I have a Ph.D. degree in Computer Networks from the Shiraz University of Technology. I am interested in cybersecurity researches, such as malware detection through innovative Machine Learning (ML) techniques. I have some experiences in Static, Dynamic, and Hybrid analysis of Ransomware malware samples. My interest in cybersecurity led to establishing an especial laboratory for computer and network security at the Department of Computer and Information Technology of the Shiraz University of Technology. During my Ph.D. project, I created a new Testbed for malware analysis called "Systematic Python Auto Testbed." It has the capability of executing malware samples automatically & remotely in a real and controlled environment to help security researchers in the field of malware analysis to analyze samples behavior when they are executing by Operating System (OS). I also created a unique dataset of ransomware "System Calls" collected by my developed Testbed which is now publicly available on Github for all researchers around the world. I also worked on detecting Botnets by taking advantage of novel customized features extracted by deep learning techniques, specifically Deep AutoEncoders from inbound and outbound network traffics. So far, I've been able to publish in some authoritative journals, namely IEEE Transactions, Elsevier and Wiley, in the field of cybersecurity. I have gained a lot of teamworking/research experience with international professors in Canada and the United States of America. Recently, I am getting involved with practical adversarial learning to investigate Artificial Intelligent agents to propose more robust detection systems against adversarial attacks, and I am also studying on detection of CryptoMining malware.


Khaje Nasir Toosi University of Technology, Tehran

Sep 2010- Sep 2012
Master's Degree

Shiraz University of Technology, Shiraz

Sep 2013- Feb 2018
Doctoral Degree (Ph.D.)

Employment History

Iran Telecommunication Research Center (ITRC)

Jul 2019 - Present
Cybersecurity and New Technologies Consultant

Shiraz University of Technology

Jan 2014 - Mar 2018
Visiting Lecturer, Shiraz, Fars

Lar University

Sep 2017- Jul 2018
Visiting Lecturer, Lar, Fars

Jahad Daneshgahi University

Jan 2013- Dec 2017
Visiting Lecturer,  Shiraz, Fars

Highlighted Publications

Journal Papers

  1. An OpCode-Based Technique for Polymorphic Internet of Things Malware Detection, H. Darabian, A. Dehghantanha, S. Hashemi, S. Homayoun, K. K. Raymond Choo, Concurrency and Computation: Practice and Experience, Wiley, 2019 (JCR IF: 1.167[Q2]).
  2. Know Abnormal, Find Evil: Frequent Pattern Mining for Ransomware Threat Hunting and Intelligence, S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, R. Khayami, IEEE Transactions on Emerging Topics in Computing, IEEE, 2017 (JCR IF: 4.989[Q1])
  3. DRTHIS: Deep ransomware threat hunting and intelligence system at the fog layer, S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, R. Khayami, K. K. Raymond Choo, D.E Newton, Future Generation Computer Systems, Elsevier, 2018 (JCR IF: 5.768[Q1])
  4. Performance Analysis of Multiple Virtualized Servers, A. Jalili, S. Homayoun, M. Keshtgari, Computer Engineering and Application Journal, Vol. 4, No. 3, 2015.
  5. Efficient Intrusion Detection using Weighted K-Means Clustering and Naïve Bayes Classification, Y. Emami, M. Ahmadzadeh, M. Salehi, S. Homayoun, Journal of Emerging Trends in Computing and Information Sciences, Vol. 5, No. 8, 2014.

Conference Papers

  1. Integrating Privacy Enhancing Techniques into Blockchains Using Sidechains, R. M. Parizi, S. Homayoun, A. Yazdinejad, A. Dehghantanha, K. K. Raymond Choo, IEEE 32nd Canadian Conference of Electrical and Computer Engineering (IEEE CCECE), Edmonton, AB, Canada, May 5-8, 2019.
  2. A Blockchain-based Framework for Detecting Malicious Mobile Applications in App Stores, S. Homayoun, A. Dehghantanha, R. M. Parizi, K. K. Raymond Choo, IEEE 32nd Canadian Conference of Electrical and Computer Engineering (IEEE CCECE), Edmonton, AB, Canada, May 5-8, 2019.
  3. Botnets: Classifications and Detection Techniques (in Farsi), S. Homayoun, M. Ahmadzadeh, 3rd International Conference on Applied Research in Computer and IT, Tehran, 2015.

Book Chapters

  1. Private Cloud Storage Forensics: Seafile as a Case Study, Y. Y. Teing, S. Homayoun, A. Dehghantanha, K. K. Raymond Choo, R. M. Parizi, M. Hammoudeh,G. Epiphaniou, Handbook of Big Data and IoT Security, Book Chapter, Springer, 2019.
  2. BoTShark: A Deep Learning Approach for Botnet Traffic Detection, S. Homayoun, M. Ahmadzadeh, A. Dehghantanha, R. Khayami, Cyber Threat Intelligence, Book Chapter, Springer, 2018.
  3. Forensics Investigation of OpenFlow-Based SDN Platform, M. K. Pandya, S. Homayoun, A. Dehghantanha, Cyber Threat Intelligence, Book Chapter, Springer, 2018.

Reviewing Journals

  1. IEEE Transactions on Big Data (IEEE)
  2. Computers And Electrical Engineering (Elsevier)
  3. Future Generation Computer Systems (Elsevier)
  4. Journal of Systems Architecture (Elsevier)


  • Designing an innovative Source Code Engine for Generating Equivalent Mathematical Equations:
    • This project gets a complicated mathematical equation, and generate several equivalent formulas with the same inputs and outputs. This project is useful for changing a software signature to escape detection by detection engines. The output of this project is the assembly source codes of the entered formula with the capability of replacing the main equation directly.
  • Combining Onion Routing and Garlic Routing to Design a New Peer-to-Peer Network Similar to Tor:
    • As the information is passing through so many routers on the Internet and servers, or data is actually residing on some server, anyone who can gain access can fetch that information. This project attempts to bring  Anonymous Data Transmission between senders and receivers of a data chunk while intermediate routers never find the sender and receiver identities. I also provided a new tool for evaluating the performance of tor-like networks to compare different networks.

International Collaboration

I am an active member of the Cyber Science Lab (CSL).
I also have collaboration with the following international professors:

  • Kim-Kwang Raymond Choo, Associate Professor & Cloud Technology Endowed Professorship at the University of Texas at San Antonio.
  • Ali Dehghantanha, Director of Cyber Science Lab in the School of Computer Science, University of Guelph (UofG), Ontario, Canada.
  • Reza M. Parizi, Kennesaw State University, USA.

Skills & Proficiency

  • Malware Analysis
  • Sandboxing
  • Data Analysis with Python
  • Machine Learning
  • Deep Learning
  • Blockchain Technology
  • ISMS
  • CCNA (Cisco Certified Network Associate)
  • Programming (Python, C#, Java, C, C++)
  • Trading Experts language (MQL).


Dr. Ali Dehghantanha
Ph.D. Advisor, Cyber Science Lab, University of Guelph, Guelph, Ontario, Canada,

Dr. Sattar Hashemi
Ph.D. Advisor, Shiraz University Engineering Faculty Building, Mollasadra St., Shiraz, Fars, Iran

Dr. Raouf Khayami
Ph.D. Supervisor, Shiraz University of Technology IT and Computer Engineering Faculty, Shiraz University of Technology, Modarres Boulevard, Shiraz, Fars, Iran

Dr. Marzieh Ahmadzadeh
Ph.D. Supervisor, University of Toronto - St. George Campus, University of Toronto

Dr. Reza Javidan
Ph.D. Referee, Shiraz University of Technology, IT and Computer Engineering Faculty, Shiraz University of Technology, Modarres Boulevard, Shiraz, Fars, Iran