Suman Saha        

Suman Saha
Postdoctoral Research Fellow
Dept. of Computer Science and Engineering
Pennsylvania State University
USA

Contact
IST Building
Room:344
State College, MA 02138
Email: sumsaha AT cse DOT psu DOT edu


Web Counter
web counter

                        Harvard University        

Research Publications Activities Awards Given Talks Press Traveling Photos

I am working as a postdoctoral research fellow in a project of Defense Advanced Research Projects Agency (DARPA), US Department of Defense, to develop a program to expose backdoors and hidden malicious functionality on information technology.

I worked at another postdoc position in Harvard University for one year. I have done my PhD from University of Paris 6. My PhD work was to improve the quality of error-handling code in systems software. The work won the William C. Carter Award 2013 for making an important contribution to the field of dependable computing.



Research

Research Interest: Static Analysis, Model Checking, Program Analysis, Code Optimization, Program Verification, Formal Methods, Software Security, Code Injection.

Research Experience

Pennsylvania State University, USA
Post doctoral Research Fellow, July 2014 to Present
I have been working for a project of Defense Advanced Research Projects Agency (DARPA), US Department of Defense, to develop a program to expose backdoors and hidden malicious functionality on information technology.

Harvard University, USA
Post doctoral Research Fellow, May 2013 to June 2014
I worked for GoNative project. The goal of the GoNative research project is to enable safe execution of native code in software systems such as web browsers and type-safe programming languages (e.g., Java, Python, C#).

Microsoft Research Cambridge, UK
Research Intern, June 2012 to September 2012
SLAyer is a formal verification tool developed by Microsoft. I built a module that translates control-flow graphs into SLAyer data structures while I was an intern at Microsoft Research.

Regal Group, INRIA/LIP6, France
PhD Student, March 2010 to March 2013
I worked for A Bug's life (ABL) project. The goal of the project was to develop a comprehensive solution to the problem of finding bugs in API usage in open source infrastructure software. This project was jointly supervised by INRIA (The French National Institute for Research in Computer Science and Control) and LiP6. Our solution of the problem won the William C. Carter Award 2013 for making an important contribution to the field of dependable computing.

Programming Languages bAsed Software Security and Engineering Lab (PLASSE), Hanyang University, South Korea
Research Assistant for Prof. Kyung-Goo Doh, March 2008 to February 2010
Conducted research on most destructive security vulnerability, Cross-Site Scripting in web application to design compile-time checking method.



Activities

Program committee member of Student forum at International Conference on Dependable Systems and Networks (DSN) , 2014

Program committee member of Student papers track at IEEE International Symposium on Software Reliability Engineering (ISSER) , 2014



Publications

                               




Publications

Nicolas Palix, Gael Thomas, Suman Saha, Christophe Calves, Julia Lawall, and Gilles Muller Faults in Linux 2.6 ACM Transactions on Computer Systems (TOCS), June 2014

Suman Saha, Jean-Pierre Lozi, Gael Thomas, Julia Lawall, and Gilles Muller Hector: Detecting Resource-Release Omission Faults in Error-Handling Code for Systems Software in the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), Budapest, June 2013. Won William C. Carter Award. [pdf]

Suman Saha, Shizhen Jin, and Kyung-Goo Doh Detection of DOM-based Cross-Site Scripting by Analyzing Dynamically Extracted Scripts in the 6th International Conference on Information Security and Assurance (ISA), 2012, Shanghai, China. [pdf]

Suman Saha, Julia Lawall, and Gilles Muller An Approach to Improving the Structure of Error-Handling Code in the Linux Kernel in the ACM SIGPLAN/SIGBED Conference on Language, Compilers, Tools and Theory for Embedded Systems (LCTES), 2011, Chicago, USA. [pdf]

Nicolas Palix, Gael Thomas, Suman Saha, Christophe Calves, Julia Lawall, and Gilles Muller Faults in Linux: Ten Years Later in the 16th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2011, CA, USA. [pdf]

Suman Saha, Julia Lawall, and Gilles Muller Finding Resource-Release Omission Faults in Linux SIGOPS Operating System Review (OSR), vol. 45, pp. 5-9 (2011) Best papers from PLOS'11.

Suman Saha Consideration Points: Detecting Cross-Site Scripting, International Journal of Computer Science and Information Security , August issue (Vol. 4), 2009, Pittsburgh, USA. [pdf]


Workshops/Posters

Suman Saha, Julia Lawall, and Gilles Muller Elicitor: Usage-Frequency Independent Detection of Resource-Release Omission Faults in the 7th EuroSys, poster session, Apr 2012, Bern, Switzerland. [pdf]

Suman Saha, Julia Lawall, and Gilles Muller Finding Resource-Release Omission Faults in Linux in the 6th Workshop on Programming Languages and Operating Systems (PLOS), October 23, 2011, Cascais, Portugal. [pdf] (Highest-rated paper)


Technical Reports/Thesis

Suman Saha Improving the Quality of Error-Handling Code in Systems Software using Function-Local Information . PhD Thesis: Universite Pierre et Marie Curie (UPMC), Paris, 2013 [pdf]

Nicolas Palix, Suman Saha, Gael Thomas, Christophe Calves, Julia Lawall, and Gilles Muller Faults in Linux: Ten Years Later Institut National de Recherche en Informatique et en Automatique, Paris, 2010. [pdf]

Suman Saha Improving Error-Handling Code in Systems Software . PhD Midterm Evaluation Report: Universite Pierre et Marie Curie (UPMC), Paris, 2011 [pdf]

Suman Saha Static Analysis of DOM-based Cross-Site Scripting . MSc Thesis: Hanyang University, South Korea, 2010



Awards/Scholarships

William C. Carter Award 2013 for making an important contribution to the field of dependable computing by the PhD dissertation. In DSN 2013 , Budapest, Hungary. [Click for details]

DSN Grant to attend DSN 2013. In Budapest, Hungary.

EuroTM Travel Grant to attend EuroSys 2012. In Bern, Switzerland.

EuroSys Student Travel Prize to attend SOSP 2011. In Cascais, Portugal. I was one of the only two winners.

Best Student Presentation Award in Danish Static Analysis Symposium (DANSAS), August, 2011, Odense, Denmark. The award was sponsored by Google.

Scholarship from Hanyang International Scholarship Program (HISP) for two academic years (2008-2010) in Hanyang University, South Korea.

University Merit Scholarships for three academic years (2003-2006) in Premier University, Bangladesh.



Given Talks

Hector:Detecting Resource-Release Omission Faults in Error-Handling Code for Systems Software in the 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June, 2013, Budapest, Hungary.

EHCtor:Detecting Resource-Release Omission Faults in Error-Handling Code for Systems Software at the Conference in Parallelism, Architecture and System, January 15, 2013, Grenoble, France. [slides]

Finding Resource-Release Omission Faults in Linux at the 6th Workshop on Programming Languages and Operating Systems (PLOS), October 23, 2011, Cascais, Portugal. [slides]

Finding Resource-Release Omission Faults in Linux at the Danish Static Analysis Symposium (DANSAS), August, 2011, Odense, Denmark. [slides] (Best Student Presentation Award)

An Approach to Improving the Structure of Error-Handling Code in the Linux Kernel at the ACM SIGPLAN/SIGBED Conference on Language, Compilers, Tools and Theory for Embedded Systems (LCTES), 2011, Chicago, USA. [slides]



Press

La Gazette, INRIA, Paris published my interview. [Click to read] (In French)





Traveling

Traveling to Montreal and Halifax in Canada for vacation in 2014
Traveling to Budapest , Hungary for giving talk and receiving William C. Carter Award in DSN 2013
Traveling to Paris to attend my commencement in 2013
Visiting Amsterdam , Netherlands for summer vacation 2013
Visiting Grenoble and Lille , France for giving talk in 2013
Traveling to Marrakech , Morocco for vacation in 2013
Traveling to Barcelona , Spain for vacation in 2013.
Vacation in Nice , Cannes and Monaco in 2012
Visiting Cambridge and London while I was doing internship at Microsoft Research UK.
Traveling to Bern , Switzerland to attend a conference, EuroSys in April, 2012.
Traveling to Cascais , Portugal to attend a conference, SOSP in October, 2011.
Official tour: DIKU, Copenhagen , Denmark, August, 2011.
Summer vacation in Italy ( Pisa , Florence , Venice , Rome ) and Switzerland ( Geneva and Interlaken ), June, 2011.
Chicago , USA to attend a conference LCTES, April, 2011.
Summer vacation in Dresden , Germany and Prague , Czech Republic, June, 2010.
I had been in Paris , France for 3 years (2010-2013) for my PhD
I had been in Ansan , South Korea for 2 years (2008-2010) for my M.Sc.
I had been in Bangalore , India for 4 years(1996-2000) for my studies.