Mohammad Ghasemisharif

Security Researcher

About Me

I'm a computer science PhD candidate at University of Illinois at Chicago. I'm a member of BITS Networked Systems Laboratory where I'm being advised by Chris Kanich and Jason Polakis. My research interests cover several areas of security and privacy. In the past, I have conducted studies on large-scale user de-anonymization techniques and understanding flaws in well-established authentication systems. My research is aimed to design robust privacy preserving techniques for online users and address the shortcomings of authentication and authorization mechanisms.


Conference & Workshop Papers

"When Push Comes to Shove: Empirical Analysis of Web Push Implementations in the Wild"
Alberto Carboneri, Mohammad Ghasemisharif, Soroush Karami, and Jason Polakis
(To appear) In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2023

"Read Between the Lines: Detecting Tracking JavaScript with Bytecode Classification"
Mohammad Ghasemisharif, and Jason Polakis
(To appear) In Proceedings of the ACM Conference on Computer and Communications Security (CCS), 2023

"Navigating Murky Waters: Automated Browser Feature Testing for Uncovering Tracking Vectors"
Mir Masood Ali, Binoy Chitale, Mohammad Ghasemisharif, Chris Kanich, Nick Nikiforakis, and Jason Polakis
In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2023

"Towards Automated Auditing for Account and Session Management Flaws in Single Sign-On Deployments"
Mohammad Ghasemisharif, Chris Kanich, and Jason Polakis
In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2022

"Plight at the End of the Tunnel: Legacy IPv6 Transition Mechanisms in the Wild"
John Kristoff, Mohammad Ghasemisharif, Chris Kanich, and Jason Polakis
In Proceedings of Passive and Active Measurement Conference (PAM), 2021

"SpeedReader: Reader Mode Made Fast and Private" [PDF]
Mohammad Ghasemisharif, Peter Snyder, Andrius Aucinas, and Benjamin Livshits
In Proceedings of The Web Conference (WWW), May 2019, San Francisco, CA.

"O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web" [PDF][Data]
Mohammad Ghasemisharif, Amrutha Ramesh, Stephen Checkoway, Chris Kanich, and Jason Polakis
In Proceedings of the 27th USENIX Security Symposium, August 2018
Media Coverage: New York Times(1) (2), WIRED, CNN, NBC, The Guardian, The Register, Yahoo, BuzzFeed

"Virtualized dynamic port assignment and windowed whitelisting for securing infrastructure servers"
Ronald Loui, Lucinda Caughey, Mohammad Ghasemisharif and Rogelio Salvador
IEEE International Conference on Electro Information Technology (EIT), August 2016

Technical Reports

"State of the Fuzz: An Analysis of Black-Box Vulnerability Testing" [PDF]
Mohammad Ghasemisharif