Machine Learning Engineer
Artis Looking Glass
May 2020 – Present

Aspect-level Sentiment Analysis: Utilizing self-attention neural networks for aspect-level sentiment analysis. Detecting Cyberbullying in Twitter: Detecting harassment and hate-speech using BERT text classification model on Twitter streaming data. Fine-tuning BERT via Lightning module of PyTorch.
------------------
Bug Hunter - Offensive Security Researcher
Hackerone
January 2020 – Present

Reproducing the proof-of-concept (PoC) for n-days requested by customers for the purpose of crash diagnosis or vulnerability discovery. Developing fuzzing engines for android system services and some other vendors such as HP iMC or Fortinet.
--------------------------
Senior Research Assistant
Arizona State University
August 2017 – May 2020

Andriller: Developing a coverage-based guided fuzzing for Android system services. This work is presented in the Google security summit conference as nominated research. VMCloak : Devising a scalable evasive malware analysis pipeline with high-coverage and low-overhead analysis complexity. This framework is used for scalable VM retrospection and provisioning. This framework supports VMWare, Xen, Hyper-v, VirtualBox, KVM, and QEMU virtualization technologies. Mimosa: Reducing Malware Analysis Overhead via Coverings preceding ACM CCS conference 2020. PyTCG: Creating a python package to integrate QEMU Intermediate Representation IR into a fuzzing engine for embedded device fuzzing. PyRR: Implementing an automatic crash diagnosis and recovery framework in Python based on Mozilla Record-and-Replay rr tool.
----------------------------
Windows Kernel-mode Developer
Payam Pardaz
May 2016 – August 2017

Engineering the monitoring and integrity checking component of Endpoint Detection and Response. Deploying and user studying the Tanium framework Incident Respond IR and EDR modules. Worked in an Agile Scrum environment as a developer of windows kernel module drivers. Resolving security issues, improved continuous integration, and provided exceptional client support. Managing product security, including on-site evaluations, internal audits. Developing team communications and information for scrum meetings.
----------------------------------
Security Engineer Android/Web
Amngostar Payam Pardaz
October 2014 – August 2017

MyIrancell: Irancell is the most popular Iranian telephone operator supported by the MTN group. This application helps users to charge their prepaid plans. Identifying a major bug in the business logic of the application that exploited it to charge our account for unlimited services without paying. DorsaImen: This app is monitoring and parental control system. During the security assessment based on the OWASP top-10 for Android, I found several critical vulnerabilities. Gaining full control of the system and break the restrictions enforced by parents via chaining the bugs. ParsGate OpenSSL VPN: After a comprehensive reverse-engineering of client/server VPN customized communication protocol, found an Out-of-Bound Read/Write primitive to leak secrets.
---------------------------------
Red Team Member
IRISACO
December 2013 – August 2015

Leading the Malware Analysis team in designing the Malware Analysis Lab used for APT detection. Designing multi-stage attack scenarios to increase the effectiveness of SOC IDS rules. Improving the efficiency and reliability of IDS rules in detecting the internal network attacks. Measuring the infection rate of a network in a Botnet malware attack via passive DNS monitoring.

Aspect-level Sentiment Analysis: Utilizing self-attention neural networks for aspect-level sentiment analysis. Detecting Cyberbullying in Twitter: Detecting harassment and hate-speech using BERT text classification model on Twitter streaming data. Fine-tuning BERT via Lightning module of PyTorch.

Andriller: Developing a coverage-based guided fuzzing for Android system services. This work is presented in the Google security summit conference as nominated research.

VMCloak : Devising a scalable evasive malware analysis pipeline with high-coverage and low-overhead analysis complexity. This framework is used for scalable VM retrospection and provisioning. This framework supports VMWare, Xen, Hyper-v, VirtualBox, KVM, and QEMU virtualization technologies. Mimosa: Reducing Malware Analysis Overhead via Coverings preceding ACM CCS conference 2020.

PyTCG: Creating a python package to integrate QEMU Intermediate Representation IR into a fuzzing engine for embedded device fuzzing.

PyRR: Implementing an automatic crash diagnosis and recovery framework in Python based on Mozilla Record-and-Replay rr tool.