Middleman Verification Problem

May 2019 - Current

Adviser: Prof. Vijay Ganesh

A middleman is an agent, or company intermediate between the producer of goods and the retailer or consumer. Middlemen are an important part of the transactions in many fields such as the automotive industry, film industry, and online advertisement. Online advertisement is a billion-dollar industry that has many potentials and challenges. One of the greatest challenges of online advertisement is transparent accounting.
This research is on implementing a reliable and intelligent platform to test the fairness and honesty of the middleman. The main focus of the research is on online advertisement. Decentralized oracles and APIs, Game theory, dand distributed systems are the main parts of this research.

Understanding CBDCs

Jan 2022 - Current

adviser: Prof. Vijay Ganesh

Over the last few years the Governments of Canada and USA have taken great interest in the concept of Central Bank Digital Currencies (CBDCs) and are exploring the possibility of issuing them for use by the general public. This raises profound questions for society as a whole, such as, can we provide a secure, safe, and privacy-protecting architecture for CBDCs, can we make CBDCs programmable, how will CBDCs co-exist with current paper money and how do CBDCs fundamentally transform the nature of money itself? The focus of this project is to explore these questions and provide meaningful definitions and an architecture for CBDCs and all that it entails.

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities

Jan 2020 - May 2022

Adviser: Prof. Vijay Ganesh

A smart contract is an executable program that enables the building of a programmable trust mechanism between multiple entities without the need for a trusted third-party. It is an application of blockchain and is meant to store rules and agreements made by several parties, automatically detects when certain conditions have been met, and Self-execute an agreement based on the conditions they automatically detect.
The focus of this research is to develop a tool that scans smart contracts to find potential blocks of code vulnerable to DoS with Gas Limit and suggest a repair. Loops are the main pattern of this vulnerability and hence the main target for this tool. This tool utilizes static analysis, white-box fuzzing, and run-time verification. A lot of optimization is used to make the tool extremely accurate and reasonably fast. An optimized binary search approach, Static analysis, and run-time verification are the main methods used in this research.

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities

Behkish Nassirzadeh, Huaiying Sun, Sebastian Banescu , Vijay Ganesh

MARBLE 2022 The 3rd International Conference on Mathematical Research for Blockchain Economy

Graduate Student Researcher/ University of Waterloo

May 2019 - Current

As part of my research, I am researching the applications of blockchain and optimizing them using techniques like AI and machine learning. The main focus of my research has been on the security vulnerabilities of smart contracts. I was able to design and implement multiple tools to identify gas-related vulnerabilities of smart contracts. In this research, reinforcement learning (DQN), Whitebox random fuzzing, and optimized binary search were tested. Also, I have researched utilizing machine learning techniques like RNN (LSTM) and NLU (Sentiment analysis) to predict Bitcoin prices. Additionally, I am designing a decentralized and distributed system to solve the problems when multiple third parties or middlemen are involved. Game theory and decentralized oracles are part of this research.

Sessional Lecturer/ University of Waterloo

May - Aug 2021

I taught ECE458 (Introduction to Computer Security), a fourth-year undergraduate technical elective. I was responsible for creating new content in different fields of computer security, delivering lectures to over 200 students, and setting up exams. We covered cryptography, Blockchain, side-channel attacks, fault analysis, internet security, etc. The course outline is available here.

Software Developer/ IBI Group

Sep - Dec 2018

I developed and debugged new and existing features in an AngularJS web application for the Los Angeles Department of Transportation(LADOT). I was mostly responsible for designing and managing the SQL database of the application, and as a result, I created over 40 MySQL stored procedures in the SQL database. I also coded the backend of the application using C#, and the frontend using TypeScript, Bootstrap, and HTML.

Software Developer/ York Region

Sep - Dec 2017

I collaborated on all stages of the application lifecycle to build a Force.com web application called "YorkTrax". I developed the application in Visualforce, jQuery, Apex, and SOQL. I also helped automate the testing process using Selenium and Java.

.NET Developer/ Ontario Ministry of Education

Jan - Apr 2017

I built, tested, and deployed two scalable and highly available AngularJS and .Net web applications of "PFAAMC" and "PFAAMU" concurrently. C#, TypeScript, CSS, and HTML are the main programming languages used in these web applications. I also created multiple PL/SQL packages and stored procedures for the Oracle database.

Project Lead Developer/ Korpico (Part-time)

Dec 2016 - Mar 2017

I led a team of five to create the website korpico.com from gathering requirements to a fully functional WordPress website. I planned, executed, and controlled assigned projects to ensure work performed complied with the requirements. I closely collaborated with project members to identify and effectively address problems.

Software Developer/ The Nielson Company

May - Aug 2016

I implemented two private web applications, from setting up TFS and IIS to functional applications. They are coded in EXT-JS and C#. I also implemented scripts and procedures for Oracle (PL/SQL) and SQL (T-SQL) databases.

Information Security Coordinator/ CIBC

Sep - Dec 2015

I successfully automated the process of generating multiple security reports using VBA and HTA. I also created Excel and Outlook VBA Macros and scripts using VBScript

Web and System Administrator/ Encubate (Part-time)

Aug - Oct 2015

I managed, developed, designed, and translated the website farsi.encubate.ca. I also managed, implemented, and designed the website arabic.encubate.ca. Additionally, improved, and updated the website encubate.ca.

Internal Infrastructure Specialist/ T4G Limited

Jan - Apr 2015

I created scripts in Microsoft PowerShell to ease the account management. I also provided IT support and created and modified MS SharePoint and FTP sites. Additionally, I managed accounts on MS AD and Exchange.