Sajjad "JJ" Arshad

February 2024
Our Captchas paper has been accepted to TheWebConf (WWW) 2024.

July 2023
We at Google will present Android App Hacking workshop at DEFCON 31 to be held in August.

July 2023
I will co-present at Android App Hacking workshop, sponsored by Google and WiCyS Silicon Valley.

June 2023
I co-led pwn category and helped organizaing in Google CTF.

February 2023
I will co-present a workshop on Android App Hacking at BSidesSF to be held in April.

October 2022
I will be serving in the program committee of "Security, Privacy, and Trust" track at TheWebConf (WWW) 2023.

September 2022
I co-presented at Android App Security and Hacking workshop, sponsored by Google and WiCyS Silicon Valley.

September 2022
I will be serving in the program committee of Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) co-located with NDSS Symposium 2023.

July 2022
I helped organizing Google CTF as a misc category co-lead.

February 2022
I got married to the love of my life!

November 2021
I will be serving in the program committee of Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) co-located with NDSS Symposium 2022.

October 2021
I am promoted to Senior Security SWE at Google.

October 2021
I will be serving in the program committee of "Security, Privacy, and Trust" track at TheWebConf (WWW) 2022.

August 2021
I participated in Social Engineering PenTesting competition organized by Temple University CARE Lab. Check out the podcast to learn more!

July 2021
I helped organizing Google CTF as a pwn category co-lead.

June 2021
I presented at Android App Hacking Workshop, sponsored by Google Play, HackerOne, and PayPal.

December 2020
I presented at Android App Hacking Workshop, sponsored by Google Play and HackerOne.

December 2020
I will be serving in the program committee of ACM Conference on Computer and Communications Security (CCS) 2021.

November 2020
Our USENIX Security paper on Web Cache Deception is nominated for PwnieAwards's Most Innovative Research.

November 2020
I will be serving in the program committee of Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb) co-located with NDSS Symposium 2021.

November 2020
I participated in virtual speed mentoring session (Cybersecurity) organized by Iranian Women in Computing (IranWiC).

October 2020
Our USENIX Security paper on Web Cache Deception qualifid to participate in CSAW's Applied Research Competition finals.

September 2020
I presented two talks on Android Malware Analysis at Dartmouth College.

August 2020
We presented our talk (slides) at H@cktivityCon.

July 2020
I will be serving in the program committee of "Security, Privacy, and Trust" track at TheWebConf (WWW) 2021.

July 2020
Our talk on Web Cache Deception has been accepted to H@cktivityCon hosted by HackerOne.

April 2020
I will be serving as the session chair for "Security, Privacy, and Trust" track of WWW 2020.

March 2020
Our WCD paper has appeared among the Top 10 Application Vulnerabilities of 2019 by WhiteHat Security.

February 2020
William Blair presented our HotFuzz system at NDSS in San Diego, CA, USA (See the talk on YouTube).

February 2020
Our WCD paper has been named the top Web hacking technique of 2019 by PortSwigger.

February 2020
Our Fuzzing paper has been accepted to NDSS 2020.

January 2020
My talk on WCD has been accepted to php[tek] 2020.

November 2019
Our Web Cache Deception (WCD) paper has been accepted to USENIX Security 2020.

October 2019
Christo Wilson and I attended IMC in Amsterdam, Netherlands and he presented our ads.txt Standard study.

August 2019
I will be serving in the program committee of "Security, Privacy, and Trust" track at TheWebConf (WWW) 2020.

July 2019
Our ads.txt Standard paper has been accepted to IMC 2019.

May 2019
I started working at Google as a Security SWE.

April 2019
I defended my PhD thesis in Cybersecurity and graduated from Northeastern University.

January 2019
I proposed my PhD thesis on security risks of content inclusion in Web browsers.

December 2018
Reza Mirzazade farkhani and I attended ACSAC in San Juan, Puerto Rico, USA and he presented our TROP system.

November 2018
Muhammad Ahmad Bashir and I attended IMC in Boston, MA, USA and he presented our WebSockets study.

October 2018
I was awarded a Student Travel Grant to attend ACSAC 2018.

September 2018
I was awarded a Student Travel Grant to attend IMC 2018.

August 2018
Our CFI paper has been accepted to ACSAC 2018.

August 2018
I attended Black Hat USA and DEF CON 26 in Las Vegas, NV, USA.

July 2018
I was awarded a Student Scholarship to attend Black Hat USA 2018.

May 2018
Muhammad Ahmad Bashir presented our WebSockets study at ConPro in San Francisco, CA, USA.

April 2018
Tobias Lauinger presented our RPO study at WWW in Lyon, France.

February 2018
Our WebSockets paper has been accepted to IMC 2018.

February 2018
Our WebSockets paper has been accepted to ConPro 2018.

December 2017
Our Relative Path Overwrite (RPO) paper has been accepted to WWW 2018.

June 2017
I started a summer internship at Mozilla Corporation as a security researcher.

February 2017
Tobias Lauinger and I attended NDSS in San Diego, CA, USA and he presented our JavaScript Libraries study.

February 2017
I was awarded a Student Travel Grant to attend NDSS 2017.

November 2016
Muhammad Ahmad Bashir and I attended IMC in Santa Monica, CA, USA and he presented our CRN study.

October 2016
Our JavaScript Libraries paper has been accepted to NDSS 2017.

September 2016
I was awarded a Student Travel Grant to attend IMC 2016.

September 2016
William Robertson presented our OriginTracer system at RAID in Evry, France.

August 2016
Muhammad Ahmad Bashir and I attended USENIX Security in Austin, TX, USA and he presented our Retargeted Ads study.

August 2016
Amin Kharraz and I attended USENIX Security in Austin, TX, USA and he presented our UNVEIL system.

July 2016
Our Content Recommendation Networks (CRN) paper has been accepted to IMC 2016.

July 2016
I was awarded a Student Travel Grant to attend USENIX Security 2016.

June 2016
Our Ad Injection paper has been accepted to RAID 2016.

May 2016
I started a summer internship at Verisign Inc as a security researcher.

May 2016
Our Retargeted Ads paper has been accepted to USENIX Security 2016.

May 2016
Our Ransomware paper has been accepted to USENIX Security 2016.

February 2016
William Robertson presented our Excision system at FC in Barbados.

February 2016
I attended NDSS in San Diego, CA, USA.

November 2015
Our Content Inclusion paper has been accepted to FC 2016.

September 2013
I started my PhD in Cybersecurity (Information Assurance) at Systems Security Lab (NEU SecLab).