Publications

2026

“I Wonder if These Warnings Are Accurate”: Security and Privacy Advice in Nine Majority World Countries
Collins W. Munyendo, Veronica A. Rivera, Jackie Hu, Emmanuel Tweneboah, Amna Shahnawaz, Karen Sowon, Dilara Kekulluoglu, Marcos Silva, Yue Deng, Mercy Omeiza, Gayatri Priyadarsini Kancherla, Maria Rosario Niniz Silva, Maryam Mustafa, Abhishek Bichhawat, Francisco Marmolejo-Cossio, Elissa M. Redmiles, Yixin Zou
47th IEEE Symposium on Security and Privacy (Oakland), May 2026

2025

Fall-through Semantics for Mitigating Timing-based Side Channel Leaks
Aniket Mishra and Abhishek Bichhawat
45th IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS), December 2025

Johnny can’t revoke consent either: measuring compliance of consent revocation on the web
GP Kancherla, N Bielova, C Santos, A Bichhawat
Proceedings on Privacy Enhancing Technologies, July 2025

How Usable is Consent Withdrawal on the Web? UI Requirements and Expert Evaluation
S Ahuja, GP Kancherla, CT Santos, N Bielova, A Bichhawat
HAL open science, 2025

On the Prevalence and Usage of Commit Signing on GitHub: A Longitudinal and Cross-Domain Study
A Sharma, S Karmakar, GP Kancherla, A Bichhawat
Evaluation and Assessment in Software Engineering (EASE) 2025, June 2025

Least Privilege Access for Persistent Storage Mechanisms in Web Browsers
GP Kancherla, D Goel, A Bichhawat
Proceedings of the ACM on Web Conference 2025, April 2025

A Unified Browser-Based Consent Management Framework
GP Kancherla, A Bichhawat
47th International Conference on Software Engineering: New Ideas and Emerging Results (ICSE-NIER), April 2025

Worst-Case Response Time Analysis for Periodic Programs with Nested Locks
HM Ramolia, SS Kanawade, A Bichhawat
Proceedings of the 18th Innovations in Software Engineering Conference, February 2025

2024

Online Authentication Habits of Indian Users
P Choudhary, S Das, MP Potta, P Das, A Bichhawat
2024 Conference on Building a Secure & Empowered Cyberspace (BuildSEC), December 2024

Web Privacy Perceptions Amongst Indian Users
G Priyadarsini, A Saxena, A Dey, Prakriti, A Bichhawat
International Conference on Information Systems Security, December 2024

2023

Tainted Secure Multi-Execution to Restrict Attacker Influence
MK McCall, A Bichhawat, L Jia
Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, November 2023

Layered Symbolic Security Analysis in
Karthikeyan Bhargavan, Abhishek Bichhawat, Pedram Hosseyni, Ralf Küsters, Klaas Pruiksma, Guido Schmitz, Clara Waldmann, Tim Würtele
European Symposium on Research in Computer Security, September 2023

Towards Usable Security Analysis Tools for {Trigger-Action} Programming
McKenna McCall, Eric Zeng, Faysal Hossain Shezan, Mitchell Yang, Lujo Bauer, Abhishek Bichhawat, Camille Cobb, Limin Jia, Yuan Tian
Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023), August 2023

2022

Compositional information flow monitoring for reactive programs
MK McCall, A Bichhawat, L Jia
2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P), June 2022

Noise: A library of verified high-performance secure channel protocol implementations
S Ho, J Protzenko, A Bichhawat, K Bhargavan
2022 IEEE Symposium on Security and Privacy (SP), May 2022

2021

An in-depth symbolic security analysis of the ACME standard
Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Tim Würtele
Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, November 2021

A Tutorial-Style Introduction to DY*
Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Tim Würtele
Protocols, Strands, and Logic: Essays Dedicated to Joshua Guttman on the Occasion of his 66.66 th Birthday, November 2021

DY*: A Modular Symbolic Verification Framework for Executable Cryptographic Protocol Code
Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Tim Würtele
2021 IEEE European Symposium on Security and Privacy (EuroS&P), September 2021

SAFETAP: An efficient incremental analyzer for trigger-action programs
McKenna McCall, Faysal Hossain Shezan, Abhishek Bichhawat, Camille Cobb, Limin Jia, Yuan Tian, Cooper Grace, Mitchell Yang
Carnegie Mellon University, 2021

Gradual security types and gradual guarantees
A Bichhawat, MK McCall, L Jia
2021 IEEE 34th Computer Security Foundations Symposium (CSF), June 2021

Permissive runtime information flow control in the presence of exceptions
A Bichhawat, V Rajani, D Garg, C Hammer
Journal of Computer Security 29 (4), 2021

DY⋆ Code Repository
Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Pedram Hosseyni, Ralf Küsters, Guido Schmitz, Tim Würtele
URL: https://github. com/reprosec/dolev-yao-star, 2021

Automating Audit with Policy Inference
A Bichhawat, M Fredrikson, J Yang
2021 IEEE 34th Computer Security Foundations Symposium (CSF), June 2021

2020

Contextual and granular policy enforcement in database-backed applications
A Bichhawat, M Fredrikson, J Yang, A Trehan
Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, 2020

First-order Gradual Information Flow Types with Gradual Guarantees
A Bichhawat, MK McCall, L Jia
arXiv preprint arXiv:2003.12819, 2020

2017

WebPol: Fine-grained information flow policies for web browsers
A Bichhawat, V Rajani, J Jain, D Garg, C Hammer European Symposium on Research in Computer Security, 2017

Practical dynamic information flow control
A Bichhawat Saarländische Universitäts-und Landesbibliothek, 2017

2015

Information flow control for event handling and the DOM in web browsers
V Rajani, A Bichhawat, D Garg, C Hammer
2015 IEEE 28th Computer Security Foundations Symposium, 2015

Post-dominator analysis for precisely handling implicit flows
A Bichhawat
IEEE/ACM 37th IEEE International Conference on Software Engineering, May 2015

2014

Information flow control in WebKit’s JavaScript bytecode
A Bichhawat, V Rajani, D Garg, C Hammer
International conference on principles of security and trust, April 2014

Generalizing permissive-upgrade in dynamic information flow analysis
A Bichhawat, V Rajani, D Garg, C Hammer
Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security, July 2014

Exception handling for dynamic information flow control
A Bichhawat Companion Proceedings of the 36th International Conference on Software …, May 2014

2011

Security architecture for virtual machines
U Tupakula, V Varadharajan, A Bichhawat
International Conference on Algorithms and Architectures for Parallel …, October 2011

Proactive Fault Tolerance Technique for a Mobile Grid Environment
A Bichhawat, RC Joshi
International Conference on Advances in Computing and Communication, 2011

2010

A survey on issues in mobile grid computing
A Bichhawat, RC Joshi
Int J Recent Trends Eng. Technol 4 (2), 2010

Misc.

Restricting Attacker Influence in Reactive Programs with Dynamic Secrets
MK McCall, A Bichhawat, L Jia
Carnegie Mellon University

Poster: Security in Web-Based Workflows
Thomas Bauereiß, Abhishek Bichhawat, Iulia Bolosteanu, Peter Faymonville, Bernd Finkbeiner, Deepak Garg, Richard Gay, Sergey Grebenshchikov, Christian Hammer, Dieter Hutter, Ondrej Kuncar, Peter Lammich, Heiko Mantel, Christian Müller, Andrei Popescu, Markus Rabe, Vineet Rajani, Helmut Seidl, Markus Tasch, Leander Tentrup

Status Report: Formal Analysis of Web Security
K Bhargavan, A Bichhawat, QH Do, D Fett, R Küsters, G Schmitz