Md Sajidul Islam Sajid

Assistant Professor
Department of Computer and Information Sciences, Towson University
Email:  msajid@towson.edu | Office: YR 456

Expertise: System Security, Malware Analysis, Cyber Deception, Threat Hunting and Intelligence & Data Analytics on Cybersecurity Data (logs, malware, CTI reports) »

Previous Employers

Forest
Mountains
Mountains
Mountains

I am seeking a motivated PhD student to join my Cybersecurity research group starting Spring/Fall 2025. Please review the Prospective Students section before reaching out.


Welcome! I am excited to join Towson University as an Assistant Professor in the Computer and Information Sciences department starting Fall 2023. I earned my Ph.D. in Software and Information Systems from the University of North Carolina at Charlotte, supervised by Dr. Jinpeng Wei, with co-advisement from Dr. Ehab Al-Shaer from Carnegie Mellon University. Previously, I worked for over 3.5 years as a Software Engineer, developing digital payment solutions, web applications, and automated test suites, delivering products used by thousands in Bangladesh, South Korea, and China.

My research focuses on System Security, Cyber Deception, and Data Analytics for Security, with a primary emphasis on Malware Analysis. I develop resilient systems to analyze and deceive malware through dynamic techniques like sandboxing, symbolic execution, and AI-powered reasoning. By applying machine learning, graph analysis, and text mining, I profile malware behaviors, map them to the MITRE ATT&CK framework, and extract deception parameters for systematic orchestration using methods like HoneyThings, API Hooking, and reinforcement learning. I also leverage Large Language Models (LLMs) to analyze malware behaviors from execution logs and event traces, enabling the design of deception systems to counter emerging threats. Additionally, my research extends to Threat Hunting and Threat Intelligence, applying AI and data analytics to proactively detect and mitigate cyber risks.

CV (PDF)»

Publications Google Scholar»


Grants More »

  • PI, 2025 Towson University Foundation Grants: CyberAI Curriculum Development for Integrated AI and Cybersecurity Education
  • Co-PI, 2024 NSF CyberCorps Scholarship for Service (Renewal) Grants: Workshops for Developing Knowledge Units in the CAE-AI Curriculum (award 1663184)
  • PI, 2024 Towson University Faculty Development & Research Committee Grants: Advancing Ransomware Detection using Cyber Deception

Courses More »

  • COSC439 Operating Systems
  • COSC440 Operating System Security
  • COSC481 Case Studies in Computer Security

Prospective Students

I am seeking dedicated Ph.D. candidates who are passionate about Cybersecurity research and wish to embark on their Ph.D. journey at Towson University, starting in Spring/Fall 2025. If you have a keen interest in Cybersecurity, specifically focusing on Malware Analysis, Defense Strategies, and Deception-based System Orchestration, I encourage you to contact me at msajid@towson.edu. Please include your CV/Resume, GRE/TOEFL Scores, and a statement outlining your motivation to pursue a Ph.D. RA positions are available.

Preferred Qualities in Prospective Students:

  • Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or a related field (required) with experience or a background in cybersecurity.
  • A Master's degree is strictly required.
  • Proficiency in C++ (required) with significant knowledge and hands-on experience, which is beneficial for malware analysis, reverse engineering, and system orchestration.
  • Research experience and prior publication(s) (required).
  • Strong drive to conduct impactful research in the Cybersecurity field (required).
  • Excellent problem-solving skills and a proactive approach.
  • Previous experience working with large datasets, analyzing insights, and utilizing ML/DL models for detection, prediction, and forecasting (preferred).
My current prioritized research areas are as follows:
  • Automated and Verifiable Deceptive System Orchestration through Systematic Planning: Cyber deception has always been a focal point of my research. One of the core challenges in orchestrating deceptive systems is understanding the system variables attackers rely on to achieve their goals. In the future, I will continue to work on effectively extracting deception parameters from malware or compromised systems using dynamic malware analysis and utilizing them to orchestrate deceptive environments. The next challenge lies in selecting optimal deception actions considering their effectiveness, costs, and overhead. Hence, I intend to combine active learning, such as reinforcement learning, with the deception planner to optimize deception planning. The outcome of this research will also enrich deception-based malware detection approaches.
  • Advanced Automated Dynamic Malware Analysis and Reasoning: This project focuses on enhancing automated dynamic malware analysis to combat stealthy cyber-attacks. Our objective is to develop a sophisticated analysis framework using AI-powered symbolic execution, targeting the high-level behaviors of malware. The goal is to overcome existing limitations and expedite the process by guiding execution towards malicious objectives. Additionally, we will automate information extraction and reasoning using AI, CTIO, and NLP, ensuring an efficient and effective analysis of evolving threats.
  • Leveraging LLM Models for Autonomous Understanding of Malware Behaviors and Designing Deception Systems: In this project, we aim to utilize Large Language Models (LLMs) like ChatGPT and employ prompt engineering techniques to comprehend malware behavior using diverse inputs such as malware execution logs, malicious subgraphs, and event logs. By leveraging LLMs' capabilities in understanding patterns and contextual information, we intend to extract actionable insights regarding malicious activities. Subsequently, we will utilize this knowledge to design and develop sophisticated deception-based systems that effectively counter attackers, enhancing cybersecurity measures in the evolving threat landscape.
Please note: If you are solely interested in ML/DL-based research, I kindly request that you refrain from contacting me. At present, I already have students dedicated to this area. Please reach out only if you are enthusiastic about system security and malware analysis.
While my ongoing projects focus on specific areas within cybersecurity, I am more than willing to explore and engage with proposals that may fall outside those projects but align with my expertise and knowledge. If you have a compelling research proposal that showcases creativity and innovation within the field of cybersecurity or related fields, I encourage you to reach out to me with a timeline and proposal. I am open to discussing potential collaborations and providing guidance to help bring your research vision to fruition.