Hi! This is Mohammad^#, a postdoctoral researcher in Information Security at KTH in Sweden, working with Musard Balliu. Before joining KTH in January 2025, I was a postdoctoral researcher at Chalmers, where I also completed my PhD under the supervision of Andrei Sabelfeld and Daniel Hedin in August 2024. Earlier in my academic journey, I lived at Amirkabir (Tehran Polytechnic) for 8 years (BSc in Software Engineering, MSc in Information Security, and PhD candidate in Software Engineering), all supervised by Mehran S. Fallah. Since then, I have been pursuing my passion for:

• Language-Based Security
• Program Analysis
• Information-Flow Security
• Programming Languages

^{# my full name is Seyed Mohammad Mehdi Ahmadpanah (in Persian: سید محمدمهدی احمدپناه), and here is my voice pronouncing my name:}

Publications

1. CodeX: Contextual Flow Tracking for Browser Extensions, CODASPY’25 [pdf]
   Mohammad M. Ahmadpanah, Matías F. Gobbi, Daniel Hedin, Johannes Kinder, and Andrei Sabelfeld
2. Language-Based Security and Privacy in Web-driven Systems, PhD thesis, 2024 [pdf] [video] [slides]
   Supervisor: Andrei Sabelfeld, Co-supervisor: Daniel Hedin, Opponent: Deian Stefan, Examiner: David Sands, Grading committee: Benjamin Nguyen, Melek Önen, Simin Nadjm-Tehrani, and Magnus Almgren
3. LazyTAP: On-Demand Data Minimization for Trigger-Action Applications, S&P’23 [pdf] [teaser] [flyer] [video]
   Mohammad M. Ahmadpanah, Daniel Hedin, and Andrei Sabelfeld
4. Securing Software in the Presence of Third-Party Modules, Licentiate thesis, 2021 [pdf] [video]
   Supervisor: Andrei Sabelfeld, Co-supervisor: Daniel Hedin, Opponent: Deian Stefan, Examiner: David Sands
5. Securing Node-RED Applications, Protocols, Strands, and Logic: Festschrift in honor of Joshua Guttman’21 [pdf] [video]
   Mohammad M. Ahmadpanah, Musard Balliu, Daniel Hedin, Lars Eric Olsson, and Andrei Sabelfeld
6. Nontransitive Policies Transpiled, EuroS&P’21 [pdf] [short talk] [video]
   Mohammad M. Ahmadpanah, Aslan Askarov, and Andrei Sabelfeld
7. SandTrap: Securing JavaScript-driven Trigger-Action Platforms, USENIX Security’21 [pdf] [flyer] [video]
   Mohammad M. Ahmadpanah, Daniel Hedin, Musard Balliu, Lars Eric Olsson, and Andrei Sabelfeld
8. Improving Multi-Execution-based Mechanisms for Enforcing Information Flow Policies, Master’s thesis, 2017 [pdf]
   Supervisor: Mehran S. Fallah, Opponents: Mehdi Shajari and Ramtin Khosravi
9. Dynamic Enforcement of Security Hyperproperties: A Survey, Technical report, 2016 [pdf]
   Supervisor: Mehran S. Fallah
10. A Tool for Rewriting-Based Enforcement of Noninterference in While Programs, Bachelor’s thesis, 2015 [pdf]
    Supervisor: Mehran S. Fallah, Opponent: MohammadReza Razzazi

Teaching

KTH

• PhD co-supervision (Differential Vulnerability Analysis on Programs)
• Master's thesis supervision (Improving Call Graph-based Javascript Application Vulnerability Scanning Through Taint Analysis)
• Language-Based Security (Graduate)
• Computer Security (Graduate)

Chalmers

• Master's thesis supervision (Securing Electronic Exam Environments)
• Language-Based Security (Graduate)
• Finite Automata and Formal Languages
• Programming Language Technology (Graduate)

Amirkabir

• Advanced Programming (Course Responsible)
• Operating Systems Lab (Course Responsible)
• Computer Lab (Course Responsible)
• Discrete Mathematics
• Design of Programming Languages
• Data Structures
• Principles of Compiler Design
• Computer Networks II
• Information Storage and Retrieval
• Software Engineering I
• Computer Architecture

Honors and Activities

Professional Activities

• Program Committee member of SecDev’26, PST’26, PLAS’24, and FCS’24
• External Reviewer of the top-tier conferences and workshops CCS’26, USENIX Security’26, CSF’26, CCS’25, USENIX Security’25, S&P’25, WWW’25, MADWeb’25, S&P’24, USENIX Security’24, WWW’24, CCS’23, USENIX Security’23, CSF’22, EuroS&P’22, S&P’21, CSF’20, EuroS&P’20, and CCS’19
• Artifact Evaluation Committee member of TACAS’25
• Co-Organizer of Chalmers Security & Privacy Seminars, Chalmers, September 2022 - December 2024

Research Visits

• Invited speaker of Chalmers Security & Privacy Seminars and research visitor hosted by Andrei Sabelfeld, May 2025
• Invited speaker of ETH Information Security Talks and research visitor hosted by David Basin, February 2024
• Research visitor at Google Zurich hosted by Santiago Diaz, February 2024
• Invited speaker of Inria SPLiTS Seminars and research visitor hosted by Tamara Rezk, February 2024
• Speaker and research visitor at Amirkabir (Tehran Polytechnic) and Sharif universities, January 2024
• Invited speaker of KTH Security and Theoretical CS Seminars and research visitor hosted by Musard Balliu, February 2023
• Research visitor at Mälardalen University, hosted by Daniel Hedin, September and October 2023

Talks

• Speaker at ShiftLeft workshop, 2025
• Speaker at CyberSecIT and ShiftLeft workshops, 2024
• Poster presenter and participant of CCS’23, November 2023
• Poster presenter and participant of Seminar on Navigating the Cybersecurity Landscape, October 2023
• Poster presenter and participant of SPLiTS Security Workshop, September 2023
• Short talk speaker at CSF’20 and CSF’23
• PhD Forum Speaker at FOSAD’22
• Session Chair and Speaker at SWITS’22
• Poster presenter and participant of Google Compiler and Programming Language Summit, December 2019

Honors

• Member of LangSec group, January 2025 - now
• Recipient of the Adlerbert Foreign Student Hospitality Foundation scholarship, 2021, 2022, 2023, and 2024
• Rewarded Bug Bounties for responsibly disclosing Code Injection and JS Sandbox Breakout vulnerabilities on IFTTT, 2020 and 2023
• Fellow of Student Activities committee (2022-2023) and Member of The Iranian Society of Engineering Education, since 2020
• Member of WebSec projects, and Chalmers Security Lab, September 2019 - January 2025
• The 2nd place among PhD students of the department, Amirkabir, 2018 and 2019
• The Best Teaching Assistant and Lab Instructor of the department, Amirkabir, 2016, 2017 and 2019
• Scientific Talent by the National Elite Foundation of Iran, 2018
• Top 3% among Course Responsibles, Amirkabir, Spring 2018
• The 1st place among Master’s students in Information Security, 2016 and 2017
• Recipient of the Outstanding Graduate Student Scholarship, Amirkabir, 2016
• Direct Admission for Master and PhD studies, Amirkabir, 2015 and 2017
• The Youngest Course Responsible (at age 22), Lab Instructor (at age 20) and Teaching Assistant (at age 16), Amirkabir
• Member of Formal Security Lab, Amirkabir, September 2015 - September 2019
• Member of the university team for the National Scientific Olympiad in Computer Engineering, Amirkabir, 2014
• Skipped Three grades of Elementary School as an Exceptional Talent, 2002