PDF

Sunil Manandhar

sunil@ibm.com | +1(757) 345-9788 | https://linkedin.com/in/sunil-manandhar | https://suneal.github.io/website

_______________________________________________________________________________________________________

RESEARCH

I am a Research Scientist at IBM T.J. Watson Research Center. I received my Ph.D. from William & Mary. My research interest include IoT security, privacy, software security, and NLP. I completed by B.Sc. in Computer Science and Information Technology from St. Xavier’s College, Nepal.

EDUCATION

Ph.D. in Computer Science, GPA 3.85 – The College of William and Mary, Williamsburg, VA           Aug 2016 – Present 

Advisor: Dr. Adwait Nadkarni

Relevant Coursework: Advanced System Security Engineering, Advanced Topics in System and Security, CyberSecurity Research Analysis, Computer & Network Security, Advanced Software Engineering, Ubiquitous and Mobile Computing, Analysis of Algorithms, Intro to Machine Learning

BS in Computer Science and IT, GPA: 79.5% – Tribhuvan University, Kathmandu, Nepal             Nov 2011 – Nov 2015

PUBLICATIONS

Kaushal Kafle, Kevin Moran, Sunil Manandhar, Adwait Nadkarni,  and Denys Poshyvanyk. Security in Centralized Data Store-based Home Automation Platforms: A Systematic Analysis of Nest and Hue. ACM Transactions on Cyber Physical Systems, special issue on Security and Privacy for Connected CPS (TCPS) [PDF]

Sunil Manandhar, Kevin Moran, Kaushal Kafle, Ruhao Tang, Denys Poshyvanyk, and Adwait Nadkarni.  Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses.  To Appear in the Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, USA, May 2020.  [PDF]

Kaushal Kafle, Kevin Moran, Sunil Manandhar, Adwait Nadkarni,  and Denys Poshyvanyk. A Study of Data Store-based Home Automation. In Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY), Dallas, TX, USA, March 2019. Best Paper Award. [Press Coverage] [PDF]

Sigmund Albert Gorski III, Ben Andow, Adwait Nadkarni, Sunil Manandhar, William Enck, Eric Bodden, and Alexandre Bartel. ACMiner: Extraction and Analysis of Authorization Checks in Android’s Middleware. In Proceedings of the 9th ACM Conference on Data and Application Security and Privacy (CODASPY),  Dallas, TX, USA, March 2019. [CVE-2019-9351, CVE-2019-9377, CVE-2019-9438] [PDF]

WORK EXPERIENCE

Co-op, IBM             Sep 2020 – De

• Framework for Privacy Policy analysis (ongoing)
  

Research Intern, IBM           Jun 2020 – Sep 2020

• Framework for Privacy Policy analysis
  

Lead Grad Student, SPL Lab               Jan 2020 – Present

• Conducted weekly student-run meetings and organized events to improve research skills
• Managed lab website and logistics [Website]
• Mentored 4 students in research projects

Research Assistant, CS Department, William & Mary May 2018 – Present

• Analyzed Privacy Policies to develop insights into data protection practices (ongoing) 
• Designed framework for generating natural home automation scenarios to improve security and safety in smart homes
• Developed proof of concept exploits for vulnerabilities in access control enforcement of APIs in the Android Platform

Teaching Assistant, William & Mary           Aug 2016 – May 2017

• Computational Problem Solving

Technology Lead, Universal Language Learning, China             Dec 2016 – Present

• Built a chatbot engine for kids to help with language learning. https://my-little-harper.myshopify.com/

Mobile App Developer, Moondrop, San Francisco           Jan 2016 – Aug 2016 

• Managed Mobile Application and Updated the App with Material Design https://tinyurl.com/y65eafd6

Software Engineer, Bajra Technologies, Kathmandu, Nepal         Jan  2015 – Jan 2016

• SiteHawk – Crawler, and Interface for WebsiteSite Deface Detection https://tinyurl.com/y4ro377
• Imperial – Cordova based Mobile App for Side-Kick Plus Device  https://tinyurl.com/y6dz3qjg 

Business Associate, Axon System, Kathmandu, Nepal                                                                                  May 2014 – Dec 2014

• MyFarm – Mobile Application 
• Driving License Mobile App https://tinyurl.com/s6rjgmo 

AWARDS AND HONORS

• Best Paper Award at CODASPY, Dallas, TX, USA, March 2019
• Received 3 CVEs and mentions on the Android Security Bulletin
• Winner of Imagine Cup Nepal 2014
• Winner of Skype Challenge in Imagine Cup 2014
• President of Computer Science and Information Technology Association of Nepal (2014)
• Microsoft Student Partner – St. Xavier’s College (2014)
• Member of the Student Technology Advisory Committee ( Arts and Science Department – William & Mary)

PRESENTATIONS AND INVITED TALKS

• “Towards a Natural Perspective of Smart Homes for Practical Security and Safety Analyses”
  • 41st IEEE Symposium on Security and Privacy
  • Journal Club, William & Mary
• “Outlier Detection in Large Scale Dataset”
  • 17th Annual Graduate Research Symposium

PROFESSIONAL SERVICE

Sub-reviewer for Conferences

• ISOC Network and Distributed System Security Symposium (NDSS), 2020
• USENIX Security Symposium (USENIX), 2019
• The International Conference on Information Systems Security (ICISS), 2019