Language-based security, formal verification, web security, usable privacy, and policy enforcement.
Research Area
Security & Privacy
Security and privacy research connects formal verification, language-based security, web privacy, usable consent systems, privacy-preserving machine learning, and trustworthy public-interest systems.
Research Themes
What the group works on
Formal methods and protocol verification Language-based security and information flow Web privacy and browser consent management Privacy-preserving and fair machine learning Secure embedded and public-interest computing systems
Faculty
People shaping this area
Selected Publications
Recent Publications
Johnny Can't Revoke Consent Either: Measuring Compliance of Consent Revocation on the Web
PETS 2025 - web privacy and consent revocation compliance.
Least Privilege Access for Persistent Storage Mechanisms in Web Browsers
WWW 2025 - browser storage and least-privilege web security.
Fall-Through Semantics for Mitigating Timing-Based Side Channel Leaks
FSTTCS 2025 - semantics and side-channel mitigation.
DY*: A Modular Symbolic Verification Framework for Executable Cryptographic Protocol Code
IEEE EuroS&P 2021 - verified cryptographic protocol code.
Projects & Outputs
Representative Projects
Understanding and Ensuring the Privacy of User Data
SERB project led by Abhishek Bichhawat.
Verifying Security Properties of Group Messaging Protocols
CEFIPRA international project led by Abhishek Bichhawat.
Towards a Private yet Functional Web: Designing a Usable and Privacy-compliant Consent Management Framework for Online Browsing
ANRF Advanced Research Grant led by Abhishek Bichhawat.
Fair Federated Learning Framework in the Presence of Heterogeneous, Strategic, and Malicious Clients
ANRF early-career project led by Manisha Padala.