ASSET Research Group: Home

The ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design does focused research to enhance the safety, security and efficiency of Hardware/Software Systems.

We are always looking for researchers at all levels (Bachelor, Masters, PhD) to enrich the scientific activities in the group. For Post-doc positions, take a look at the individual research projects for opening. If you wish to join our group, contact Sudipta Chattopadhyay email: sudipta_chattopadhyay@sutd.edu.sg directly with your CV.

News

March 05, 2025

NEW: Sudipta joins the Editorial Board of ACM Computing Surveys (Core Rank: A*, Impact Factor: 23.8) and IEEE Transactions on Software Engineering (Core Rank: A*, Impact Factor: 6.5).
October 31, 2024

NEW: Our 5Ghoul DEFCON32 slides from August 10 are available here.
July 15, 2024

Matheus Garbelini wins the 2021-2023 Outstanding PhD Thesis Award at the University level. Matheus is the third PhD student graduating from the ASSET group, first one to win the award in Cybersecurity research and also the first one from our group. Congratulations!!!
June 24, 2024

5Ghoul going to Vegas. We will present 5Ghoul at DEFCON32 demo labs. Join us to see the ghost (ghoul) at work on August 10 at 10am (W305 - Third Floor - LVCC West Hall).
May 10, 2024

5Ghoul bugs so far have been awarded 36,000 USD bug bounty from MediaTek and Qualcomm. Moreover, seven out of the 12 5Ghoul flaws are rated with High severity. Read our journey in the ISTD research highlights.
December 10, 2023

The 5Ghoul family of vulnerabilities has been featured by Channel News Asia via an interview with Matheus E. Garbelini -- the PhD student whose thesis research resulted the discovery.
December 08, 2023

Today we released 5Ghoul -- a family of 5G implementation vulnerabilities (10 CVEs) that affect 5G cellular baseband modems from major vendors i.e., Qualcomm and MediaTek. We demonstrate concrete exploitation of 5Ghoul vulnerabilities to continuously launch attacks to drop the connections, freeze the connection that involves manual reboot or downgrade the 5G connectivity to 4G. Based on the Kimovil listings and December security bulletin from Qualcomm and MediaTek, we (under)-estimate that over 710 different smartphone models (with 626 phones having 5G capability enabled) to be affected along with other 5G IoT devices. If you are a 5G module or device maker, or simply interested in 5G research, feel free to read the 5Ghoul Disclosure and get back to us via contact@5ghoul.com for any question. The exploit code and fuzzing tool for 5Ghoul is open source for research and experimentation.