- Neural Networks and Deep Learning, Deeplearning.ai, 2020
- Introduction to Git and GitHub, Google, Coursera, 2021
- MCSA: Windows Server 2012 — Certified 2017
- MCSA: Windows Server 2016 — Certified 2017
- MCSE: Cloud Platform and Infrastructure — Certified 2017
- MikroTik Certified Routing Engineer (MTCRE)
- MikroTik Certified Network Associate (MTCNA)
Open to research & industry positions
I am a network and system security researcher with over six years of experience in designing secure network and Internet protocols, with a strong focus on applied cryptography, implementation, evaluation, and formal security analysis. I have extensive experience in both active and passive measurement of Internet-scale protocol behavior, including security compliance, adoption of security mechanisms, and analysis of large-scale events such as Internet shutdowns. I have also led cybersecurity research teams and collaborated closely with industry partners on applied and foundational security research. My work is supported by a strong publication record in well-known cybersecurity conferences and journals, including IEEE Communications Surveys & Tutorials (COMST), ESORICS, ACM venues, and NDSS.
EXPERIENCE
Carleton University
General Dynamics Mission Systems–Canada/Carleton University Cyber Operations Reference Lab (GCOR Lab)
Lead Cybersecurity ResearcherPostdoctoral Fellow
Ottawa, Canada
- Lead a research team focused on network protocol design for constrained and mission-specific environments, development of cyber range platforms for cybersecurity training, and application of Agentic AI in defensive network systems (e.g., IDS/IPS).
- Lead technical execution across multiple projects, contributing to system design and implementation while coordinating collaboration between industry and academic partners. Support the development of Statements of Work (SoWs), project plans, and milestone tracking to ensure timely delivery. Actively contribute to hiring processes, including candidate evaluation and team expansion efforts.
- Conduct large-scale Internet measurement studies using datasets such as Censys alongside active probing techniques to analyze global Internet behavior, detect security events, and evaluate the deployment and adoption of emerging secure protocols.
Carleton University
Carleton Internet Security Lab (CISL)
Security Researcher6 Years
Ottawa, Canada
- Developed the first comprehensive network-based threat model and attack taxonomy for the DNS resolution process, defining 14 security, privacy, and availability properties and using them to comparatively evaluate 14 secure DNS schemes (including DNSSEC and DNS-over-TLS/HTTPS), revealing that no single scheme provides end-to-end protection across both stages of DNS resolution (published in IEEE Communications Surveys & Tutorials (COMST), vol. 28, 2026).
- Designed and implemented ss2DNS, a privacy-preserving DNS protocol with a custom PKI providing unilateral authentication, confidentiality, and forward secrecy to mitigate DNS surveillance and manipulation by active and passive adversaries; benchmarked a large-scale proof-of-concept demonstrating performance comparable to less-secure alternatives while significantly outperforming DNS-over-TLS in cryptographic and latency overheads.
- Formally verified authentication, message confidentiality, forward secrecy, and key compromise resilience using a symbolic model in the Tamarin protocol verifier under a Dolev–Yao adversary model; conducted systematic key and entity compromise analysis (published at ESORICS 2025).
- Conducted large-scale Internet measurement and comparative analysis of DNS-over-TLS and HTTPS PKI ecosystems using 10K DoT and 9.3M HTTPS X.509 certificates from Rapid7 Project Sonar data, developing custom OpenSSL/PyOpenSSL-based pipelines to evaluate certificate security properties, cryptographic configurations, and Certificate Transparency compliance, and uncovering Internet-wide PKI trends including CA concentration, self-signed certificate prevalence, and cipher suite adoption (published at NDSS MADWeb 2021).
Carleton University
Carleton Internet Security Lab (CISL)
Teaching Assistant6 Years
Ottawa, Canada
Led lab sessions in networking and security courses, mentoring students in coding and debugging, packet capture and network analysis, and protocol implementation. Developed and maintained Linux-based network infrastructure (DNS, firewall, routing), including VM provisioning, interface configuration, and real-time monitoring to ensure high availability.
- Computer Systems Security
- Principles of Computer Networks
- Operating Systems
- Parallel Programming for Clusters and Multi-Core Processors
DeepLearning.AI Project, 2020
1 year
- Building, training, and optimizing neural network models
- Applying deep learning to real-world problems
PUBLICATIONS
IEEE COMST · 2026
1
A Survey and Evaluation Framework for Secure DNS Resolution
IEEE Communications Surveys & Tutorials, vol. 28, pp. 5532–5560, 2026 · DOI: 10.1109/COMST.2026.3678148
ESORICS · 2025
2
Formal Security Analysis of ss2DNS
European Symposium on Research in Computer Security (ESORICS), 2025 · DOI: 10.1007/978-3-032-07894-0_23
CODASPY · 2026
3
DeCerts: Secure and Fine-grained CDN Delegation
ACM Conference on Data and Application Security and Privacy (CODASPY), 2026
arXiv Preprint · 2026
4
A Multi-Perspective Study of the Internet Shutdown in Iran
arXiv preprint arXiv:2605.00187, 2026
PhD Thesis · 2025
5
Towards Securing the DNS Resolution Process
Carleton University, April 2025 · Co-supervised by Professors AbdelRahman Abdou and Paul Van Oorschot
Under Review · 2025
6
DNSSEC+: An Enhanced DNS Scheme Motivated by Benefits and Pitfalls of DNSSEC
Under peer review, 2025 · Preprint on arXiv
M.Sc. Thesis · 2021
7
Survey And Evaluation of Secure-DNS Alternatives Through Passive Measurements
Carleton University, 2021 · Supervised by Professor AbdelRahman Abdou
NDSS Workshop · 2021
8
Comparative Analysis of DoT and HTTPS Certificate Ecosystems
NDSS MADweb Workshop, 2021
Poster · 2021
9
Analyzing Secure-DNS Alternatives
Serene-risc Workshop, 2021 · Second Best Poster Award
CERTIFICATES
SKILLS
Programming:
Python
ExpertGit
ExpertLaTeX
ExpertC / C++
ProficientGolang
ProficientMatlab
ProficientRust
FamiliarTechnical:
Computer Networks
ExpertApplied Cryptography
ExpertLinux
ExpertFormal Analysis (Tamarin)
ProficientSIEM (Splunk)
ProficientDatabase
ProficientMachine and Deep Learning
FamiliarNetwork Analysis:
Wireshark
ExpertTCPDump
ExpertOpenSSL
ExpertVirtualization
ProficientEDUCATION
-
Ph.D. in Computer Science
Carleton University, Ottawa, Canada
Co-supervised by Professors AbdelRahman Abdou and Paul Van Oorschot, conducted research in Internet security, Internet measurement, the design and analysis of secure DNS protocols, as well as systems security and privacy analysis.
-
M.Sc. in Computer Science
Carleton University, Ottawa, Canada
Supervised by Professor AbdelRahman Abdou, conducted research in the measurement of adoption and security of Internet protocols, including the measurement of DNS-over-TLS deployment across the Internet and the extent to which best security guidelines are applied. Additionally, analyzed the security and privacy of secure DNS schemes.
-
B.Sc. in Computer Engineering
Jahrom University, Iran
Graduated in the top 5% of the class. Conducted cybersecurity workshops as part of the university’s Computer Emergency Response Team (CERT).
COURSEWORK
Graduate
- Authentication and Software Security
- Trusted Computing and Emerging Attacks
- IoT Security
- Internet Measurements & Security
- Operating Systems Security
- Designing Secure Networking and Computer Systems
- Distributed Operating Systems
- Social Networks
INTERESTS
Technical:
- Internet measurement and security
- Computer networks & cybersecurity
- Formal security analysis of network protocols
- Security automation
- Applying ML and DL to different fields
SOFT SKILLS
- Critical Thinking
- Self-learning
- Problem Solving
- Technical Writing
- Communication
- Teamwork