Ph.D. (Computer Science, National University of Singapore)
M.Sc. (Computer Science, National University of Singapore)
B.Comp. (Computer Science, University of Indonesia)
651 68462

Research Areas

Research Interests

  • Mobile Security
  • Network and Web Security
  • Systems Security


Dr. Sufatrio is a Lecturer with the School of Computing (SoC) of the National University of Singapore (NUS). He obtained his M.Sc. and Ph.D. in Computer Science from SoC, NUS. Previously, he was a Scientist and Acting Lab Head of the Mobile Forensics & Security Lab, at the Cyber Security & Intelligence (CSI) Department, Institute for Infocomm Research (I2R), A*STAR. Prior to that, he was an Associate Scientist and then a Research Scientist with the Temasek Laboratories at the National University of Singapore (TL@NUS). He is interested in many areas of computer security, and have published numerous papers on systems, network and mobile security.

Current Projects

Selected Publications

  • Zhongmin Dai, Sufatrio, Tong-Wei Chua, Dinesh Kumar Balakrishnan, and Vrizlynn L. L. Thing, "Chat-App Decryption Key Extraction through Information Flow Analysis", 2nd Singapore Cyber Security R&D Conference (SG-CRC), Singapore, A Systems Approach to Cyber Security, Cryptology and Information Security Series, Vol. 15, pp. 3-18, IOS Press, February, 2017.

  • Vivek Balachandran*, Sufatrio*, Darell J.J. Tan, and Vrizlyn L.L. Thing, "Control Flow Obfuscation for Android Applications", Computers & Security, Vol. 61, pp. 72–93, August 2016 (*on equal contribution).

  • Sufatrio, Tong-Wei Chua, Darell J. J. Tan, and Vrizlynn L. L. Thing, "Accurate Specification for Robust Detection of Malicious Behavior in Mobile Environments", 20th European Symposium on Research in Computer Security (ESORICS '15), Vienna, Austria, LNCS Vol. 9327, Springer, 2015.

  • Sufatrio, Darell J. J. Tan, Tong-Wei Chua, and Vrizlynn L. L. Thing, " Securing Android: A Survey, Taxonomy, and Challenges", ACM Computing Surveys, Vol. 47, Issue 4, Article 58, May 2015.

  • Sufatrio and Roland H.C. Yap, "Quantifying the Effects of More Timely Certificate Revocation on Lightweight Mobile Devices", 3rd International Workshop on Security Measurements and Metrics (MetriSec '11), Alberta, Canada, 2011.

  • Sufatrio and Roland H.C. Yap, "Trusted Principal-Hosted Certificate Revocation", 5th IFIP WG 11.11 International Conference on Trust Management (IFIPTM '11), Copenhagen, Denmark, IFIP AICT Vol. 358, Springer, 2011.

  • Yongzheng Wu, Sufatrio, Roland H.C. Yap, Rajiv Ramnath, and Felix Halim, "Software Integrity Trust: A Survey and Lightweight Authentication System for Windows", book chapter, in Zheng Yan (ed.), Trust Modeling and Management in Digital Environments: From Social Concept to System Development, IGI Global, 2010.

  • Sufatrio, Roland H.C. Yap, "Extending BAN Logic for Reasoning with Modern PKI-based Protocols", IFIP International Workshop on Network and System Security (NSS '08), Shanghai, China, 2008.

  • Sufatrio and Roland H.C. Yap, "Improving Host-based IDS with Argument Abstraction to Prevent Mimicry Attacks", 8th International Symposium on Recent Advances in Intrusion Detection (RAID '05), Seattle, LNCS Vol. 3858, Springer, 2005.

  • Sufatrio, Roland, H.C. Yap, and Liming Zhong, "A Machine-Oriented Integrated Vulnerability Database for Automated Vulnerability Detection and Processing", 18th USENIX Large Installation System Administration (LISA '04), Atlanta, GA, 2004.

Awards & Honours

  • 2nd Singapore Cyber Security R&D Conference (SG-CRC), Singapore, Best Paper Award (2017).
  • 14th Digital Forensics Research Conference (DFRWS USA), Mobile Security & Forensics Challenge, Practitioner Category, 1st Place Winner (2014).

Teaching (2020/2021)

  • CS2107: Introduction to Information Security
  • CS4238: Computer Security Practice
  • IFS4103: Penetration Testing Practice
  • IFS4102: Digital Forensics