Experience

Arad Cloud

• Iran
• IT Services and IT Consulting
• 1 - 100 Employee

• Head of AI Team

  • Sep 2022 - Present

  working on creating and applicationof large language models working on creating and applicationof large language models



Iranian Society of Cryptology (ISC)

• Computer and Network Security

• Head of special interest group on truthworthy machine learning

  • Mar 2022 - Present

  The aim of this special interest group is the research vulnerabilities and attacks on deep neural networks. We welcome and invite prominent researchers in this field for presenting their works.

• Exploiting deep network as covert chanells

  • Dec 2021 - Oct 2022

  We have shown for the first time that a deep neural network can be exploited as a covert channel to enable communicate to malware in an isolated system.



Self-employed

• Senior Research Assistant

  • Jan 2021 - Present



University of Qom

• Iran
• Higher Education
• 100 - 200 Employee

• Privacy preserving in biometric authentication

  • 2021 - Present

  Biometrics gain increasing interest in recent years, but a biometric may leak the personal information of its owner. For example in EEG-based authentication, even the mental diseases of a subject may be inferred using a sample of EEG record. We have worked on some projects to improve the privacy preservation of EEG-based biometrics. The results so far published in two papers but still working to publish more works.https://www.nature.com/articles/s41598-022-06527-7https://www.sciencedirect.com/science/article/pii/S0167404820300730 Show less

• Malicious URL detection using language models

  • Mar 2021 - Nov 2022

  Here, we have proposed to focus on the meaning of the words in a URL to detect whether they are benign or not. The benign URL often contains meaningful words but the automatically generated ones do not contain meaning. Also, phishing URLs may imitate the well-known URL and contain words similar to a meaningful URL. Thus we proposed to use language models to capture this information and exploit them for detecting malicious URLs.

• Lightweight Identification of Android Malware with knowledge Distillation

  • Aug 2021 - Oct 2022

  So far, the state-of-the-art method in malware detection is based on deep learning, however, this approach requires a lot of computing resources and leads to high battery usage, which is unacceptable in smartphone devices. This work proposes the knowledge distillation approach for lightening android malware detection. To this end, first, a heavy model is taught and then with the knowledge distillation approach, its knowledge is transferred to a light model called student. To simplify the learning process, soft labels are used here. We have tested the proposed approach on CISC datasets including dynamic and static features, and the results show that the proposed method is not only able to lighten the model up to 99%, but also maintain the accuracy of the lightened model to the extent of the heavy model. Show less

• LPWAN end to end encrypion

  • Mar 2020 - Oct 2022

  We have worked on the encryption challenges in LPWAN which are due to their very limited computational and bandwidth. Three different approaches are proposed for the challenge including deep learning and a hash-based (similar to Proof of work in the blockchain).The results are published in the following papers and also patented in Iran:https://ieeexplore.ieee.org/abstract/document/8689085/https://www.sciencedirect.com/science/article/abs/pii/S1389128620301006

• Analysis on the leaked Iranian users’ passwords

  • Feb 2021 - Dec 2021

  The main purpose of this project is to analyze the passwords of Iranian users and investigate their differences from English-speaking users. The work also examines the existence of Zipf’s law on Iranian passwords as the most well-known distribution for passwords. Password analysis of Iranian users shows that the popular password length between Iranian users and users of other countries is not much different, but in terms of the combination of characters used in the passwords, Iranian users are more inclined to use numeric passwords while English language users are more inclined to use passwords made up of alphabet. In this paper, Zipf’s law is reviewed on five datasets of Iranian users’ passwords using three different approaches including PDF, PDF with removing unpopular passwords, and, CDF. Among these methods, in the CDF method, the passwords best matched with a Zipf’s law distribution between 0.02 and 0.07. Finally, the robustness of Iranians’ passwords to statistical guessing attacks has been measured and it is concluded that the passwords of Iranian users are more vulnerable to guessing attacks than English language users.The results are published in the following paper:https://link.springer.com/article/10.1007/s11416-021-00397-9The collected dataset is accessible in the following GitHub repo:https://github.com/amirjalaly/Iranian-users-passwords Show less

• Android malware detection

  • Dec 2020 - Dec 2021

  In this research, we have proposed an android malware detection method based on LSTM which is capable of not only distinguishing malware and benign samples but also detecting and identifying the new and unseen families of malware. The proposed method is implemented in raspberry pi connected to a MikroTik using netflow protocol. We have performed several case studies to exhibit the capabilities of the proposed method including malware detection, malware family identification, new (not seen before) malware family detection, and evaluating the minimum time required to detect malware. The case studies show that the model is even capable of detecting new families of malware with more than 90% accuracy. Moreover, it is shown the model is able to detect the malware by capturing 50 connection flows (about 1600 packets on average) with an AUC of more than 99.9%.The results of this research are published in the following papers:https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.3112https://www.proquest.com/openview/2bd8f4755f4e17e68a5084e41442cc35/1?pq-origsite=gscholar&cbl=5500744 Show less



Stealth Mode Startup

• United States
• IT Services and IT Consulting
• 200 - 300 Employee

• Automating Pentest using deep Reinforcement learninig

  • Oct 2020 - Present



Social networks Research and Experiments

• Fake news detection

  • May 2020 - Sep 2021

  We have proposed an NLI (natural language inference) approach for fake news detection.

• Compromised account detection using authorship verification

  • Apr 2019 - Nov 2020

  Compromising legitimate accounts is a way of disseminating malicious content to a large user base in Online Social Networks (OSNs). Since the accounts cause lots of damage to the user and consequently to other users on OSNs, early detection is very important. This project proposes a novel approach based on authorship verification to identify compromised Twitter accounts. As the approach only uses the features extracted from the last user's post, it helps in early detection to control the damage. As a result, the malicious message without a user profile can be detected with satisfying accuracy. Experiments were constructed using a real-world dataset of compromised accounts on Twitter. The result showed that the model is suitable for detection due to achieving an accuracy of 89%. Show less

• Semantic Search Engine

  • Feb 2020 - Sep 2020

  The aim of this project is to find similar questions, not only by looking into their words (as in conventional methods in databases and search engines) but also by considering the semantic of the questions. I have developed a deep learning classification model based on sequence to sequence GRU models which can embed the semantic of a question and then employed it as a set REST API written in Python, Flask framework. I also participated in developing the desktop app with C#. The engine is able to find similar questions with about 80% accuracy even if those have no exact common words. Show less

• Social Analyser

  • Mar 2019 - Dec 2019

  We have developed a software for online social monitoring for small businesses. The software has a web crawler written with Python and the web interface with PHP larval, is able to collect information about a topic in social networks (Twitter, Instagram \& Telegram) and represent them in graphical charts. The project is able to detect the topic using clustering methods (LDA,NMF), and the crowd sentiment toward it, and then predict} the popularity of a subject by time series analysis.The project employed NEO4J as a graph based nosql DBMS for analyzing influencers in the network. Show less



CSIRT (APA) of University of Qom

• Iran
• Security and Investigations

• Privilege Account Management

  • May 2018 - Sep 2020

  I have been in charge of designing and producing a customized Privilege Account Management (PAM) software. The software can monitor, interpret and record all remote access protocols including RDP, SSH, TelNet, The software consists of a series of modules written by Nodejs with PHP laravel as back-end and Angular as front-end. The modules are deployed in docker containers and communicates through web sockets. I have been in charge of designing and producing a customized Privilege Account Management (PAM) software. The software can monitor, interpret and record all remote access protocols including RDP, SSH, TelNet, The software consists of a series of modules written by Nodejs with PHP laravel as back-end and Angular as front-end. The modules are deployed in docker containers and communicates through web sockets.



3i - Information & Industry Improvement

• Iran
• Software Development
• 1 - 100 Employee

• Virtual Clinic Project Manager

  • Jan 2016 - Dec 2016

  We have developed an online site for remote visiting, examination and consultation that commissioned by Atieh Clinical Neuroscience Center. The website which is written by PHP codeigniter framework which responsible for registering, initial test, online consultation, and final treatment (not based on drug treatment). The project also employed a windows service (programmed using C\#), which automates the behind-the-scenes diagnostic processes, including calculate the risk of each mental disorder, generating heavy report, placing patients in their own treatment place. Show less

• Train Monitoring and Management System

  • Apr 2015 - Aug 2016

  The project deployed for Islamic Republic of Iran Railways. The aim of this project is to predict and solve the ongoing conflict in train timetable. I have developed the core algorithm using C\#, which received the online railways` data through SOAP service calls and then simulate and predict near conflicts such as train collision. Then I use some soft computing algorithm to propose candidate solutions to the dispatcher for preventing the conflicts.



DTE

• Enterprise Service Bus [Management & Development]

  • Aug 2011 - Dec 2015

  We have developed an ESB (Enterprise Service Bus) for integrating the automation systems of organization. The bus can connect to any remote system, and extract and publish its functionality as a service API in both SOAP and REST. The bus also was responsible for securing, routing and automating services. The project also contains a portal which provides an integrated environment for users services. The idea for this project was taken from iGoogle. I was responsible for ESB development (not the portal). Show less



Qom University of Technology

• Engineering Department

• Guest Lecturer

  • Nov 2010 - May 2011



Isfahan University

• Information Technology Department

• Guest Lecturer

  • Dec 2009 - Jul 2010