Vafa is a computer science Ph.D. candidate at Luddy School of Informatics, Computing, and Engineering. His research focuses on applying machine learning techniques for protecting the security and privacy of end-users. He works on three main projects on three layers of the network. In the application layer, he works on browser fingerprinting defenses to protect users' privacy. The other two projects focus on protecting IoT devices. In the network layer, his research focuses on a recent IETF standard called Manufacturer Usage Description (MUD), and (close to) physical layer, he works on developing methods and tools for facilitating the reverse engineering of the stripped IoT firmware binaries for vulnerability hunting.


  • MUD
  • BrowserFingerprintingCountermeasures
  • FacilitatingReverseEngineeringoftheIoTfirmware

Recent Publications

  • Vafa Andalibi, Jayati Dev, DongInn Kim, Eliot Lear, and Jean Camp. Making Access Control Easy in IoT. In IFIP International Symposium on Human Aspects of Information Security & Assurance, June 2021.
    Keywords: IoT, MUD, MUD-Visualizer. [bibtex-entry]

  • Vafa Andalibi, Eliot Lear, DongInn Kim, and Jean Camp. On the Analysis of MUD-Files' Interactions, Conflicts, and Configuration Requirements Before Deployment. In 5th EAI International Conference on Safety and Security in Internet of Things, SaSeIoT, May 2021. Springer.
    Keywords: IoT, MUD, MUD-Visualizer. [bibtex-entry]

  • DongInn Kim, Vafa Andalibi, and L Jean Camp. Protecting IoT Devices through Localized Detection of BGP Hijacks for Individual Things. In SafeThings 2021, Oakland, May 2021. IEEE Workshop on the Internet of Safe Things.
    Keywords: Fingerprinting, IoT. [bibtex-entry]

  • Personal Website / CV

    Want to know more about Vafa Andalibi