Ravindu De Silva

CS PhD @ UCSB | Web Application Security | Automated Vulnerability Discovery

Logo
Lost in the serenity. Kankesanthurai,
Sri Lanka 🇱🇰

I am a Ph.D. student in Computer Science at the University of California, Santa Barbara, where I am supervised by Prof. Giovanni Vigna and Prof. Christopher Kruegel. My research focuses on web application security and automated vulnerability discovery, with a particular emphasis on developing algorithmic approaches to identify security flaws in web-based systems. I also actively compete in Capture The Flag (CTF) competitions as a member of the Shellphish team.

Linkedin , Google Scholar

EDUCATION HISTORY

PhD in computer science
Institution: University of California, Santa Barbara, USA
Status: Reading (2023 - )

Bachelor of Science Honours in Software Engineering [First Class]
Institution: University of Colombo School of Computing, Sri Lanka
College Honors: Gold Medal, Professor Soma Goonetillake Memorial Award
Thesis: CGraph-Graph Based Extensible Cyber Threat Intelligence System
Degree Awarded: 1st May of 2021

RESEARCH AND PROFESSIONAL EXPERIENCE

Security Researcher - Intern: Palo Alto Networks, CA, USA.
Year: June 2025 -

Graduate Researcher: UC Santa Barbara, CA, USA. (SecLab)
Supervisors: Dr. Giovanni Vigna and Dr. Christopher Kruegel
Research Domain: Web Application Security | Automated Vulnerability Discovery
Year: 2023 -

Research Associate: UC Santa Barbara, CA, USA. (SecLab)
Supervisors: Dr. Giovanni Vigna and Dr. Christopher Kruegel
Work carried out: Developed deep reinforcement learning simulation to mimic user actions against zk-snark-based smart contracts
Results: GuideEnricher: Protecting the Anonymity of Ethereum Mixing Service Users with Deep Reinforcement Learning, USENIX Security 24
Year: 2022

Security Researcher - Intern : Qatar Computing Research Institute[Remote].
Supervisors: Dr. Mohamed Nabeel (QCRI)
Work carried out: Research conducted to identify attackers created and compromised domains using machine learning
Results: Compromised or Attacker-Owned: A Large Scale Classification and Study of Hosting Domains of Malicious URL, USENIX Security 21
Year: 2020

SELECTED PUBLICATIONS

2024

GuideEnricher: Protecting the Anonymity of Ethereum Mixing Service Users with Deep Reinforcement Learning.
Ravindu De Silva, Wenbo Guo, Nicola Ruaro, Ilya Grishchenko, Christopher Kruegel, Giovanni Vigna
University of California, Santa Barbara. (USENIX Security 24)

2023

A Large Scale Study and Classification of VirusTotal Reports on Phishing and Malware URLs
Euijin Choo, Mohamed Nabeel. Doowon Kim, Ravindu De Silva, Ting Yu,Issa Khalil.
ACM on Measurement and Analysis of Computing Systems
(ACM MAC Volume7)

2021

Compromised or Attacker-Owned: A Large Scale Classification and Study of Hosting Domains of Malicious URLs
Ravindu De Silva, M Nabeel, C Elvitigala, I Khalil, T Yu, C Keppitiyagama
30th USENIX Security Symposium (USENIX Security 21)

GRADUATE AWARDS & OTHER AWARDS

Graduate Awards

Professor Soma Goonetillake Memorial Award for the Best Final Year Software Engineering research project in B.Sc.(Hons) Software Engineering, Gold Medal.
Institution: University Of Colombo, Sri Lanka.
Year: 2021

News

Team Shellphish Dives Deep into Cybersecurity - UC Santa Barbara-Based “Hackademics” Compete for $4 Million Prize to Detect Software Vulnerabilities

Success in DARPA Cyberdefense Competition Nets Team a Trip to the Finals — and $2 Million