Note: I am open to Software/Security Engineering Full-time positions.

My name is Himanshu Goyal (How to pronounce?). I am a graduate student at Georgia Tech pursuing a Master of Science in Computer Science with a specialization in Computing Systems. Before this, I proudly earned a Dual Degree in Computer Science (B.S./M.S.) from the Indian Institute of Technology (IIT) Bhubaneswar . My thesis was centered around the development of large-scale smart systems, with a strong emphasis on Trust, Security, and Privacy guarantees. This work was conducted under the supervision of Prof. Sudipta Saha. I am also an active member of the Decentralized and Smart Systems Research Group (DSSRG) at IIT Bhubaneswar.

As a skilled software engineer, my passion lies in developing large-scale secure software systems that leverage the power of robust systems architecture, modern cryptographic methodologies, and essential open-source tools. I have worked on several disciplines ranging from Systems & Networking, Blockchain, Trustworthy distributed computing, Zero-Knowledge Proofs (ZKPs), and Privacy Preserving Machine Learning (PPML), Deep learning,. I truly enjoy applying modern cryptographic techniques in building secure software systems.

I maintain a list of cryptographic resources under the Crypto Resources tab. It mostly contains references to the security related courses taught at several universities along with some additional useful information. If you feel to contribute, I welcome you to contact me for the same. I also occasionally blog to distill out my understanding from the readings I do. Well, you can find me reading, lurking reddit and twitter in my spare time. Nevertheless, I am an ardent Cricket fan and love talking about it.

CV / Resume: [pdf]
Last Updated: Sept 2023

Email ID: hgoyal33@gatech.edu

Updates

May 2023: Started in-person internship at Galois in Portland Office.
Jan 2023: Our work titled ZoneSync: Real-Time Identification of Zones in IoT-Edge got accepted at IEEE COMSNETS 2023.
Aug 2022: Our work titled ReLI: Real-Time Lightweight Byzantine Consensus in Low-Power IoT-Systems got accepted at IEEE CNSM 2022.
Apr 2022: Our work titled Multi-Party Computation in IoT for Privacy-Preservation got accepted at IEEE ICDCS 2022.
Jan 2021: Started remote internship with Prof. Arpita Patra at [Cryptography and Information Security lab], IISc Bangalore on Privacy Preserving Machine Learning.
May 2020: Started remote internship with Chayan Sarkar at TCS Research & Innovation on developing low-resource speech-to-text translation systems.
Apr 2020: Summer Internship with ENCRYPTO Group at TU Darmstadt, Germany(Cancelled due to Covid outbreak).
March 2020:Participated at Smart India Hackathon(SIH) 2020.
Dec 2019: Secured Bronze medal at 8th Inter-IIT Tech meet in Outreach Exercise for New Technology Ideas in TV Audience Measurement.
May 2019: Started Summer Internship at CNERG IIT Kharagpur on Characterization of Workload in multi-tier cloud application under the guidance of Sandeep Chakraborty.
Sep 2018: Started Computer Science Coursework
May 2018: Transferred from 4-year Metallurgical Programme to 5-year Dual Degree(B.tech+M.tech) in Computer Science Engineering(1 out of entire batch).
Jul 2017: Successfully passed both JEE Main and JEE Advance examinations and secured an admission at IIT Bhubaneswar in its 4-year undergraduate programme in Metallurgical and Materials Engineering.
May 2016: Got a direct admission offer from BITS-Pilani on the basis of excellent Intermediate academic performance at Birla School Pilani .



Domain Impersonation opportunities amidst TLS availability

10 May 2023 Blog

Motivation: This research work investigates the significant threat of do- main impersonation attacks, wherein attackers create do- mains that resemble legitimate ones to deceive users into disclosing sensitive information. The effectiveness of existing security measures in detecting and preventing such attacks is analyzed. Specifically, the warning messages in the browsers and the Safe Browsing API, a prevalent browser-based se- curity mechanism, are examined in identifying potentially harmful websites. Our Chrome-based browser study states that around 45% of look-alike domains are available to buy, and the browser application only shows warning messages for only 1%, providing an open area for attackers to launch malicious webpages. Our research also demonstrates the lim- itations of relying solely on these mechanisms, as attackers can easily obtain certificates for look-alike domains through free certificate authorities such as Let’s Encrypt. We find that majority of the look-alike domains in our dataset have valid TLS certificates and that RPKI validity cannot be used to distinguish these sites. To address this issue, we propose a solution that combines tools such as DNSTwist and CT Monitors, which can assist domain owners in identifying potentially malicious look-alike domains. This solution can help mitigate the risks of domain impersonation attacks and improve the security of popular domains on the internet. The findings of this research work contribute to a more com- prehensive understanding of the security risks associated with popular domains and inform the development of more effective security measures.

Keywords: Domain Typosquatting, Google Chrome, Safe Browsing, RPKI, TLS Certificates

Acknowledgement: This work was done in collaboration with Samina Mulani at Georgia Tech.

Project Report [pdf]
Project Presentation [ppt]

Discovering vulnerabilities in Industrial Control System (ICS) Networks through Internet Scanning

24 Nov 2022 Blog

Motivation: Industrial control systems (ICS) are used to automate and monitor processes and equipment in various industries, such as energy, transportation, and manufacturing. These systems provide many benefits, but they can also be vulnerable to se- curity threats if not properly protected. Most ICS networks use protocols designed for controlled environments and do not have built-in security mechanisms. However, the increas- ing connectivity of ICS devices to networks and the internet creates opportunities for malicious actors to cause disruptions and malfunctions. In this study, we employed an empirical methodology to assess the potential vulnerabilities in existing ICS networks. Using network scanning techniques, we identi- fied vulnerable ICS devices according to the Purdue model, which considers the hierarchical structure of ICS networks and the different services that devices run on. Our evaluation showed that this method could effectively identify high-risk devices and prioritize them for security measures.

Acknowledgement: This work was done under the guidance of Prof. Saman Zonouz, and Prof. Paul Pearce at Georgia Tech.

Project Report [pdf]
Project Presentation [ppt]

LiPI: Lightweight Privacy-Preserving Data Aggregation in IoT

09 Aug 2022 Publications


LiPI: Lightweight Privacy-Preserving Data Aggregation in IoT

Himanshu Goyal, Krishna Kodali, and Sudipta Saha
Accepted in the 22nd IEEE International Conference on Trust, Security Privacy in Computing and Communications (TrustCom), 2023, Exeter, UK.

Abstract: In the modern digital world, a user of a smart system remains surrounded with as well as observed by a number of tiny IoT devices round the clock almost everywhere. Unfortunately, the ability of these devices to sense and share various physical parameters, although play a key role in these smart systems but also causes the threat of breach of the privacy of the users. Existing solutions for privacy-preserving computation for decentralized systems either use too complex cryptographic techniques or exploit an extremely high degree of message passing and hence, are not suitable for the resource-constrained IoT devices that constitute a significant fraction of a smart system. In this work, we propose a novel lightweight strategy LiPI for Privacy-Preserving Data Aggregation in low-power IoT systems. The design of the strategy is based on decentralized and collaborative data obfuscation and does not exploit any dependency on any trusted third party. In addition, besides minimizing the communication requirements, we make appropriate use of the recent advances in Synchronous-Transmission (ST)-based protocols in our design to accomplish the goal efficiently. Extensive evaluation based on comprehensive experiments in both simulation platforms and publicly available WSN/IoT testbeds demonstrates that our strategy works up to at least 51.7% faster and consumes 50.5% lesser energy compared to the existing state-of-the-art strategies.

ReLI: Real-Time Lightweight Byzantine Consensus in Low-Power IoT-Systems

20 May 2022 Publications


ReLI: Real-Time Lightweight Byzantine Consensus in Low-Power IoT-Systems

Himanshu Goyal, Manish Kausik H, and Sudipta Saha
Accepted in the 18th IEEE International Conference on Networks and Service Management (CNSM), 2022, Thessaloniki, Greece.

Abstract: IoT/WSN assisted smart-systems are making our living easier and more comfortable in various aspects. However, there is always a chance of malfunctioning in such massive decentralized systems in crucial moments because of one or more components of the system getting compromised. For instance, monitoring systems installed to watch the status of a bridge may unknowingly suppress the recent deterioration in the status because of some compromised sensing devices. Byzantine fault tolerance support is highly essential in combating the presence of such smart devices with malicious intentions. However, existing solutions for consensus or data aggregation in IoT/WSN systems either assume non-Byzantine node failures or use only simulation/theoretical models to address the existence of Byzantine nodes. Theoretically, a decentralized system can effectively tolerate Byzantine characteristics of up to a certain fraction of the nodes. However, to achieve even that, the nodes need to interact extensively and share data with each other which makes it challenging for such solutions to get practically realized and produce outcomes in real-time, especially in resource-constrained IoT systems. In this work, we adopt Synchronous-Transmission based mechanisms and propose a framework ReLI to efficiently achieve Byzantine consensus in low-power IoT systems. We show that ReLI can operate up to 80% faster and consume up to 78% lesser radio-on time compared to the traditional implementation of the strategy in a publicly available IoT/WSN testbed containing 45 nodes.

Paper Reviews
Remark: The final draft incorporates several suggestions provided in the reviews.
  • Review 1:
    • What are major strengths?
      • The paper exhibits sufficient novelty.
      • The work is properly presented and the text is well-written.
      • Sufficient evaluation and technical depth are exhibited.
    • What are shortcomings?
      • There are no noteworthy drawbacks for this paper.
  • Review 2:
    • What are major strengths?
      • This paper proposes a framework ReLI to efficiently achieve Byzantine Consensus in Low-Power IoT-Systems.
      • The proposed scheme leverages Synchrous Transmission (ST) based communication mechanism among IoT devices.
      • The performance of the proposed scheme was evaluated by implementations in Cooja as well as IoT/WSN testbeds DCube and FlockLab composed of 45 and 24 TelosB motes, where the algorithms were implemented in Contiki OS for TelosB motes.
      • The paper shows that ReLI can operate up to 80% faster and consume up to 78% less radio-on time compared to the traditional implementation of the strategy in a publicly available IoT/WSN testbed containing 45 nodes.
    • What are shortcomings?
      • The performance analysis was done for relatively small number of IoT nodes, just up to 45 nodes. Analysis on scalability is required with increased IoT nodes.
  • Review 3:
    • What are major strengths?
      • This paper proposes a framework named ReLI to achieve Byzantine consensus in low-power IoT systems. Its performance is well demonstrated by implementation.
    • What are shortcomings?
      • Readability is low because of paper organization. For example, although Fig. 1 appears in p.5 (Section IV), it is referred in p.3 (Section III).
    • </details>

    Thesis: Towards Building Trustworthy Wireless Sensor Network

    15 May 2022 Publications

    A Step Towards Building Trustworthy Wireless Sensor Network (Synopsis)

    Himanshu Goyal

    (under guidance of Prof. Sudipta Saha)
    IIT Bhubaneswar (2020-2022)

    In this work, we conceptualize an Internet of Things (IoT) system as a vast network of low-power devices distributed over a large geographical area. Each device is capable of performing tasks, communicating with other devices, and operates under limited energy resources. We also take into account the possibility of some devices being manipulated by adversaries with intentions to gain control over the network or to cause the network to deviate from its intended function. The primary limitation of an IoT system is the resource constraints of the devices. However, we interpret the extensive number of devices in IoT as an advantage. We consider it as a highly distributed system and propose to offset the resource limitation in the devices with collaborative computing, where device-to-device communication is crucial. To effectively leverage the potential of such a large-scale network, we propose a shift from the traditional asynchronous transmission-based communication strategies to time-slotted parallel communication strategies. The primary focus of this research is to achieve Byzantine fault tolerance in IoT networks and to implement privacy-preserving data-aggregation among the participating nodes using the developed synchronous communication strategies.

    ZoneSync: Real-Time Identification of Zones in IoT-Edge.

    17 Apr 2022 Publications


    ZoneSync: Real-Time Identification of Zones in IoT-Edge.

    Manish Kaushik, Jagnyashini Debadarshini, Himanshu Goyal , Sudipta Saha.
    In Proceedings of the IEEE 15th International Conference on COMmunication Systems & NETworkS (COMSNETS), 2023, Bengaluru, India.

    Abstract: With the advancement in hardware technology, IoT-edge systems are getting well-equipped with a variety of types of sensing devices. The massive decentralized sensing capability of IoT-edge can be used not only for monitoring purposes but also for automated detection and even prediction of anomalous behavior in the area covered by the IoT-edge. However, as a prerequisite to anomaly detection, what is very essential is a clear understanding of the usual nature of the region where the IoT -edge system is deployed. The existing solutions in this direction mostly take the help of the cloud to serve the purpose. We endeavor to carry out the task of understanding the characteristics of the zones/regions in the edge itself through in-network distributed computing. In this work, we derive a simple lightweight strategy based on Synchronous-Transmission to enable every node in an IoT-edge to gain knowledge about the zone it belongs to and identify its surrounding zones in real-time. Through extensive simulation and testbed-based study, we show that our proposed solution can accomplish the goals quite accurately and up to 12.5 times faster than the traditional strategy.

    Paper Reviews Coming Soon!

    Multi-Party Computation in IoT for Privacy-Preservation

    10 Mar 2022 Publications


    Multi-Party Computation in IoT for Privacy-Preservation

    Himanshu Goyal, and Sudipta Saha
    Accepted in 42nd IEEE International Conference on Distributed Computing Systems (ICDCS), 2022, Bologna, Italy.

    Abstract: Preservation of privacy has been a serious concern with the increasing use of IoT-assisted smart systems and their ubiquitous smart sensors. To solve the issue, the smart systems are being trained to depend more on aggregated data instead of directly using raw data. However, most of the existing strategies for privacy-preserving data aggregation, either depend on computation-intensive Homomorphic Encryption based operations or communication-intensive collaborative mechanisms. Unfortunately, none of the approaches are directly suitable for a resource-constrained IoT system. In this work, we leverage the concurrent-transmission-based communication technology to efficiently realize a Multi-Party Computation (MPC) based strategy, the well-known Shamir's Secret Sharing (SSS), and optimize the same to make it suitable for real-world IoT systems.

    Paper Reviews
    Remark: The final draft incorporates several suggestions provided in the reviews.
  • Review 1:
    • What are major strengths?
      • The studied problem is important.
    • What are shortcomings?
      • The key novelty of this paper could be better elaborated.
  • Review 2:
    • What are major strengths?
      • It is relevant to this conference.
      • The presentation is good.
      • The performance of the proposed scheme was evaluated by implementations in Cooja as well as IoT/WSN testbeds DCube and FlockLab composed of 45 and 24 TelosB motes, where the algorithms were implemented in Contiki OS for TelosB motes.
      • The paper shows that ReLI can operate up to 80% faster and consume up to 78% less radio-on time compared to the traditional implementation of the strategy in a publicly available IoT/WSN testbed containing 45 nodes.
    • What are shortcomings?
      • In abstract, too many backgrounds are described.
      • In introduction, too many backgrounds are described. To the work of the author, it does not declare clearly.
      • In introduction, too much introductions are about SSS and MiniCast, but to how to integrate them are not clear.
      • There is not significant contribution of this work. It is just an attempt to integrate SSS and MiniCast, and the results show that it is just can afford few nodes. It is not practical.
    • </details>