkarni, B. Andow, W. Enck, and S. Jha, “Practical DIFC Enforcement on Android,” in Proceedings of the 25th USENIX Security Symposium (USENIX), Austin, TX, USA, 2016, pp. 1119–1136. descriptionPDF codeArtifact

Bibtex

@inproceedings{naej16,
  author = {Nadkarni, Adwait and Andow, Benjamin and Enck, William and Jha, Somesh},
  title = {{Practical DIFC Enforcement on Android}},
  booktitle = {Proceedings of the 25th USENIX Security Symposium (USENIX)},
  year = {2016},
  address = {Austin, TX, USA},
  month = aug,
  pages = {1119-1136},
  pdf = {/downloads/nadkarni-usenix16.pdf},
  sourcecode = {https://wspr.csc.ncsu.edu/weir/}
}

[9]S. Heuser*, A. Nadkarni*, W. Enck, and A.-R. Sadeghi, “ASM: A Programmable Interface for Extending Android Security,” in Proceedings of the 23rd USENIX Security Symposium (USENIX), San Diego, CA, USA, 2014, pp. 1005–1019. *Co-first Authors.. descriptionPDF codeArtifact

Bibtex

@inproceedings{hnes14,
  author = {Heuser\*, Stephan and Nadkarni\*, Adwait and Enck, William and Sadeghi, Ahmad-Reza},
  title = {{ASM: A Programmable Interface for Extending Android Security}},
  booktitle = {Proceedings of the 23rd USENIX Security Symposium (USENIX)},
  year = {2014},
  month = aug,
  address = {San Diego, CA, USA},
  pages = {1005-1019},
  pdf = {/downloads/heuser-usenix14.pdf},
  sourcecode = {http://www.androidsecuritymodules.org},
  note = {\*Co-first Authors.}
}

[10]A. Nadkarni, V. Tendulkar, and W. Enck, “NativeWrap: Ad Hoc Smartphone Application Creation for End Users,” in Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (\underlineWiSec), Oxford, UK, 2014, pp. 13–24. descriptionPDF codeArtifact

Bibtex

@inproceedings{nte14,
  author = {Nadkarni, Adwait and Tendulkar, Vasant and Enck, William},
  title = {{NativeWrap: Ad Hoc Smartphone Application Creation for End Users}},
  booktitle = {{Proceedings of the 7th ACM Conference on Security and Privacy in Wireless and Mobile Networks (\underline{WiSec})}},
  year = {2014},
  month = jul,
  address = {Oxford, UK},
  pages = {13-24},
  pdf = {/downloads/nadkarni-wisec14.pdf},
  sourcecode = {https://wspr.csc.ncsu.edu/nativewrap/}
}

[11]A. Nadkarni and W. Enck, “Preventing accidental data disclosure in modern operating systems,” in Proceedings of the 2013 ACM Conference on Computer & Communications Security (\underlineCCS), Berlin, Germany, 2013, pp. 1029–1042. descriptionPDF codeArtifact

Bibtex

@inproceedings{ne13,
  author = {Nadkarni, Adwait and Enck, William},
  title = {{Preventing accidental data disclosure in modern operating systems}},
  booktitle = {Proceedings of the 2013 ACM Conference on Computer \& Communications Security (\underline{CCS})},
  year = {2013},
  address = {Berlin, Germany},
  month = nov,
  pages = {1029--1042},
  pdf = {/downloads/nadkarni-ccs13.pdf},
  sourcecode = {https://wspr.csc.ncsu.edu/aquifer/}
}

Journal

[1]A. S. Ami, K. Kafle, K. Moran, A. Nadkarni, and D. Poshyvanyk, “Systematic Mutation-based Evaluation of the Soundness of Security-focused Android Static Analysis Techniques,” ACM Transactions on Privacy and Security (TOPS), vol. 24, no. 15, Feb. 2021.

Bibtex

@article{akm+20,
  author = {Ami, Amit Seal and Kafle, Kaushal and Moran, Kevin and Nadkarni, Adwait and Poshyvanyk, Denys},
  title = {{Systematic Mutation-based Evaluation of the Soundness of Security-focused Android Static Analysis Techniques}},
  journal = {ACM Transactions on Privacy and Security (TOPS)},
  year = {2021},
  month = feb,
  volume = {24},
  number = {15}
}

[2]K. Kafle, K. Moran, S. Manandhar, A. Nadkarni, and D. Poshyvanyk, “Security in Centralized Data Store-based Home Automation Platforms: A Systematic Analysis of Nest and Hue,” ACM Transactions on Cyber-Physical Systems (TCPS), vol. 5, no. 1, Dec. 2020.

Bibtex

@article{kmm+20,
  author = {Kafle, Kaushal and Moran, Kevin and Manandhar, Sunil and Nadkarni, Adwait and Poshyvanyk, Denys},
  title = {{Security in Centralized Data Store-based Home Automation Platforms: A Systematic Analysis of Nest and Hue}},
  journal = {ACM Transactions on Cyber-Physical Systems (TCPS)},
  year = {2020},
  month = dec,
  volume = {5},
  number = {1}
}

[3]R. Shu et al., “A Study of Security Isolation Techniques,” ACM Computing Surveys (CSUR), vol. 49, no. 3, Oct. 2016.

Bibtex

@article{swg+16,
  author = {Shu, Rui and Wang, Peipei and Gorski III, Sigmund A and Andow, Benjamin and Nadkarni, Adwait and Deshotels, Luke and Gionta, Jason and Enck, William and Gu, Xiaohui},
  title = {{A Study of Security Isolation Techniques}},
  journal = {ACM Computing Surveys (CSUR)},
  issue_date = {October 2016},
  volume = {49},
  number = {3},
  month = oct,
  year = {2016}
}

Workshop

[1]B. Andow, A. Nadkarni, B. Bassett, W. Enck, and T. Xie, “A Study of Grayware on Google Play,” in Proceedings of the IEEE Mobile Security Technologies workshop (MoST), San Jose, CA, USA, 2016, pp. 224–233.

Bibtex

@inproceedings{anb+16,
  author = {Andow, Benjamin and Nadkarni, Adwait and Bassett, Blake and Enck, William and Xie, Tao},
  title = {{A Study of Grayware on Google Play}},
  booktitle = {Proceedings of the IEEE Mobile Security Technologies workshop (MoST)},
  year = {2016},
  address = {San Jose, CA, USA},
  month = may,
  pages = {224-233}
}

Book Chapters

[1]A. Nadkarni, A. Verma, V. Tendulkar, and W. Enck, “Reliable Ad Hoc Smartphone Application Creation for End Users,” in Intrusion Detection and Prevention for Mobile Ecosystems, CRC Press, 2017 [Online]. Available at: https://www.crcpress.com/Intrusion-Detection-and-Prevention-for-Mobile-Ecosystems/Kambourakis-Shabtai-Kolias-Damopoulos/p/book/9781138033573 Editor: George Kambourakis and Asaf Shabtai and Konstantinos Kolias and Dimitrios Damopoulos.

Bibtex

@incollection{nvte17,
  author = {Nadkarni, Adwait and Verma, Akash and Tendulkar, Vasant and Enck, William},
  title = {{Reliable Ad Hoc Smartphone Application Creation for End Users}},
  booktitle = {Intrusion Detection and Prevention for Mobile Ecosystems},
  publisher = {CRC Press},
  isbn = {9781138033573},
  month = jul,
  year = {2017},
  note = {Editor: George Kambourakis and Asaf Shabtai and Konstantinos Kolias and Dimitrios Damopoulos},
  url = {https://www.crcpress.com/Intrusion-Detection-and-Prevention-for-Mobile-Ecosystems/Kambourakis-Shabtai-Kolias-Damopoulos/p/book/9781138033573}
}

[2]W. Enck and A. Nadkarni, “Android’s Security Framework-Understanding the Security of Mobile Phone Platforms,” in Encyclopedia of Cryptography, Security and Privacy, Springer. Section Editor: Reza Curtmola.

Bibtex

@incollection{en20,
  author = {Enck, William and Nadkarni, Adwait},
  title = {{Android's Security Framework-Understanding the Security of Mobile Phone Platforms}},
  booktitle = {Encyclopedia of Cryptography, Security and Privacy},
  publisher = {Springer},
  note = {Section Editor: Reza Curtmola}
}

Patents

[1]W. H. Enck, A. Nadkarni, A.-reza Sadeghi, and S. Heuser, “PROGRAMMABLE INTERFACE FOR EXTENDING SECURITY OF APPLICATION-BASED OPERATING SYSTEM, SUCH AS ANDROID,” Mar-2018. US Patent US 9,916 ,475 B2.

Bibtex

@patent{asm-patent,
  title = {PROGRAMMABLE INTERFACE FOR EXTENDING SECURITY OF APPLICATION-BASED OPERATING SYSTEM, SUCH AS ANDROID},
  author = {Enck, William Harold and Nadkarni, Adwait and Sadeghi, Ahmad-reza and Heuser, Stephan},
  year = {2018},
  month = mar,
  note = {US Patent US 9,916 ,475 B2}
}

Theses

[1]A. Nadkarni, “Towards Practical Data Secrecy in Modern Operating Systems.,” PhD dissertation, North Carolina State University, 2017.

Bibtex

@phdthesis{adwait-phd,
  title = {{Towards Practical Data Secrecy in Modern Operating Systems.}},
  school = {North Carolina State University},
  author = {Nadkarni, Adwait},
  year = {2017},
  type = {{PhD} dissertation}
}

[2]A. Nadkarni, “Workflow Based Information Flow Control (IFC) in Modern Operating Systems.,” Master’s thesis, North Carolina State University, 2012.

Bibtex

@mastersthesis{adwait-ms,
  title = {{Workflow Based Information Flow Control (IFC) in Modern Operating Systems.}},
  school = {North Carolina State University},
  author = {Nadkarni, Adwait},
  year = {2012}
}