I am an Information Security researcher and my main area of studies is on malicious software (Malware). During the past ten years, I discovered several malware campaigns that target computer users. Furthermore, I have discovered and reported hundreds of application vulnerabilities to vendors in public and private disclosure. I love teaching security so much that sometimes offer courses at colleges and universities in Toronto. I am also a security consultant and my main clients are in financial sector. Anything posted here are of my own thoughts and are by no means affiliated with other organizations.
My thesis research is focused on malware propagation in Online Social Networks. As part of my PhD studies, I unveiled a malware campaign that targeted OSN users, leading to more than 260,000 infection before the their C2 take down.
My main focus of the research was web application vulnerability and web security, this led me to an interesting topic of web malware in OSNs which I started the research in my masters and continued it in my PhD.
I did my BSc. in communication engineering, studying wireless communication mostly. I did my last year project on modeling the communication channel of 802.11.
I realized, security is a high-octane research field. To be alert, you need to do both research and work. During my study period since 2008, I was also providing consulting services and were engaged on different projects.
Most of the publications are available through Google Scholar, if you need any of the papers listed below, just drop me a line.
[J4] M. R. Faghani, U. T. Nguyen, "Modeling the Propagation of Trojan Malware in Online Social Networks", Submitted to IEEE Transaction on Inform. Forensics Security.
[J3] M. R. Faghani, U. T. Nguyen, "Mobile Botnets Meet Social Networks: Design and Analysis of a New Type of Botnet", Submitted to Springer Nature Internation Journal of Information Secrutiy
[J2] M. R. Faghani, U. T. Nguyen, "A Study of XSS Worm Propagation and Detection Mechanisms in Online Social Networks," in IEEE Transaction on Inform. Forensics Security, September, 2013
[J1] M. R. Faghani, U. T. Nguyen, " A Secure DoS-Avoidance routing in Wireless Sensor Networks", Journal of Selected Areas in Telecommunications (JSAT)
[B2] M. R. Faghani, U. T. Nguyen, "A study of malware propagation via Online Social Networks," in Studies in Mining Social Networks and Security Informatics, Tansel Oyzer, Springer-Verlag, 2012 [B1] M. R. Faghani, H.Saidi, "Malware Propagation in Online Social Networks, analytical and simulation approach," in Dynamic Analysis for Social Network, 1st Edition, Carlos Andre Pinheiro, iConcept Press, 2012
[C9] R. Soltani, U. T. Nguyen, M. R. Faghani, Alaa Yaguob, Aijun An, " new algorithm for money laundering detection based on structural similarity", In Proceedings of IEEE Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), 2016
[C8] ohammad R. Faghani and U. T. Nguyen, "A Study of ClickJacking Worm Propagation in Online Social Networks", IEEE 15th International Conference on Information Reuse & Integration (IRI), Workshop on Social Network Security (SocialSec), San Francisco, California, August 2014.
[C7] M. R. Faghani, U. T. Nguyen, "SoCellBot: A new botnet design to infect smartphones via online social networking", In proceeding of 25th IEEE CCECE 2012, Montreal, Canada (Best Paper Award Finalist)
[C6] M. R. Faghani, A. Matrawy, C. H. Lung, "A study of effect of Trojan propagation in Online Social Networks", submitted to 5th IEEE International Conference on New Technology, Mobility and Security, Istanbul, Turkey, 2012
[C5] M. R. Faghani, U. T. Nguyen, "Incident-Driven Routing in Wireless Sensor Networks, A cross Layer Approach", In Proceeding of 7th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing CollabCom, Orlando, USA, 2011
[C4] M. R. Faghani, H. Saidi, "Malware propagation in online social networks", In proceeding of the 4th IEEE International malicious and unwanted programs (Malware09), Montreal, Canada, 2009
[C3] M. R. Faghani, S. M. Motahari, "Sectorized Location Dependent Key Management", In proceeding of the 5th IEEE International conference on wireless and mobile computing (Wimob09), Marrakech, Morocco, 2009
[C2] M. R. Faghani, H. Saidi, "Social networks' XSS worms", In proceeding of the 12th IEEE International conference on computational science and engineering (CSE09), Vancouver, Canada, 2009
[C1] M. R. Faghani, H. Saidi, "Effects of security solutions on malware propagation", In proceeding of the 4th IEEE International Symposium of Telecommunications (IST08), Tehran, Iran, 2008
[RP3] M. R. Faghani, Dynamic analysis of a trojan, propagating in Facebook and Twitter, January 2015 [RP2] M. R. Faghani, U. T. Nguyen, Modeling the Propagation of Actively Spreading Malware in Online Social Networks, September 2014 [RP1] M. R. Faghani, U. T. Nguyen, Modeling the propagation of Trojans in OSNs, May 2014- Present
Ontario Graduate Scholarship 2011-2014 (4 years in consequence)
Departmental Scholarship, University of Toronto - 2013 (Declined)
Best Paper Award Finalist (CCECE 2012)
Travel Award (CCECE 2012)
Departmental Scholarship, Carleton University - 2010
Achievement award (ITRC) - 2009
Ranked third in Communication Networks Engineering, Graduate program - 2009
Achievement Award of Khwarizmi International Festival - 2001
Served as an external reviewer for:
IEEE Transactions on Signal and Information Processing over Networks, 2017
IEEE Communication Letters, 2016
IEEE ICACCI, 2015
IEEE Transactions on Mobile computing, 2014
IEEE computer magazine, 2013
IEEE GLOBECOM, 2012
IEEE ISWTA 2012
IEEE CCECE 2012
Springer-Verlag Journal of SNAM, 2011
Elsevier Journal of Applied Math and Computation, 2011
I don't know myself a programmer. I know myself a security researcher that finds his way through programming challenges :)