Moein Shafi
Cybersecurity Specialist
Hi there!
My name is Mohammad Moein Shafi, natively written as محمد معین شفی .
I'm a Cybersecurity Specialist at Behaviour-Centric Cybersecurity Center (BCCC) @
York University.
- From: Isfahan, Iran
- Lives In: Toronto, Canada
- Last Update: Sep 2024
As a Cybersecurity R&D Specialist with a deep focus on IoT behavior profiling, advanced machine learning techniques,
and comprehensive computer network analysis, I am dedicated to developing innovative solutions to address today’s most pressing security challenges.
My expertise spans IoT protocols, ML/DL for Intrusion Detection, and cloud-based security solutions.
I also have a strong background in threat analysis, including network traffic examination and malware behavior profiling.
With a solid background in Python development and extensive open-source contributions,
I am passionate about leveraging cutting-edge technology to enhance network security in different domains.
Areas of Expertise
Cybersecurity
Internet of Things
Machine Learning
Computer Networks
Cloud Computing
Technical Skills
Programming Languages
Python
C/C++
Java
Bash & Shell Scripting
IoT Protocols
Z-Wave
ZigBee
MQTT
EtherCat
Cloud Platforms
AWS (EC2, S3, IAM)
Traffic Management & Firewall Configuration
Networking
TCP/IP
DNS
Traffic Analysis (Wireshark, Zabbix)
Cybersecurity
Intrusion Detection Systems (IDS)
Threat Detection
Malware Analysis
IoT Security and Device Profiling
Infrastructure & DevOps
Docker
Jenkins
CMake
Work Experience
-
May 2022 - Present
Cyber Security Specialist
Behaviour-Centric Cybersecurity Center (BCCC)Full-Time Tehran, IRMy role involves deep technical engagement in the following areas:
📱 IoT Behavior Profiling and Analysis
I led the development of the largest IoT Smart Home dataset by designing and implementing a dual-frequency traffic capturing system for Z-Wave (908 MHz) and IP-based network traffic (Ethernet, 2.4 GHz). This project involved executing 120 Z-Wave-specific attacks and 110 network-based attacks, capturing and analyzing comprehensive traffic data. I created specialized data analyzers to convert raw traffic data into structured formats, extracting key features for advanced threat analysis. Using Graph Learning techniques, I developed a sophisticated detection and Profiling model that significantly enhances threat detection accuracy in IoT environments.
🌐 Network Traffic Analysis and Behavior Profiling
I spearheaded the design and development of the Network and Transport Layer Flow Analyzer (NTLFlowLyzer), a powerful tool for analyzing network traffic. I developed two advanced Intrusion Detection System (IDS) models leveraging Deep Learning and Neural Network architectures, which distinguish between benign and malicious network activities. As part of this project, I introduced the BCCC-CIC-IDS-2024 and BCCC-CSE-CIC-IDS-2024 datasets.
📡 Network Application Layer Traffic Analysis
I also led the development of ALFlowLyzer, an Application Layer Flow Analyzer focusing on DNS traffic in the first phase. By incorporating Deep Learning techniques, I designed a DNS profiling model that enhances the detection of malicious DNS behaviors. I introduced the BCCC-CIC-DNS-2024 dataset as part of this project. Also, I served as the first author of the corresponding research paper: Unveiling malicious DNS behavior profiling and generating benchmark dataset through application layer traffic analysis
In these roles, I employed advanced software development practices, including object-oriented design, parallel processing, clean coding, and SOLID principles. I managed multiple part-time researchers, overseeing their contributions, and maintained the project's GitHub repositories by addressing community feedback and managing pull requests. -
May 2022 - Jan 2024
Cyber Security Specialist
cPacketPart-Time Remote, CA, USI led the design and deployment of AWS Cloud environments for advanced network traffic analysis and DDoS attack detection. This collaboration involved close work with U.S. industry partners and focused on creating innovative solutions in network security.
🏆 Key Achievements:
🚀 BCCC-cPacket-Cloud-DDoS-2024 Dataset:
We introduced the BCCC-cPacket-Cloud-DDoS-2024 dataset, which captures comprehensive traffic data from simulated DDoS attacks in a cloud environment.
🤖 Benign User Profiler (BUP):
Developed and publicly released Benign User Profiler (BUP) tool that generates realistic benign traffic, which played a crucial role in modeling and analyzing normal network behavior alongside malicious traffic.
🛡️ DDoS Detection Model:
Designed and developed a sophisticated multi-layer DDoS detection and identification model, leveraging advanced Machine Learning algorithms to detect and Profile Attack Patterns with high accuracy.
📋 Roles and Responsibilities:
☁️ Cloud Architecture Setup:
I designed and configured a cloud environment on AWS to simulate a company's network structure, capturing and analyzing both incoming and outgoing traffic in response to various DDoS attacks.
🔥 DDoS Attack Execution:
Orchestrated and executed 17 different TCP-based DDoS attacks, creating realistic scenarios for data collection and analysis.
📚 Research and Publication:
I served as the first author of the corresponding research paper: Toward generating a new cloud-based Distributed Denial of Service (DDoS) dataset and cloud intrusion traffic characterization
🤝 Project Collaboration:
I worked closely with the BCCC manager and industry stakeholders, integrating their insights to refine the project outcomes and ensure the relevance of the research.
This project emphasized cloud security, network traffic analysis, and the application of machine learning to real-world DDoS attack detection, equipping me with strong expertise in cloud infrastructure and cybersecurity solutions. -
Jul 2019 - Aug 2022
Software Engineer
MahsanFull-Time Tehran, IRAs part of the Infrastructure Team, I addressed a wide range of networking challenges with a particular focus on optimizing performance and security in Ubuntu Linux environments. My work involved extensive use of the SNMP protocol, where I utilized C/C++ and Python to develop robust network management solutions.
In addition to my core responsibilities, I worked extensively with Docker and Jenkins to create automated build, testing, and deployment pipelines, improving the efficiency of development cycles. I also employed CMake for build automation, ensuring clean and modular code across large projects. For unit testing, I used gtest, which allowed for thorough validation of code functionality, especially in critical network-related features.
My experience with networking libraries such as Netmap, XDP, and Libpcap enabled me to implement advanced packet processing and network monitoring solutions. I frequently collaborated with cross-functional teams, ensuring smooth integration of new features, security patches, and system updates. Furthermore, I leveraged version control tools like Git and CI/CD practices to maintain code quality and minimize downtime.
One of my key projects was the enhancement of Ubuntu Linux security features, where I applied my skills in C/C++ and Python to develop system-level security improvements. This role exposed me to other critical tools and practices, such as network virtualization, continuous integration, and monitoring with tools like Zabbix.
This comprehensive experience gave me a solid foundation in Linux networking, security best practices, and automation techniques, equipping me to handle complex challenges in network performance and security optimization.
Education
-
Sep 2022 - Present
Master of Computer Science
Cybersecurity, Networking, and IoT Focus
York UniversityToronto, CAGPA: A
Thesis Titile: A Behavior-driven Model for Malicious Activity Detection in IoT Network Using Graph Learning.
Supervisor: Dr. Arash Habibi Lashkari, Canada Research Chair in Cybersecurity, Associate Professor, York University -
Sep 2017 - May 2022
Bachelor Computer Engineering
Software Engineering Focus
University of Tehran Tehran, IRGPA: A
Last 2 year's GPA: A+
Thesis Titile: Enhancing Network Performance through XDP: Strategies for Fast Packet Capture, Correction, and Injection.
Related Courses: Cyber Physical Systems (17.7/20), Artificial Intelligence (in progress), Computer Security (in progress), Operating Systems (18.5/20), Computer Networks (20/20), Internet Engineering (19.3/20), Software Engineering (19/20), Object Oriented Design Pattern (19.35/20), Principles of Compiler Design and Construction (18.5/20), Computer Aided Design (18.5/20), Design and Analysis of Algorithm, Principles of Database Design, Computer Architecture, Data Structures and Algorithm, Advanced Programming, Engineering Probability and Statistics.
References:
Dr. Naser Yazdani, Professor, University of Tehran
Dr. Mehdi Modarressi, Assistant Professor, University of Tehran
Dr. Saeed Safari, Associate Professor, University of Tehran
Education
-
Sep 2022 - Present
Master of Computer Science
Cybersecurity, Networking, and IoT Focus
York UniversityToronto, CAGPA: A
Thesis Titile: A Behavior-driven Model for Malicious Activity Detection in IoT Network Using Graph Learning.
Supervisor: Dr. Arash Habibi Lashkari, Canada Research Chair in Cybersecurity, Associate Professor, York University -
Sep 2017 - May 2022Tehran, IR
Titile:
Journal:
Date of Publications:
Citaitons:
Authors:
Dr. Naser Yazdani, Professor, University of Tehran
Dr. Mehdi Modarressi, Assistant Professor, University of Tehran
Dr. Saeed Safari, Associate Professor, University of Tehran
Abstract:
Teaching Assistant Experience
-
Winter 2024
-
Fall 2023
-
Winter 2023
-
Fall 2022
-
Winter 2022
-
Computer Aided Design
Location: University of Tehran Professors: Dr. Mehdi Modarressi, Dr. Mosatafa Ersali -
Fall 2021
-
Computer Aided Design
Location: University of Tehran Professors: Dr. Mehdi Modarressi, Dr. Mosatafa Ersali -
Introduction to Computing Systems and Programming
Location: University of Tehran Professor: Dr. Hadi Moradi -
Winter 2021
-
Fall 2020
-
Computer Aided Design
Location: University of Tehran Professors: Dr. Mehdi Modarressi, Dr. Mosatafa Ersali -
Introduction to Computing Systems and Programming
Location: University of Tehran Professors: Dr. Mahmoud Reza Hashemi, Dr. Hadi Moradi
