Mohamad El Hajj

Researcher, Programmer, Hiker and Calisthenics Athlete.

I am a Software Engineer at Very Good Security. I work on building the products and services that enable customers to compute securely on their data.

I received my M.S. in Electrical and Computer Engineering at the Univeristy of Illinois at Urbana-Champaign, advised by Professor Christopher Fletcher, and my B.E. in Computer and Communications Engineering at the American University of Beirut, where I graduated with High Distinction.

My interests are in system security, web security, binary analysis, and reverse engineering.

Research and Work Experience

Very Good Security Inc.

Mar '21 -- present
Software Engineer, Core Services Team
Security and Privacy Research at Illinois (SPRAI), UIUC

Jan '19 -- Dec '20
Research Assistant, Prof. Christopher Fletcher
Very Good Security Inc.

May '20 -- Aug '20
Engineering Research Intern, Secure Compute Team
Laboratory for Data Security, EPFL

Sep '18 -- Dec '18
Research Assistant, Prof. Jean-Pierre Hubaux
Security and Privacy Research at Illinois (SPRAI), UIUC

Jul '18 -- Dec '18
Research Intern, Prof. Christopher Fletcher
Strategy&, MENA Region

Aug '17 -- Jul '18
Associate Management Consultant
American University of Beirut

Jan '16 -- May '17
Research Assistant, Prof. Wen Masri and Prof. Zaher Dawy
Laboratory for Data Security, EPFL

Jun '16 -- Aug '16
Research Intern, Prof. Jean-Pierre Hubaux

Education

University of Illinois at Urbana-Champaign (UIUC)

Jan '19 - Dec '20
M.S. in Electrical and Computer Engineering (GPA 4.0)

American University of Beirut (AUB)

Sep '13 - Jun '17
B.E. in Computer and Communications Engineering (GPA 4.0)

Workshops & Tutorials

Secure Your Data Computations Efficiently

Hands-on Secure Coding Session
[Fintech Devcon 2021]
Abstract Video Code Slides
Side and Covert Channels: Attacks and Defenses

Hands-on Covert Channel Hacking Session
[ISCA 2019]
Website Code

Publications

BinCloaok: Transforming leaky COTS binaries into data-oblivious binaries

Mohamad El Hajj, Sushant Dinesh, Christopher W. Fletcher
[UIUC IDEALS, 2020]
BinCloaok
Creating Foundations for Secure Microarchitectures with Data-Oblivious ISA Extensions

Jiyong Yu, Lucas Hsiung, Mohamad El Hajj, Christopher W. Fletcher
[IEEE Top Picks Special Issue, 2020]
OISA Paper
Data Oblivious ISA Extensions for Size Channel-Resistant and High Performance Computing

Jiyong Yu, Lucas Hsiung, Mohamad El Hajj, Christopher W. Fletcher
[NDSS, 2019] [Distinguished Paper Finalist] [Finalist, CSAW Applied Research Competition 2019]
OISA Paper OISA Slides OISA Presentation OISA Open Source Code

Blogs

Secure Compute Part 4: Network Policies with Calico

Network security is a pillar of a secure compute platform, especially on multi-tenant clusters. In this blog, we will look into constraining network access of OpenFaaS functions and kubernetes pods to isolate them from each other as well as external services.
Secure Compute Part 1
Secure Compute Part 3: Serverless Functions with OpenFaaS

To simplify the experience of developing and packaging applications, we would like to make use of serverless functions. In this blog, we will demonstrate how we enhance this experience with OpenFaaS serverless functions, without compromising on security.
Secure Compute Part 1
Secure Compute Part 2: gVisor Runtime on EKS

In this post, we want to build a platform that can run containers securely on an Amazon Elastic Kubernetes Service (EKS) Cluster. The first component we will look at is integrating a secure container runtime. We will explore the gVisor sandboxed container runtime environment and how to integrate it with EKS.
Secure Compute Part 1
Secure Compute Part 1: A Secure Compute Solution

In an era engulfed by the collection, storage and analysis of sensitive information, data privacy and security are among the foremost challenges to be solved. In this blog series, we are primarily interested in how we can compute securely on sensitive data using untrusted code on multi-tenant systems.
Secure Compute Part 1