Research Scientist
CurrentAs part of the Senior Staff, I'm leading two core projects at QCRI, namely Fanar LLM Apps (e.g., TokenX, aiXamine) and the Cybersecurity Initiative for Blockchain Research. This involves leading cross-functional development among teams of 10+ scientists and engineers, working with local stakeholders and focal points to scope out new use cases across various government and business entities, leading the development of quick MVPs for use case validation, reading and writing research papers in… Show more As part of the Senior Staff, I'm leading two core projects at QCRI, namely Fanar LLM Apps (e.g., TokenX, aiXamine) and the Cybersecurity Initiative for Blockchain Research. This involves leading cross-functional development among teams of 10+ scientists and engineers, working with local stakeholders and focal points to scope out new use cases across various government and business entities, leading the development of quick MVPs for use case validation, reading and writing research papers in AI/ML, cybersecurity, and blockchain, leading the evaluation and benchmarking of products under development, meeting with internal and external stakeholders for status updates and feedback, and exploring commercialization opportunities.Before that, in collaboration with UBC, I designed and implemented a system for analyzing cryptographic API (mis)use in Android applications. The system was used to analyze more than 120K applications, which include apps of major Qatari stakeholders who accordingly patched their apps.In collaboration with Ooredoo, I designed and developed a real-time processing platform for analyzing DRDoS attacks. The system is used for analytics and visualization of these attacks that pass through Qatari ISPs using locally deployed honeypots. The system was deployed by Ooredoo to find the best access control rules that save network bandwidth by blocking the traffic which is attributed to pass-through DRDoS attacks.In collaboration with QU, I designed and implemented a method to show the feasibility of deanonymizing Tor hidden service users by exploiting public Bitcoin information. Using Bitcoin addresses from 88 hidden services, five billion tweets, and one million BitcoinTalk forum pages, the method was able to link 125 unique users to various hidden services, including sensitive ones, such as The Pirate Bay, Silk Road, and WikiLeaks. This work resulted in a private briefing to the US FTC, in addition to worldwide news coverage. Show less