Avatar

Behkish Nassirzadeh

PhD Candidate at the University of Waterloo

Toronto and Waterloo, ON, Canada

bnassirz@uwaterloo.ca

behkishnz

BehkishNz

Behkish.Nz


Main Topics & Areas of Interest

Applications of Blockchain

100%

Computer Security

100%

Cryptography

100%

Machine Learning and AI

80%

Program Analysis

60%

Embeded Systems

50%

Languages

English

Farsi (Persian)

Turkish


Favorite Quotes

“Be your own hero, it’s cheaper than a movie ticket.”
— Douglas Horton

"If you don’t build your dream someone will hire you to help build theirs."
– Tony Gaskins

"Everything will be okay in the end. If it's not okay, it's not the end"
– John Lennon


Related Courses

ECE 650 - Methods and Tools for Software Engineering

Fall 2022

Instructor: Prof. Ganesh


MSCI 752 - Behavioural Decision-making

Spring 2022

Instructor: Prof. Onay


MSCI 607 - Applied Economics for Management

Spring 2022

Instructor: Dr. Tanehkar


ECE 750 - Computer-aided Reasoning

Fall 2021

Instructor: Prof. Ganesh


ECE 657A - Data and Knowledge Modeling and Analysis

Spring 2020

Instructor: Dr. Amar


ECE 653 - Testing, Quality Assurance, and Maintenance

Spring 2020

Instructor: Prof. Ganesh


ECE 720 - Cryptographic Computations

Winter 2020

Instructor: Prof. Hasan


ECE 606 - Algorithms

Fall 2019

Instructor: Prof. Tripunitara


ECE 652 - Safety-critical Embedded Software

Spring 2019

Instructor: Prof. Fischmeister


ECE 657 - Tools of Intelligent System Design

Spring 2019

Instructor: Dr. Amar



About Me

My name is Behkish. I am a PhD Candidate in Computer Engineering at the University of Waterloo under the supervision of Professor Vijay Ganesh. My research focuses on the applications and security of blockchain.

I'm designing and implementing different methods in various areas of Blockchain including security vulnerabilities of Smart Contracts, and Decentralized Oracles using techniques like runtime analysis, whitebox fuzzing, optimized binary search, and game theory. I've recently launched a startup, Factiphi Inc. , to detect and rectify digital ad fraud.

I have over 5 years of experience working in different computer software fields, including Graduate Student Researcher, Sessional Lecturer, Project Lead Developer, Full-stack Software Developer, Web Admin, and Information Security Coordinator.

I received an MASc in Computer Engineering and a BASc in Electrical and Computer Engineering with distinction from the University of Waterloo.

You can use my LinkedIn or my email to contact me. My resume is available here .


Research

Middleman Verification Problem
May 2019 - Current
Adviser: Prof. Vijay Ganesh

A middleman is an agent, or company intermediate between the producer of goods and the retailer or consumer. Middlemen are an important part of the transactions in many fields such as the automotive industry, film industry, and online advertisement. Online advertisement is a billion-dollar industry that has many potentials and challenges. One of the greatest challenges of online advertisement is transparent accounting.
This research is on implementing a reliable and intelligent platform to test the fairness and honesty of the middleman. The main focus of the research is on online advertisement. Decentralized oracles and APIs, Game theory, dand distributed systems are the main parts of this research.


Understanding CBDCs
Jan 2022 - Current
adviser: Prof. Vijay Ganesh

Over the last few years the Governments of Canada and USA have taken great interest in the concept of Central Bank Digital Currencies (CBDCs) and are exploring the possibility of issuing them for use by the general public. This raises profound questions for society as a whole, such as, can we provide a secure, safe, and privacy-protecting architecture for CBDCs, can we make CBDCs programmable, how will CBDCs co-exist with current paper money and how do CBDCs fundamentally transform the nature of money itself? The focus of this project is to explore these questions and provide meaningful definitions and an architecture for CBDCs and all that it entails.


Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
Jan 2020 - May 2022
Adviser: Prof. Vijay Ganesh

A smart contract is an executable program that enables the building of a programmable trust mechanism between multiple entities without the need for a trusted third-party. It is an application of blockchain and is meant to store rules and agreements made by several parties, automatically detects when certain conditions have been met, and Self-execute an agreement based on the conditions they automatically detect.
The focus of this research is to develop a tool that scans smart contracts to find potential blocks of code vulnerable to DoS with Gas Limit and suggest a repair. Loops are the main pattern of this vulnerability and hence the main target for this tool. This tool utilizes static analysis, white-box fuzzing, and run-time verification. A lot of optimization is used to make the tool extremely accurate and reasonably fast. An optimized binary search approach, Static analysis, and run-time verification are the main methods used in this research.


Publications

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
Behkish Nassirzadeh, Huaiying Sun, Sebastian Banescu , Vijay Ganesh
MARBLE 2022 The 3rd International Conference on Mathematical Research for Blockchain Economy

Work Experience

Graduate Student Researcher/ University of Waterloo
May 2019 - Current

As part of my research, I am researching the applications of blockchain and optimizing them using techniques like AI and machine learning. The main focus of my research has been on the security vulnerabilities of smart contracts. I was able to design and implement multiple tools to identify gas-related vulnerabilities of smart contracts. In this research, reinforcement learning (DQN), Whitebox random fuzzing, and optimized binary search were tested. Also, I have researched utilizing machine learning techniques like RNN (LSTM) and NLU (Sentiment analysis) to predict Bitcoin prices. Additionally, I am designing a decentralized and distributed system to solve the problems when multiple third parties or middlemen are involved. Game theory and decentralized oracles are part of this research.


Sessional Lecturer/ University of Waterloo
May - Aug 2021

I taught ECE458 (Introduction to Computer Security), a fourth-year undergraduate technical elective. I was responsible for creating new content in different fields of computer security, delivering lectures to over 200 students, and setting up exams. We covered cryptography, Blockchain, side-channel attacks, fault analysis, internet security, etc. The course outline is available here.


Software Developer/ IBI Group
Sep - Dec 2018

I developed and debugged new and existing features in an AngularJS web application for the Los Angeles Department of Transportation(LADOT). I was mostly responsible for designing and managing the SQL database of the application, and as a result, I created over 40 MySQL stored procedures in the SQL database. I also coded the backend of the application using C#, and the frontend using TypeScript, Bootstrap, and HTML.


Software Developer/ York Region
Sep - Dec 2017

I collaborated on all stages of the application lifecycle to build a Force.com web application called "YorkTrax". I developed the application in Visualforce, jQuery, Apex, and SOQL. I also helped automate the testing process using Selenium and Java.


.NET Developer/ Ontario Ministry of Education
Jan - Apr 2017

I built, tested, and deployed two scalable and highly available AngularJS and .Net web applications of "PFAAMC" and "PFAAMU" concurrently. C#, TypeScript, CSS, and HTML are the main programming languages used in these web applications. I also created multiple PL/SQL packages and stored procedures for the Oracle database.


Project Lead Developer/ Korpico (Part-time)
Dec 2016 - Mar 2017

I led a team of five to create the website korpico.com from gathering requirements to a fully functional WordPress website. I planned, executed, and controlled assigned projects to ensure work performed complied with the requirements. I closely collaborated with project members to identify and effectively address problems.


Software Developer/ The Nielson Company
May - Aug 2016

I implemented two private web applications, from setting up TFS and IIS to functional applications. They are coded in EXT-JS and C#. I also implemented scripts and procedures for Oracle (PL/SQL) and SQL (T-SQL) databases.


Information Security Coordinator/ CIBC
Sep - Dec 2015

I successfully automated the process of generating multiple security reports using VBA and HTA. I also created Excel and Outlook VBA Macros and scripts using VBScript


Web and System Administrator/ Encubate (Part-time)
Aug - Oct 2015

I managed, developed, designed, and translated the website farsi.encubate.ca. I also managed, implemented, and designed the website arabic.encubate.ca. Additionally, improved, and updated the website encubate.ca.


Internal Infrastructure Specialist/ T4G Limited
Jan - Apr 2015

I created scripts in Microsoft PowerShell to ease the account management. I also provided IT support and created and modified MS SharePoint and FTP sites. Additionally, I managed accounts on MS AD and Exchange.


Education

University of Waterloo
2021 - Current (Expected 2025)

Doctor of Philosophy - PhD, Computer Engineering (Computer Software)


University of Waterloo
2019 - 2021

Master of Applied Science, Computer Engineering (Computer Software)

Thesis: Security Analysis Methods for Detection and Repair of DoS Vulnerabilities in Smart Contracts


University of Waterloo
2014 - 2019

Bachelor of Applied Science, Computer Engineering


Awards

2020 UBRI Innovator / Ripple Impact
Oct 2020

Research Breakthrough in Blockchain