I am a security researcher, currently part of SAP’s Product Security team. I am working on various topics around secure software development lifecycle, including static and dynamic security testing, security of (agentic) AI applications, secure development with AI coding agents, and security-relevant logging.

I have a wide range of research interests including enterprise & web security, active defense, anomaly and fraud detection, and human factors in cyber-security. I have created the AD&D Workshop in 2022, to promote active defense and deception as an additional security layer.

Previously, I obtained my PhD in the Software&System Security (S3) group at EURECOM, where I also worked as a postdoctoral researcher. My PhD research focused on telecommunications fraud, and I had the opportunity to present my work in various academic conferences (such as ACM CCS, NDSS, SOUPS), and also industry-recognized venues (such as GSMA Fraud&Security group, M3AAWG, 35C3).

Publications

• Towards Understanding and Improving Security-Relevant Web Application Logging
  M. Sahin, N. Daniele., In Proceedings of the ACM Asia Conference on Computer and Communications Security (ASIA CCS) 2024.

• The Hitchhiker’s Guide to Malicious Third-Party Dependencies
  P. Ladisa, M. Sahin, S. Ponta, M. Rosa, M. Martinez, O. Barais., In Proceedings of the ACM CCS Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED) 2023.

• Simulating Deception for Web Applications Using Reinforcement Learning
  A. Kvasov, M. Sahin, C. Hebert, A. Santana de Oliveira. In proceedings of the SECAI workshop co-located with ESORICS 2023.

• An Approach to Generate Realistic HTTP Parameters for Application Layer Deception
  M. Sahin, C. Hebert, R. Cabrera Lozoya., In proc. of the 20th International Conference on Applied Cryptography and Network Security (ACNS) 2022.

• Measuring developers’ web security awareness from attack and defense perspectives
  M. Sahin, T. Ünlü, C. Hébert, L.A. Shepherd, N. Coull, C. Mc Lean. In Proceedings of the IEEE EuroS&P 3rd Workshop on Designing Security for the Web (SecWeb) 2022.

• Understanding and Detecting International Revenue Share Fraud
  M. Sahin, A. Francillon. Network and Distributed System Security Symposium (NDSS) 2021.

• A preliminary study on the adoption and effectiveness of SameSite cookies as a CSRF defence
  J. M. Kroschewski, L. Compagna, H. Jonker, B. Krumnow, M. Sahin. In Proceedings of the IEEE EuroS&P 2nd Workshop on Designing Security for the Web (SecWeb) 2021.

• Lessons Learned from SunDEW: A Self Defense Environment for Web Applications
  M. Sahin, C. Hebert, A. Santana de Oliveira., In Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb’20) co-located with NDSS’20.

• Une approche configurationnelle des leurres conversationnels
  M. Relieu, M. Sahin, A. Francillon. Réseaux, La Découverte, 2020, Ethnographies des agents conversationnels, 220-221 (2), pp.81-11.

• On the effectiveness of National Do-Not-Call lists
  M. Sahin, A. Francillon. In Workshop on Technology and Consumer Protection co-located with the IEEE Symposium on Security and Privacy (ConPro) 2018.

• Using chatbots against voice spam: Analyzing Lenny’s effectiveness
  M. Sahin, M. Relieu, A. Francillon., In Proceedings of the 2nd IEEE Symposium on Usable Privacy and Security (SOUPS) 2017.

• SOK: Fraud in telephony networks
  M. Sahin, A. Francillon, P. Gupta, and M. Ahamad. In Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroSP’17).

• Over-The-Top bypass: Study of a recent telephony fraud
  M. Sahin, A. Francillon. In Proceedings of the 23rd ACM conference on Computer and communications security (CCS) 2016.

Academic Service

Organizing Committee

• Co-Chair of Active Defense & Deception (AD&D) Workshop
  co-located with IEEE EuroS&P 2022-2025

Program Committee

• USENIX Security: 2024, 2023, 2021
• NDSS: 2024
• ACM CCS : 2026, 2023, 2022, 2021
• RAID: 2025, 2023, 2022, 2021
• IEEE SecDev: 2025
• ESORICS: 2022
• MADWeb: 2025
• WiSec 2018-2020, 2022
• WiSec Poster&Demo Co-chair: 2020, 2021, 2023
• ConPro 2018-2023
• SecWeb 2021

Talks & Teaching

• Invited talk at SophIA Summit, 2025.
• Invited talk at TRUSTNET Workshop, 2023.
• Lightning talk at IARPA ReSCIND Proposers’ day, 2023.
• Guest lecture at EURECOM, 2019-2026.
• Guest lecture at North Carolina State University, 2021.
• Invited talk at GSMA Fraud and Security Group, 2021.
• Talk “Exploring Fraud in Telephony Networks” at Chaos Congress Club (35C3) 2018.
• Panelist at RAG (Risk & Assurance Group) meeting, 2017.
• Invited talk at TROOPERS Telco Security Day, 2017.
• Presentations at M3AAWG Voice and Telephony Abuse SIG Workshops, 2014, 2015 & 2016.

Media Coverage

• Fraud on the line, IMT science and technology news.

• Phone fraudsters are stealing billions each year through a scheme known as IRSF, Catalin Cimpanu, ZDNet.

• Phone-based fraud scheme IRSF is stealing billions each year, Cyware Hacker News.

• Academics Recommend Mix of Machine Learning and Premium Rate Number Monitoring to Detect IRSF, Eric Priezkalns, CommsRisk.

• Bonjour, c’est Lenny !, Alex Perekalin, Kaspersky daily.

Other

• Finalist in SAP.iO Intrapreneurship Program’22, participation to the 2-weeks Accelerator training phase.