devdatta akhawe  beta

hi

New! I am looking for a job! Here's my CV.

I am a first second third fourth *gulp* fifth year graduate student in Computer Science at UC Berkeley interested in security. I am part of Dawn Song's research group. The best way to contact me is over email: evil@berkeley.edu.

In the past, I have interned at Mozilla, Microsoft (MSRC), Yahoo! Labs and Microsoft Research. I have a Bachelor's degree in Computer Science from BITS Pilani. I can be found at various places on the internet. In my spare time, I volunteer at Asha for Education, Berkeley where I am the the steward for Guria. Please consider donating! I also have a very hard to pronounce name.

research

I am interested in security and reliability of software. Most of my research has focussed on web application security.

Data-confined HTML5 Applications   pdf
Devdatta Akhawe, Frank Li, Warren He, Prateek Saxena, Dawn Song
European Symposium on Research in Computer Security (ESORICS), London, 2013.
Alice in Warningland:
A Large-Scale Field Study of Browser Security Warning Effectiveness   pdf   slides
Devdatta Akhawe, Adrienne Porter Felt
Usenix Security Symposium, Washington DC, 2013.
An Empirical Study of Vulnerability Rewards Programs   pdf   slides
Matthew Finifter, Devdatta Akhawe, David Wagner
Usenix Security Symposium, Washington DC, 2013.
Here's My Cert, So Trust Me, Maybe? Understanding TLS Errors on the Web   pdf   slides
Devdatta Akhawe, Bernhard Amann, Matthias Vallentin, Robin Sommer
World Wide Web Conference (WWW), Rio De Janerio, 2013.
How to Ask for Permission   pdf   slides
Adrienne Porter Felt, Serge Egelman, Matthew Finifter, Devdatta Akhawe, David Wagner
Hot Topics in Security (HotSec), Bellevue 2012.
Privilege Separation for HTML5 Applications   pdf   slides
Devdatta Akhawe, Prateek Saxena, Dawn Song
21st Usenix Security Symposium, Bellevue 2012.
Product Labels for Mobile Application Markets   pdf   slides
Devdatta Akhawe, Matthew Finifter
Mobile Security Technologies, San Francisco 2012.
A Systematic Analysis of XSS Sanitization in Web Application Frameworks   pdf   slides
Joel Weinberger, Prateek Saxena, Devdatta Akhawe, Matthew Finifter, Dawn Song
16th European Symposium on Research in Computer Security (ESORICS), Leuven 2011.
Do You Know Where Your Data Are?
Secure Data Capsules for Deployable Data Protection   pdf   slides
Petros Maniatis, Devdatta Akhawe, Kevin Fall, Elaine Shi, Stephen McCamant, Dawn Song
13th Workshop on Hot Topics in Operating Systems (HotOS), Napa 2011.
Towards a Formal Foundation of Web Security   pdf   slides
Devdatta Akhawe, Adam Barth, Peifung Eric Lam, John Mitchell, Dawn Song
23rd IEEE Computer Security Foundations Symposium (CSF), Edinburgh 2010.
A Symbolic Execution Framework for JavaScript   pdf   slides
Prateek Saxena, Devdatta Akhawe, Steve Hanna, Stephen McCamant, Feng Mao, Dawn Song
31st IEEE Symposium on Security and Privacy, Oakland 2010.
Winner of AT&T Best Applied Security Research Paper award at CSAW
The Emperor’s New API: On the (In)Secure Usage of New Client Side Primitives   pdf   slides
Steve Hanna, Richard Shin, Devdatta Akhawe, Prateek Saxena, Arman Boehm, Dawn Song
4th Web 2.0 Security and Privacy Workshop, Oakland 2010.

etc

I have been hacking over a simple tool to check for common errors in academic writing. If you use it, I would appreciate feedback/comments/patches.

I was czaring the Security Reading Group at Berkeley. Kevin is now in charge.

The Web Security model project I worked on is now opensource.

Kaluza, a tool I worked on, is now available to play with online. During this work, I also wrote a tool to convert Perl compatible regular expressions to the Hampi string solver input format. It is now part of the Hampi codebase.