About memy stats
Information About me
I hold a PhD degree in cryptography and security from Sorbonne Doctoral School. I also hold a diploma of engineering from Telecom ParisTech in CyberSecurity. Currently, I am focusing on the security of Web 3.0. I work at Dedaub as a security reviewer for decentralized protocols. Before joining Dedaub, I spent 2 years developing cryptography C libraries at NXP Semiconductors.
I also worked for 3 years in the the R&D department of Thales where I designed novel cryptography and network security solutions.
Away from my desk, I enjoy playing chess and doing sport. My favorite sports are football and hiking.
7
Research publications
10+
Open-source projects
6
Years of experience
My Skills
Previous Employments
Web 3 Security Researcher -Dedaub (Full Remote)
Performing security reviews for DApps and Smart Contracts.
Crypto Developer - NXP Semiconductors (Toulouse, France)
Developing cryptography C libraries for embedded devices.
Research Engineer - THALES SIX GTS (Paris, France)
Designing and developing cutting-edge network security solutions.
Research Internship - Stevens Institute of Technology (Hoboken, USA)
Reducing the attack surface of user programs by removing unwanted features from programs using dynamic and static binary analysis.
Research Internship - EURECOM (Sophia Antipolis, France)
Designing a privacy-preserving neural networks using multi-party computation.
Penetration Tester - NetRom Consultants (Jounieh, Lebanon)
Black box and white box website penetration testing and on-site network pentesting.
Education
Ph.D. - University of Sorbonne
Philosophy Degree in IoT Security (Bac+8).
Diploma in Engineering - Telecom ParisTech (EURECOM)
Diploma in cybersecurity engineering. Equivalent to a masters degree (Bac+5)
Diploma in Engineering - Lebanese University
Diploma in telecomunication engineering. Equivalent to a masters degree (Bac+5)
My ProjectsMy Work
Here is a selection of my work in several programming languages. The source code of all these projects is accessible on Github
Secure and Fault-Tolerant Aggregation
This is an implementation of the protocol presented here . The protocol aims to preserve the privacy of federated learning clients by encrypting their model updates. The encryption is additively homomorphic such that the federated learning average can be computed on the encrypted inputs.
Distributed Anomaly Detection in IoT networks
A framework for training machine learning models for anomaly detection using realtime IoT network traffic. The frameworks enables training multiple models for different types of IoT devices. It can also collect traffic generated in several networks and train in real time.
Encryption Scheme
An implementation of Joye-Libert Encryption scheme for secure aggregation (defined here) This is the first and only public available implementation of the scheme.
Secret Sharing over the Integers
An implementation of the special Secret Sharing scheme which works over integers values (defined here). The scheme allows Shamir's secret sharing scheme to be used with secrets and polynomials that are not in a field.
Simulation of IoT Remote Attestation using OMNet++
This is a simulation of the protocol proposed here. FADIA is a collaborative remote attestation protocol designed to verify the software integrity of millions of devices on the network in a scalable way.
Privacy Preserving Neural Networks
Designing neural networks using secure multi-party computation. The tool enables two parties two evaluate a private machine learning model on private inputs. The details of the scheme are presented here.
Plugin for Radare2
Radare2 is an open-source reverse engineering tool. This project implements a plugin for Radare2 which serves as a clients for FIRST server. The Function Identification and Recover Signature Tool (FIRST) developed by Talos, is a framework to help reverse engineers. It makes finding similar functions easier by searching function metadata.
Benchmarks of Binary Similarity Tools
This project aims to evaluate existing function similarity techniques. It contains a database of programs, compiled for different architectures, using different compilers and several compiler flags. Using the database we benchmark the state-of-the art diffing tools.
Automated analysis of PCAP files
Conan is a network traffic analyzer that investigates pcap file, it reads the packets, reassembles all the TCP connections in the network trace, and for each connection it looks for any ambiguities.
My PublicationsResearch
Mohamad Mansouri . Performance and Verifiability of IoT Security Protocols (2023). Cryptography and Security. Sorbonne Université, 2023.
Mohamad Mansouri , Melek Önen, Wafa Ben Jaballah, and Mauro Conti. Sok: Secure aggregation based on cryptographic scheme for federated learning (2023). Proceedings on Privacy Enhancing Technologies 2023 (PETS'23)
Mohamad Mansouri , Jun Xu, and Georgios Portokalidis. Eliminating Vulnerabilities by Disabling Unwanted Functionality in Binary Programs. (2023). Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIA CCS'23)
Mohamad Mansouri , Melek Önen, and Wafa Ben Jaballah. Learning from failures: Secure and fault-tolerant secure aggregation for federated learning (2022). Proceedings of the 38th Annual Computer Security Applications Conference (ACSAC '22)
Andrea Marcelli, Mariano Graziano, Xabier Ugarte-Pedrero, Yannick Fratantonio, Mohamad Mansouri , and Davide Balzarotti. How machine learning is solving the binary function similarity problem (2022). 31st usenix security symposium, Boston, MA, USA (Usenix'22).
Mohamad Mansouri , Wafa Ben Jaballah, Melek Önen, Md Masoom Rabbani, and Mauro Conti. FADIA: fairness-driven collaborative remote attestation (2021). Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec '21).
Contact MeContact
Contact me here
Do you have a nice project?! I'm very interested in helping. Please don't hesitate to contact me.
Toulouse, France
mohamad_mansouri (at) outlook.com
+33 6 25 O8 O8 25