I am an Assistant Professor at Department of Computer Scinece and Engineering, IIT Kharagpur, India. Previously, I was a postdoctoral researcher at Cornell Tech and a member of the Digital Life Initiative where I worked with Prof. Helen Nissenbaum. Prior to joinining Cornell Tech I spent a fantastic year as a postdoc at the University of Chicago, Department of Computer Science. There I was a member of SUPERgroup and worked with Prof. Blase Ur. I completed my Ph.D. in Computer Science on November 2017 at the Max Planck Institute for Software systems where I was advised by Prof. Krishna P. Gummadi.
I am broadly interested about incorporating human factors in security and privacy, and consequently designing usable online services. My recent research focus is on developing systems to provide usable privacy and security mechanisms to online users while minimizing system abuse.
I am always looking for students who are interested in human aspects of privacy/security and like to tinker with systems. If you are a student at IIT Kgp && if you feel strongly about making the digital world private and secure for the users just drop me a mail.
I design, implement and analyze usable private and secure online systems. My work integrates security and privacy, human-computer interaction and systems research. My prominent ongoing research projects are as follows:
Improving usability of retrospective access management in online archives [PoPETS'19] [SOUPS'18]
We are investigating the effectiveness of tools which enable users to retrospectively modify (delete/edit old content or retrospectively change the audience) their past content in online archives (like social media or cloud storage). Our final goal is to design new mechanisms and systems which will let online users better manage the security and privacy of their old content.Managing online data privacy and security via exposure [IJAESAM'17] [IC'17] [SOUPS'16] [USEC'14] [SOUPS'14] [CoNEXT'12] [EuroSys'12]
We developed the model of exposure control (controlling who actually views a piece of online content), an extension of existing access control (controlling who has access to the online content) for building more secure/private systems. We show that, in multiple real-world scenarios, exposure control enables us to better capture user intention and design more private and usable systems compare to the state of the art.Limiting abuse (hatespeech) in online platforms [THAM'18] [HT'17] [ICWSM'16] [ICWSM'15] DATASET
We also investigated user behavior in online anonymous platforms. We identified that privacy and anonymity is a blessing to most of the user since they enable users to upheld free speech. However, a few users abuse the system under the veil of anonymity in the form of posting content like hatespeech. To that end, we work on developing techniques to detect and investigate hate speech in online platforms. You can access our hatespeech dataset here.
A common theme of our work is to collect real world data from deployed systems and analyze this data to identify and address privacy, security or accountability issues in those systems. Consequently, we created some online systems as part of our research to help social network users better understand and manage their data privacy. Please find below a list of such system and datasets from our work:
Check Your Secondary Digital Footprint on Twitter: In Twitter, people may converse with you by mentioning your name in their tweets. These conversations constitute your secondary digital footprint. Secondary digital footprints are not created or controlled by you. However, they can still leak your personal information. Our Twitter application aims to help you check what information others leak about you on Twitter (You will need a Twitter account to use it ).
Friendlist Manager: Friendlists in Facebook are a great way to share your content with the people you intend to. But they are a huge pain to create and update. Our Facebook application was designed to facilitate and simplify management of your friendlists. Unfortunately the new version of Facebook API do not allow developers to fetch the data the app needed to use, consequently the app is not live any more. You can check the functions of this (now discontinued) app here.
Privacy IQ: Privacy IQ is a quiz that measures both your understanding of how privacy works on Facebook and your knowledge of your own privacy settings. However due to the change in Facebook API this app too is not live any more.
Hatespeech data collected from Twitter and Whisper: This dataset contains 20,705 tweets and 7,604 whispers which contain hatespeech. To know more about our methodology please check our HyperText 2017 publication .
Cryptography and Network Security (Autumn 2019) [CO-TEACHING] [IIT Kgp]
Social Computing (Autumn 2019) [CO-TEACHING] [IIT Kgp]
Usable Security and Privacy (Spring 2018) [CO-TEACHING] [UChicago]
Topics in Computer Security: Data-Driven Security and Privacy (Winter 2018) [CO-TEACHING] [UChicago]
Social Media Analysis (Summer 2016)[TA] [MPI-SWS/Saarland University]
Security (Winter 2014-15) [TA] [Saarland University]
Readings in Social Computing Systems (Summer 2013) [TA] [MPI-SWS/Saarland University]