I am a systems security and privacy researcher who investigates the risks that emerge when modern technologies are layered onto legacy infrastructure, and how to fix it before the consequences become irreversible. My work sits at the intersection of security, safety, and emerging technologies, with a particular focus on AI/ML-enabled medical devices, cloud-integrated industrial control systems, and large-scale networked applications.
Across industries, there is a recurring pattern: technologies introduced to improve efficiency, personalization, or scalability often invalidate long-standing threat models. During my PhD, I demonstrated how encrypted traffic, which was assumed to be safe, can still reveal sensitive user behavior at scale, influencing both public discourse and real-world deployments. In my current postdoctoral work at the University of British Columbia, I extend this systems-oriented approach to safety-critical domains, where similar blind spots can disrupt physical processes or directly endanger human lives.
I am motivated by a simple question: Can we make technological progress without systematically accumulating new security and privacy risks? My research combines rigorous threat modeling, empirical attack design, and practical mitigation strategies that satisfy real-world constraints such as latency, regulatory compliance, and deployment cost. I draw my motivation from engagement with industry practitioners, regulators, and interdisciplinary collaborators to ensure that security mechanisms are not only theoretically sound, but deployable and usable. This has led to tools and frameworks that help organizations reason about security risk from the early design stages, and with clearer cost–benefit trade-offs.
Publications
Security of Cloud-Connected ICS OT Networks
ICS-Sniper: A Targeted Blackhole Attack on Encrypted ICS Traffic
Gargi Mitra, Pritam Dash, Yingao Elaine Yao, Aastha Mehta, Karthik Pattabiraman. Link to paper
Security of AI/ML-Based Medical Devices
Systems-Theoretic and Data-Driven Security Analysis in ML-enabled Medical Devices
Gargi Mitra, Mohammadreza Hallajiyan, Inji Kim, Athish Pranav Dharmalingam, Mohammed Elnawawy, Shahrear Iqbal, Karthik Pattabiraman, Homa Alemzadeh. (Invited) Link to paper
Learning from the Good Ones: Risk Profiling-Based Defenses Against Evasion Attacks on DNNs
Mohammed Elnawawy, Gargi Mitra, Shahrear Iqbal, Karthik Pattabiraman. Link to paper [Acceptance rate: 64%]
MedAIScout: Automated Retrieval of Known Machine Learning Vulnerabilities in Medical Applications
Athish Pranav Dharmalingam, Gargi Mitra. Link to paper
SAM: Foreseeing Inference-Time False Data Injection Attacks on ML-enabled Medical Devices
Mohammadreza Hallajiyan, Athish Pranav Dharmalingam, Gargi Mitra, Homa Alemzadeh, Shahrear Iqbal, Karthik Pattabiraman. Link to paper [Acceptance rate: 57%]
Systematically Assessing the Security Risks of AI/ML-enabled Connected Healthcare Systems
Mohammad ElNawawy, Mohammadreza Hallajiyan, Gargi Mitra, Shahrear Iqbal, Karthik Pattabiraman. Link to paper [Acceptance rate: 28.4%]
Security of IoT Applications
Turnstile: Hybrid Information Flow Control Framework for Managing Privacy in Internet-of-Things Applications
Kumseok Jung, Mohanna Shahrad, Gargi Mitra, Karthik Pattabiraman. Link to paper [Acceptance rate: 17%]
ImmunoPlane: Middleware for Providing Adaptivity to Distributed Internet-of-Things Applications
Kumseok Jung, Mohanna Shahrad, Gargi Mitra, Karthik Pattabiraman. Link to paper [Acceptance rate: 36.7%]
Encrypted Traffic Analysis-Based Cyber Surveillance on Users of Web Applications
Snoopy: A Webpage Fingerprinting Framework with Finite Query Model for Mass-Surveillance
Gargi Mitra, Prasanna Karthik Vairam, Sandip Saha, Nitin Chandrachoodan, Kamakoti Veezhinathan. DOI: 10.1109/TDSC.2022.3222462 [Acceptance rate: 10-12%, Impact factor: 7.5] Link to paper
Depending on HTTP/2 for Privacy? Good Luck!
Gargi Mitra, Prasanna Karthik Vairam, Patanjali SLPSK, Nitin Chandrachoodan, Kamakoti Veezhinathan. DOI: 10.1109/DSN48063.2020.00044 [Acceptance rate: 16.5%] Link to paper
White Mirror: Leaking Sensitive Information from Interactive Netflix Movies using Encrypted Traffic Analysis
Gargi Mitra, Prasanna Karthik Vairam, Patanjali SLPSK, Nitin Chandrachoodan, Kamakoti Veezhinathan. DOI: 10.1145/3342280.3342330 [Acceptance rate: 55%] Link to paper
Other Collaborative Works
Towards Measuring Quality of Service in Untrusted Multi-Vendor Service Function Chains: Balancing Security and Resource Consumption
Prasanna Karthik Vairam, Gargi Mitra, Vignesh Manoharan, Chester Rebeiro, Bhaskar Ramamurthy, Kamakoti Veezhinathan. DOI: 10.1109/INFOCOM.2019.8737487 [Acceptance rate: 19.7%] Link to paper
ApproxBC: Blockchain Design Alternatives for Approximation-Tolerant Resource-Constrained Applications
Prasanna Karthik Vairam, Gargi Mitra, Chester Rebeiro, Bhaskar Ramamurthy, Kamakoti Veezhinathan. DOI: 10.1109/MCOMSTD.2018.1800021 Link to paper
Papers Under Review
ICS-Sniper: A Targeted Blackhole Attack on Encrypted ICS Traffic (Full version)
Gargi Mitra, Chayuan Liu, Pritam Dash, Yingao Elaine Yao, Alain Zhiyanov, Aastha Mehta, Karthik Pattabiraman.
SAMD: A Tool for Identifying False Data Injection Scenarios in AI/ML-enabled Medical Devices
Mohammadreza Hallajiyan, Xueren Ge, Gargi Mitra, Shahrear Iqbal, Homa Alemzadeh, Karthik Pattabiraman.
ROAST: Risk-aware Outlier-exposure for Adversarial Selective Training of Anomaly Detectors Against Evasion Attacks
Mohammed Elnawawy, Gargi Mitra, Shahrear Iqbal, Karthik Pattabiraman.
Connect
I'm actively seeking opportunities in cybersecurity research and innovation. Let's explore how we can collaborate.