I am a Ph.D. candidate at Dependable Systems Lab (Department of Electrical and Computer Engineering at UBC) under supervision of Prof. Karthik Pattabiraman. I received my M.Sc. degree from Computer Engineering at Sharif University of Technology in Smart and Secure Systems (3S) Laboratory in 2020, and my B.Sc. degree from the University of Isfahan in Computer Software Engineering in 2018. My research interests lie in Security in Embedded Devices, Compilers, Machine Learning and Autonomous Systems.
Research Title: Enhancing Security in Critical Embedded Devices
Supervisor: Prof. Karthik Pattabiraman
GPA: 90 / 100 (A+)
Thesis Title: Improving Remote Attestation Techniques for IoT Devices using Physical Model
Supervisor: Dr. Siavash Bayat-Sarmadi
GPA: 19.37 / 20
Thesis Title: Design and implementation of an access control solution for Hybrid Mobile Applications
Supervisor: Dr. Behrouz Tork Ladani
GPA: 17.3 / 20
Abstract: Real-time embedded devices like medical or industrial devices are increasingly targeted by cyber-attacks. Prompt patching is crucial to mitigate the serious consequences of such attacks on these devices. Hotpatching is an approach to apply a patch to mission-critical embedded devices without rebooting them. However, existing hotpatching approaches require developers to manually write the hotpatch for target systems, which is time-consuming and error-prone. To address these issues, we propose AutoPatch, a new hotpatching technique that automatically generates functionally equivalent hotpatches via static analysis of the official patches. AutoPatch introduces a new software triggering approach that supports diverse embedded devices, and preserves the functionality of the official patch. In contrast to prior work, AutoPatch does not rely on hardware support for triggering patches, or on executing patches in specialized virtual machines. We implemented AutoPatch using the LLVM compiler, and evaluated its efficiency, effectiveness and generality using 62 real CVEs on four embedded devices with different specifications and architectures running popular RTOSes. We found that AutoPatch can fix more than 90% of CVEs, and resolve the vulnerability successfully. The results revealed an average total delay of less than 12.7 μs for fixing the vulnerabilities, representing a performance improvement of 50% over RapidPatch, a state-of-the-art approach. Further, our memory overhead, on average, was slightly lower than theirs (23%). Finally, AutoPatch was able to generate hotpatches for all four devices without any modifications.
Available: https://arxiv.org/abs/2408.15372
Abstract: In order to guarantee the security of industrial control system (ICS) processes, the proper functioning of the programmable logic controllers (PLCs) must be ensured. In particular, cyber-attacks can manipulate the PLC control logic program and cause terrible damage that jeopardize people's life when bringing the state of the critical system into an unreliable state. Unfortunately, no remote attestation technique has yet been proposed that can validate the PLC control logic program using a physics-based model that demonstrates device behavior. In this paper, we propose PLCDefender, a mitigation method that combines hybrid remote attestation technique with a physics-based model to preserve the control behavior integrity of ICS. We implemented PLCDefender and evaluated its effectiveness against a wide range of attacks on a Secure Water Treatment (SWaT) facility. As our evaluation shows, we can model PLC physical behavior with accuracy as high as 98%. The evaluation results show that by determining the different threshold values, PLCDefender can accurately detect a wide range of attack scenarios on PLCs.
Available: https://ieeexplore.ieee.org/document/9269427
Abstract:The number of real-time embedded devices is increasing, especially in critical places such as industrial and medical devices. These devices are the target of many security attacks; therefore, their security must be ensured, and existing vulnerabilities must be fixed immediately. Typical update approaches require rebooting or halting the devices for an unpredictable time, and are hence not applicable for real-time embedded devices such as medical devices, which must run continuously without rebooting. Hotpatching, which patches the code without rebooting the device, has been used in this context. However, existing hotpatching methods %have problems such as writing the patch by the human require manual effort from programmers that is error-prone and time-consuming. Further, little attention has been paid to these techniques for real-time embedded devices. This paper proposes AutoPatch, the first automatic hotpatching approach for real-time embedded devices. AutoPatch automatically analyzes the official patch to extract its semantics using predicate abstraction, and generates a semantically equivalent patch called hotpatch. Our initial results show that AutoPatch can automatically generate hotpatches correctly based on the official patches (i.e., real-world CVEs) using program analysis. We also validate that the generated hotpatch can fix the vulnerabilities without rebooting or halting the devices.
Available: https://dl.acm.org/doi/abs/10.1145/3548606.3563534
Instructor: Prof. Karthik Pattabiraman
Instructor: Prof. Karthik Pattabiraman
Instructor: Prof. Karthik Pattabiraman
Instructor: Prof. Paul Lusina
Instructor: Prof. Jerry Jim
Instructor: Dr. Siavash Bayat-Sarmadi
Instructor: Dr. Siavash Bayat-Sarmadi
In this internship, I was a member of R&D group, and I learned the Spring and Spring Security frameworks during luv2code courses. Also, I developed 50 Java language-based applications with Spring and Spring Security frameworks.
I developed an Android-based application for Rasoul Amin that contains hundreds of stories for children.
I developed three Android applications for CafeBazaar with about 50,000 user installations. Cafebazaar is a platform like Google Play for downloading Android applications.
Developing a game that is called "Bobby is going home" with java language.
Developing a game that is called "Minesweeper" with c++ language.