Munawar Hafiz

         Assistant Professor
         Department of Computer Science and Software Engineering

         Auburn University


        Email: munawar @t auburn _d0t edu

        Phone: 1-(334)-844-6348, Fax: 1-(334)-844-6329
[Research Interest]        [Publications]        [Teaching]         [CV/Resume]         [The lighter side]


I am a tenure track assistant professor at the Department of Computer Science and Software Engineering at Auburn University. I lead the Software Analysis, Transformation and Security (SATS) research group.

I got my Ph.D. from University of Illinois at Urbana-Champaign in 2010. My PhD advisor was Ralph Johnson. 
I also had Carl Gunter, Sam Kamin, Darko Marinov from UIUC and David Garlan from CMU in my PhD committee. My Ph.D. dissertation describes how applying security solutions to a system can be thought in
terms of automated, general purpose program transformations; I call them security-oriented program transformations.


News

04/12 - Security Pattern Catalog

03/12 - Poster and SRC Committee Member: SPLASH 2012

02/12 - Paper in SP&E Journal.

01/12 - Graduate Course at Auburn

01/12 - Demo: Add Integer Cast Tool.

 


Research Interest

 

Security Problems of C/C++/Java/Javascript Programs, Program Analysis, Program Transformation, Security Pattern, Software Architecture,

Pattern Language, Empirical Studies to Understand Security Problems, Privacy Pattern, Web Services.


Current Research Projects

    1. Security-oriented Program Transformations

    2. CR-12: Program Transformations Framework for C

    4. Security Patterns and Pattern Language (Link to Catalog of Security Patterns)

    4. The Science of Security Engineering

    5. Javascript: The Used Parts



Students

    1. Dusten Doggett, Grad

    2. Sharath Chowdary Gude, Grad

    3. Yasmeen Rawajfih, Grad

    4. Zack Coker, Undergrad

    5. Joel Eichelkraut, Undergrad

    6. Michael Knowles, Undergrad

    7. Sarah Weeks, Undergrad


I am looking for motivated graduate (mainly Ph.D.) and undergraduate students to join my group.  If interested, email your CV and research interest.


Past Projects


Selected Publications

 

1.  M. Hafiz. A Pattern Language for Developing Privacy Enhancing Technologies. To be published in Software---Practice and Experience, 2012.

2.  M. Hafiz, P. Adamczyk and R. Johnson. Patterns Transform Architecture. In Proceedings of the 9th Working IEEE/IFIP Conference on Software Architecture, WICSA 2011, Boulder, CO, USA, Jun 2011.

3.  P. Adamczyk, P. Smith, R. Johnson and M. Hafiz. REST and Web Services: In Theory and In Practice. Book Chapter in REST: From Research to Practice, Springer, 2011.

4.  P. Adamczyk and M. Hafiz. The Tower of Babel Did Not Fail. In OOPSLA10: Proceedings of the ACM International Conference on Object-oriented  Programming Systems Languages and Applications, pp. 947-957. Reno, NV. Oct, 2010.

5.  M. Hafiz, P. Adamczyk and R. Johnson. Systematically Eradicating Data Injection Attacks using Security-oriented Program Transformations. In ESSoS09: Symposium on Engineering Secure Software and Systems. Leuven, Belgium. Feb, 2009.

6.  M. Hafiz and R. Johnson. Evolution of the MTA Architecture: An Impact of Security. Software---Practice and Experience, 38(15):1569-1599, Dec 2008.

7.  M. Hafiz, P. Adamczyk and R. Johnson. Organizing Security Patterns. IEEE Software. 24(4) pp 52-60. Jul/Aug 2007.

8.  R. Afandi, J. Zhang, M. Hafiz and C. Gunter. AMPol: Adaptive Messaging Policy. In ECOWS06: European Conference on Web Services, pp. 53-64. Dec 2006.

 

Complete list of Publications and Download Links

 

 

Teaching

COMP 3700: Software Modeling and Design, Fall 2012.

*  COMP 7970: Program Analysis and Transformation for Application Security, Spring 2012.

COMP 3700: Software Modeling and Design, Fall 2011.


I have taught half-day tutorials 3 times at OOPSLA (2006, 2007, 2008) to an industry audience.


 

 

Resume and CV

Link to my CV.

Link to my one page Resume.


Professional Activities

PC Member, COMPSAC 2012, SESS 2010-2012, ACM SE 2012

Member, Poster and SRC Committee, OOPSLA/SPLASH, 2011-2012

Editorial Review Board, International Journal on Secure Software Engineering (IJSSE), 2009-2011.

Reviewer: IEEE Software, Software: Practice and Experience, Journal of Systems and Software, IEEE Transactions on Services Computing,

                   Computer and Security, LNCS Transactions on Pattern Languages of Programming (TPLoP), Communications of The ACM

Member, Hillside Group



 

 

The Lighter Side

 

I am learning to be a photographer. I have a Nikon D80 digital SLR and a few decent glasses. You can find some of my exposures at my photo blog and my flickr page


My photography has been featured in The Mindful Eye, one of the premiere sites on photography. Here is a link to the photograph that was featured in a webcast. You can download the video from here (13MB, mov format).

 

I used to have a conventional blog, where I wrote about the non-serious aspects of my life. I don't maintain that anymore. It is instead a honeypot for all things spam... I am "seriously" considering to start a "serious" blog about my experiences in software engineering, security, or perhaps computer science in general; someday, I will start that. 

 

I am married to Farhana Ashraf. She is a Ph.D. student at UIUC. 

 

More about my life. 

 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz