Mohammad M. Ahmadpanah

Hi! This is Mohammad^#, a postdoctoral researcher in Information Security at KTH in Sweden, working with Musard Balliu. Before joining KTH in January 2025, I was a postdoctoral researcher at Chalmers, where I also completed my PhD under the supervision of Andrei Sabelfeld and Daniel Hedin in August 2024. Earlier in my academic journey, I lived at Amirkabir (Tehran Polytechnic) for 8 years (BSc in Software Engineering, MSc in Information Security, and PhD candidate in Software Engineering), all supervised by Mehran S. Fallah. Since then, I have been pursuing my passion for:

Language-Based Security
Program Analysis
Information-Flow Security
Programming Languages

Publications

CodeX: Contextual Flow Tracking for Browser Extensions, CODASPY’25 [pdf]
Mohammad M. Ahmadpanah, Matías F. Gobbi, Daniel Hedin, Johannes Kinder, and Andrei Sabelfeld
Language-Based Security and Privacy in Web-driven Systems, PhD thesis, 2024 [pdf] [video] [slides]
Supervisor: Andrei Sabelfeld, Co-supervisor: Daniel Hedin, Opponent: Deian Stefan, Examiner: David Sands, Grading committee: Benjamin Nguyen, Melek Önen, Simin Nadjm-Tehrani, and Magnus Almgren
LazyTAP: On-Demand Data Minimization for Trigger-Action Applications, S&P’23 [pdf] [teaser] [flyer] [video]
Mohammad M. Ahmadpanah, Daniel Hedin, and Andrei Sabelfeld
Securing Software in the Presence of Third-Party Modules, Licentiate thesis, 2021 [pdf] [video]
Supervisor: Andrei Sabelfeld, Co-supervisor: Daniel Hedin, Opponent: Deian Stefan, Examiner: David Sands
Securing Node-RED Applications, Protocols, Strands, and Logic: Festschrift in honor of Joshua Guttman’21 [pdf] [video]
Mohammad M. Ahmadpanah, Musard Balliu, Daniel Hedin, Lars Eric Olsson, and Andrei Sabelfeld
Nontransitive Policies Transpiled, EuroS&P’21 [pdf] [short talk] [video]
Mohammad M. Ahmadpanah, Aslan Askarov, and Andrei Sabelfeld
SandTrap: Securing JavaScript-driven Trigger-Action Platforms, USENIX Security’21 [pdf] [flyer] [video]
Mohammad M. Ahmadpanah, Daniel Hedin, Musard Balliu, Lars Eric Olsson, and Andrei Sabelfeld
Improving Multi-Execution-based Mechanisms for Enforcing Information Flow Policies, Master’s thesis, 2017 [pdf]
Supervisor: Mehran S. Fallah, Opponents: Mehdi Shajari and Ramtin Khosravi
Dynamic Enforcement of Security Hyperproperties: A Survey, Technical report, 2016 [pdf]
Supervisor: Mehran S. Fallah
A Tool for Rewriting-Based Enforcement of Noninterference in While Programs, Bachelor’s thesis, 2015 [pdf]
Supervisor: Mehran S. Fallah, Opponent: MohammadReza Razzazi

Teaching

KTH:

Language-Based Security (Graduate)

Chalmers:

Master's thesis supervision (Securing Electronic Exam Environments)
Language-Based Security (Graduate)
Finite Automata and Formal Languages
Programming Language Technology (Graduate)

Amirkabir:

Advanced Programming (Course Responsible)
Operating Systems Lab (Course Responsible)
Computer Lab (Course Responsible)
Discrete Mathematics
Design of Programming Languages
Data Structures
Principles of Compiler Design
Computer Networks II
Information Storage and Retrieval
Software Engineering I
Computer Architecture

Honors and Activities

External Reviewer of the top-tier conferences and workshops CCS’25, USENIX Security’25, S&P’25, WWW’25, MADWeb’25, S&P’24, USENIX Security’24, WWW’24, CCS’23, USENIX Security’23, CSF’22, EuroS&P’22, S&P’21, CSF’20, EuroS&P’20, and CCS’19
Artifact Evaluation Committee member of TACAS’25
Program Committee member of PLAS’24 and FCS’24
Invited speaker of ETH Information Security Talks and research visitor hosted by David Basin, February 2024
Invited speaker of Inria SPLiTS Seminars and research visitor hosted by Tamara Rezk, February 2024
Speaker at CyberSecIT and ShiftLeft workshops, 2024
Speaker and research visitor at Amirkabir (Tehran Polytechnic) and Sharif universities, January 2024
Recipient of the Adlerbert Foreign Student Hospitality Foundation scholarship, 2021, 2022, 2023, and 2024
Rewarded Bug Bounties for responsibly disclosing Code Injection and JS Sandbox Breakout vulnerabilities on IFTTT, 2020 and 2023
Poster presenter and participant of CCS’23, November 2023
Poster presenter and participant of Seminar on Navigating the Cybersecurity Landscape, October 2023
Poster presenter and participant of SPLiTS Security Workshop, September 2023
Short talk speaker at CSF’20 and CSF’23
Invited speaker of KTH Security and Theoretical CS Seminars and research visitor hosted by Musard Balliu, February 2023
Research visitor at Mälardalen University, hosted by Daniel Hedin, September and October 2023
Co-Organizer of Chalmers Security & Privacy Seminars, Chalmers, September 2022 - December 2024
PhD Forum Speaker at FOSAD’22
Session Chair and Speaker at SWITS’22
Fellow of Student Activities committee (2022-2023) and Member of The Iranian Society of Engineering Education, since 2020
Poster presenter and participant of Google Compiler and Programming Language Summit, December 2019
Member of WebSec projects, and Chalmers Security Lab, September 2019 - January 2025
The 2nd place among PhD students of the department, Amirkabir, 2018 and 2019
The Best Teaching Assistant and Lab Instructor of the department, Amirkabir, 2016, 2017 and 2019
Scientific Talent by the National Elite Foundation of Iran, 2018
Top 3% among Course Responsibles, Amirkabir, Spring 2018
The 1st place among Master’s students in Information Security, 2016 and 2017
Recipient of the Outstanding Graduate Student Scholarship, Amirkabir, 2016
Direct Admission for Master and PhD studies, Amirkabir, 2015 and 2017
The Youngest Course Responsible (at age 22), Lab Instructor (at age 20) and Teaching Assistant (at age 16), Amirkabir
Member of Formal Security Lab, Amirkabir, 2015 - 2019
Member of the university team for the National Scientific Olympiad in Computer Engineering, Amirkabir, 2014
Skipped Three grades of Elementary School as an Exceptional Talent, 2002