About Me
Hi! My name is Ashkan and I’m a Senior Staff Software Engineer at Palo Alto Networks, working at the intersection of cybersecurity and machine learning. I received my M.S. from Columbia University in 2017, and my B.A. in computer science and mathematics from UC Berkeley in 2015. I love hacking, modular synths, and learning new things. I’m a movie buff, a stream-of-consciousness fan, and an avid runner. I can speak and write in Farsi, Arabic, and English.
Experience
I’m part of the Threat Prevention team, where I build machine learning models and advanced heuristics to block malicious traffic on the wire.
Executed web applications, Android and iOS applications, and network penetration tests. Performed both white box, source assisted code reviews, and black box security audits, and provided recommendations to address discovered security vulnerabilities.
Reverse engineered malware samples of different families to harden Endgame’s VMI sand- box platform against evasion techniques, and wrote signatures for Endgame’s internal sandbox to detect process injection and lateral movement.
Wired various program analysis and symbolic execution tools such as KLEE and JPF-SE into an automated build pipeline for vulnerability detection during compile-time.
Education
Columbia University
MS in Computer Science
2016 - 2017
During my time at Columbia University I researched on techniques for speeding up malware reverse engineering as well as browser security. My research allowed me to land a role at Endgame Inc.
UC Berkeley
BA in Computer Science and Math
2013 - 2015
During my time at UC Berkeley I was a full time researcher at Berkeley Usable Security (BLUES) and Secure Computing Research for Users’ Benefit (SCRUB) labs. I also served as the co-captain and lead instructor of Cybersecurity Club. My research led to multiple publications, and I co-authored two papers that got accepted to USENIX and ACM ASIACCS.
Publications
- 2020 Phishing Trends With PDF Files
Ashkan Hosseini, Ashutosh Chitwadgi
Unit 42 Palo Alto Networks 2021 - Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques
Ashkan Hosseini
Endgame Security 2017 - Smart Locks: Lessons for Securing Commodity Internet of Things Devices
Grant Ho, Derek Leung, Pratyush Mishra, Ashkan Hosseini, David Wagner, and Dawn Song
ACM AsiaCCS 2016 - Android Permissions Remystified: A Field Study on Contextual Integrity
Primal Wijesekera, University of British Columbia; Arjun Baokar, Ashkan Hosseini, Serge Egelman, and David Wagner
USENIX Security 2015
Media
A Little More About Me
Alongside my interests in cybersecurity and software engineering some of my other interests and hobbies are:
- Sound Design: These days, I am mostly exploring FM synthesis, generating complex timbres by modulating the frequency of one sound with another.
- Songwriting: I enjoy collaborating with local artists here in the Bay Area. I am a huge fan of programming drum polyrhythms and incorporating them into genres such as “nu jazz” and “drum and bass”. You can find my some of my work on my Soundcloud page.