a Professor of Software Engineering at the University of Isfahan. For over two decades, my passion has been focused on teaching and research in cybersecurity, cryptographic protocols, and secure software systems. It has been my honor to mentor outstanding students while serving in key administrative roles, including as the Dean of the Faculty of Computer Engineering. I have actively contributed to numerous national-level projects in the field of information security, always striving to bridge the gap between academia and industry. Alongside my academic work, I am involved in the technology ecosystem as a board member of a knowledge-based company and as an organizer of specialized scientific conferences.
Cybersecurity and Secure Computing: Focusing on the analysis and design of security protocols, mathematical modeling of threats, and resilience evaluation of systems.
Software Engineering and Software Security: Including formal verification, vulnerability analysis, and developing methods for building secure software.
Security of Distributed Systems and Networks: Encompassing IoT security, smart grid security, and intelligent transportation system security.
Modeling and Analysis of Socio-Technical Systems: Such as rumor spreading, modeling trust and reputation in adversarial environments, and behavior analysis in social networks.
Privacy and Data Security: Including secure pattern matching techniques and secure computation.
Cybersecurity and Secure ComputingSoftware Engineering and Software SecuritySecurity of Distributed Systems and NetworksModeling and Analysis of Socio-Technical SystemsPrivacy and Data SecurityJournal Editorship: He is the Editor-in-Chief of the international Journal of Computing and Security, a pivotal role in guiding and evaluating the research of the scientific community.
Journal of Computing and SecurityCybersecurity & Cryptography: Design and analysis of security protocols, threat modeling, intrusion detection systems (IDS/IPS).
Software Security: Secure software engineering, vulnerability analysis, and malware countermeasures (particularly for Android).
Network & Distributed Systems Security: Security of critical infrastructure (smart grids, intelligent transportation), IoT security, and virtual private networks (VPN/Firewall).
Trust Systems & Social Networks: Modeling of trust and reputation, analysis of information diffusion and behavior in social networks.
Privacy & Secure Computation: Developing privacy-preserving algorithms for secure search and pattern matching.
Security Policy & Architecture: Development of national-level security strategic documents and risk management methodologies.
Cybersecurity & CryptographySoftware Engineering & Software SecurityCritical Infrastructure SecurityInternet of Things (IoT) SecurityBehavior & Information Diffusion in Social NetworksSecurity Policy, Strategy & Architecture- Bachelor, Computer, isfahan [isfahan - iran]
- Master's degree, Computer, Amir kabir [tehran - iran]
- Ph.D., Computer, Tarbiat Modares [tehran - iran]
Software Security
Fundamentals of Information Security
Systems Analysis and Design
Security and Cryptographic Protocols: Aligning with his core expertise in the design and formal analysis of protocols.
Advanced Software Security: Covering topics such as vulnerability analysis, penetration testing, and reverse engineering.
Secure Distributed Systems: Corresponding to his research in critical infrastructure security and IoT.
Modeling and Analysis of Secure Systems: Using formal and mathematical approaches.
Software SecurityFundamentals of Information SecuritySystems Analysis and DesignModeling and Analysis of Secure SystemsAdvanced Software Security
Research Output
Articles
Publication Date: 2025
The Isc International Journal Of Information Security (20082045)17(1)pp. 59-73
As cyber threats grow increasingly sophisticated, the importance of security training as an effective means of prevention will become even more critical. Cyber Range (CR) is a platform for creating cyber training programs using virtualization and simulation technologies to create a realistic training environment. The main challenge for utilizing a CR is the specialized human resources required to design and maintain training sessions. To tackle this challenge, several high-level languages, known as Scenario Description Languages (SDLs), have been developed to enable the specification of training environments as models. These models can then be automatically transformed into deployment artifacts. Our studies showed that the existing SDLs could not address requirements when designing complex scenarios where multiple trainees should collaborate to reach a desired goal through various acceptable solutions. We present the Collaborative Security Training SDL (CST-SDL) for creating multi-trainee and multi-solution scenarios. CST-SDL uses an acyclic directional graph for specifying the scenario’s solution routes and allows defining trainees with unique tasks, goals, and solution routes during the training session. To evaluate the CST-SDL’s capabilities, we have implemented and integrated it into the KYPO cyber range. © 2025 ISC. All rights reserved.
Publication Date: 2024
Automated Software Engineering (09288910)31(2)
The Inter-Component Communication (ICC) model in Android enables the sharing of data and services among app components. However, it has been associated with several problems, including complexity, support for unconstrained communication, and difficulties for developers to understand. These issues have led to numerous security vulnerabilities in Android ICC. While existing research has focused on specific subsets of these vulnerabilities, it lacks comprehensive and scalable modeling of app specifications and interactions, which limits the precision of analysis. To tackle these problems, we introduce VAnDroid3, a Model-Driven Reverse Engineering (MDRE) framework. VAnDroid3 utilizes purposeful model-based representations to enhance the comprehension of apps and their interactions. We have made significant extensions to our previous work, which include the identification of six prominent ICC vulnerabilities and the consideration of both Intent and Data sharing mechanisms that facilitate ICCs. By employing MDRE techniques to create more efficient and accurate domain-specific models from apps, VAnDroid3 enables the analysis of ICC vulnerabilities on intra- and inter-app communication levels. We have implemented VAnDroid3 as an Eclipse-based tool and conducted extensive experiments to evaluate its correctness, scalability, and run-time performance. Additionally, we compared VAnDroid3 with state-of-the-art tools. The results substantiate VAnDroid3 as a promising framework for revealing Android inter-app ICC security issues. © The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2024.
Publication Date: 2024
IEEE Transactions on Computational Social Systems (2329924X)11(6)pp. 7698-7710
The growing popularity of social networks has amplified their capacity to form public opinions. The opinion formation process is affected by social factors and social phenomena such as spiral of silence and echo chambers. In this article, we present a directed homophilic preferential attachment (DHPA) model to capture the dynamics of social network generation and rewiring (network dynamics) and to take the variation of attitudes and characteristics of users when expressing their opinions and their desire to establish relationships with others into account (opinion dynamics). The proposed model not only integrates network dynamics and opinion dynamics but also accounts for homophily and the formation of social phenomena that create consensus or polarity. This results in more realistic outcomes compared to similar models. In addition, the model can contrast factors that drive consensus with those that drive polarization. DHPA provides necessary facilities for examining the impact of different factors on the opinion formation process. It enables us to analyze the circumstances to reach consensus and polarity. It is shown that the network generated by the proposed DHPA model appropriately conforms to real social networks. We have examined the impact of some important social factors by conducting a number of sensitivity analysis scenarios on the model, which led to interesting results. © 2014 IEEE.
Publication Date: 2023
ISeCure (20083076)15(1)pp. 59-71
Sensitive methods are those that are commonly used by Android malware to perform malicious behavior. These methods may be either evasion or malicious payload methods. Although there are several approaches to handle these methods for performing effective dynamic malware analysis, generally most of them are based on a manually created list. However, the performance shown by the selected approaches is based on the completeness of the manually created list that is not almost a complete and up-to-date one. Missing some sensitive methods causes to degrade the overall performance and affects the effectiveness of analyzing Android malware. In this paper, we propose a machine learning approach to predict new sensitive methods that might be used in Android malware. We use a manually collected training dataset to train two classifiers: the first one is used to detect the sensitivity nature of the Android methods, and the second one is used to categorize the detected sensitive methods into predefined categories. We applied the proposed approach to a large number of methods extracted from Android API 27. The proposed approach is able to predict hundreds of sensitive methods with the accuracy of 94.4% for the first classifier and 92.8% for the second classifier. To evaluate the proposed approach, we built a new list of the detected sensitive methods and used it in a number of tools to perform dynamic malware analysis. The proposed model found various sensitive methods that were not considered before by any other tools. Hence, the effectiveness of these tools in performing dynamic analysis is increased.(c) 2020 ISC. All rights reserved.
Publication Date: 2023
SOFTWARE-PRACTICE & EXPERIENCE (00380644)53(4)pp. 895-936
Android users install various apps, such as banking apps, on their smart devices dealing with user-sensitive information. The Android framework, via Inter-Component Communication (ICC) mechanism, ensures that app components (inside the same app or on different apps) can communicate. The literature works have shown that this mechanism can cause security issues, such as app security policy violations, especially in the case of Inter-App Communication (IAC). Despite the plethora of research on detecting security issues in IAC, detection techniques face fundamental ICC challenges for improving the precision of static analysis. Challenges include providing comprehensive and scalable modeling of app specification, capturing all potential ICC paths, and enabling more effective IAC analysis. To overcome such challenges, in this paper, we propose a framework called VAnDroid2, as an extension of our previous work, to address the security issues in multiple components at both intra- and inter-app analysis levels. VAnDroid2, based on Model-Driven Reverse Engineering, has extended our previous work as per following: (1) providing a comprehensive Intermediate Representation (IR) of the app which supports extracting all the ICC information from the app, (2) extracting high-level representations of the apps and their interactions by omitting the details that are not relevant to inter-app security analysis, and (3) enabling more effective IAC security analysis. This framework is implemented as an Eclipse-based tool. The results of evaluating VAnDroid2 w.r.t. correctness, scalability, and run-time performance, and comparing with state-of-the-art analysis tools well indicate that VAnDroid2 is a promising framework in the field of Android inter-app security analysis.
