Security Researcher & Fellow Founder

Dr.-Ing. Faezeh Nasrabadi

Information Security · Binary Analysis · Cryptographic Protocols · Formal Methods

I am Dr.-Ing. Faezeh Nasrabadi, a security researcher with a Ph.D. in Information Security from Saarland University, Germany. My doctoral research focused on developing a binary analysis platform for cryptographic protocols, with applications to verifying security properties of machine-code implementations.

My research interests include binary verification, cryptographic protocol analysis, side-channel resilience, symbolic execution, model extraction from closed-source implementations, reverse engineering, and formal methods in security. I have worked on projects involving ARMv8 and RISC-V machine code, WhatsApp protocol analysis, language composition frameworks, and secure data deduplication in cloud storage.

Email Call LinkedIn LinkedIn GitHub ORCID ORCID

Professional Experience

Fellow Founder, CISPA Helmholtz Center for Information Security, Germany

04/2026 – Present

  • Developing data-driven business cases and financial models to transition Ph.D. research (CryptoBAP) into a commercially viable cybersecurity product.
  • Leading market discovery and validation efforts to identify high-demand segments and ensure product-market fit.
[CryptoBAP]

Security Researcher, CISPA Helmholtz Center for Information Security, Germany

06/2020 – Present

  • Developed a methodology for analyzing cryptographic protocols against side-channel attacks, will appear at ACM CCS 2026.
  • Reverse-engineered WhatsApp using Ghidra and extracted its protocol model, will appear at ACM CCS 2026.
  • Developed a framework for combining languages with different atomic types, published at IEEE CSF 2025.
  • Developed a binary analysis framework to verify properties of cryptographic protocols implemented in ARMv8 and RISC-V machine code, published at ACM CCS 2023.

Security Researcher, CERT Lab, AmirKabir University of Technology, Iran

07/2019 – 05/2020

  • Conducted research on situational awareness in cybersecurity.
  • Researched defense mechanisms against attacks exploiting CVE vulnerabilities.

Security Researcher, Formal Lab, AmirKabir University of Technology, Iran

09/2016 – 01/2019

  • Researched cloud computing and secure storage systems.
  • Designed and analyzed a token-based, provably secure data deduplication scheme.

Security Researcher, Iran Telecom Research Center, Iran

07/2018 – 11/2018

  • Conducted blockchain security research.
  • Researched the strengths, weaknesses, opportunities, and threats of blockchain protocols.

Academic Background

Ph.D. in Information Security, Saarland University, Germany

06/2020 – 03/2026

  • Thesis: A Binary Analysis Platform for Cryptographic Protocols
[Thesis]

M.Sc. in Information Security, AmirKabir University of Technology, Iran

09/2016 – 01/2019

  • Thesis: A Provably Secure Scheme for Data Deduplication in Cloud

M.Sc. in Information Security, University of Passau, Germany

09/2017 – 03/2018

  • Exchange student for one semester.

B.Sc. in Software Engineering, Birjand University, Iran

09/2012 – 01/2016

  • Thesis: NFC-Based Automated Gate Access Control for Vehicles

Teaching Experience

Instructor, Saarland University, Germany

04/2023 – 03/2024

  • Formal Methods in Security, Winter Semester 2023
  • Formal Compiler Security, Summer Semester 2023

Instructor, AmirKabir University of Technology, Iran

09/2018 – 01/2020

  • Advanced Programming Lab, Summer Semester 2019
  • Computer Programming Lab, Winter Semester 2018 & 2019

Teaching Assistant, AmirKabir University of Technology, Iran

09/2018 – 01/2020

  • Applied Cryptography, Winter Semester 2019
  • Security Protocols, Summer Semester 2019
  • Database Security, Summer Semester 2019
  • Network Security, Winter Semester 2018

Teaching Assistant, Birjand University, Iran

09/2015 – 01/2016

  • The Theory of Languages, Winter Semester 2015
  • Design of Algorithms, Winter Semester 2015
  • Logic Circuits, Winter Semester 2015

Peer-Reviewed Papers

Automated Side-Channel Analysis of Cryptographic Protocol Implementations, Will appear at ACM CCS 2026

2026

  • Developed a methodology for analyzing cryptographic protocols against side-channel attacks.
  • Reverse-engineered WhatsApp using Ghidra and extracted its protocol model.
[Paper]

Parallel Composition of Languages, Published at IEEE CSF 2025

2025

  • Developed a framework for combining languages with different atomic types.
[Paper]

Binary Analysis Platform for Cryptographic Protocols, Published at ACM CCS 2023

2023

  • Developed a framework to verify properties of cryptographic protocols implemented in ARMv8 and RISC-V machine code.
[Paper]

Advisories & Vulnerability Reports

Cache-side channel advisory, Meta Bug Bounty Vulnerability Report

03/2025

  • Demonstrated a cache-side channel attack to construct WhatsApp users’ social graph.

Post-compromise security advisory, Meta Bug Bounty Vulnerability Report

11/2024

  • Demonstrated violations of WhatsApp’s post-compromise security using a clone attacker.

Message deletion advisory, Meta Bug Bounty Vulnerability Report

10/2024

  • Demonstrated how WhatsApp users could be prevented from deleting their messages by cloning.

Mentoring & Academic Service

Peer Mentor, Saarland University, Germany

05/2026 – Present

  • Managing a cybersecurity technical project by providing guidance and advice to a bachelor's student regarding challenges and development.

Peer Mentor, KTH Royal Institute of Technology, Sweden

02/2025 – 03/2026

  • Provided technical guidance to a Ph.D. student and advised a master’s student on research scope, challenges, and thesis progress.

Peer Advisor, Saarland University, Germany

05/2023 – 12/2024

  • Mentored two master’s students, guiding their research, analysis, and experiment development.

Honors & Recognition

Won DAAD Scholarship, German Academic Exchange Service (DAAD)

09/2017

  • Awarded for participation in the exchange program at the University of Passau, Germany based on academic merit and research potential.

Direct Admission to M.Sc., AmirKabir University of Technology

09/2016

  • Awarded for academic excellence.

Technical & Professional Skills

Programming Languages

C C++ Standard ML Python

Scripting, Assembly & Systems

Bash Scripting ARM Assembly Linux MacOS Docker

Reverse Engineering & Debugging

Ghidra LLDB GDB Frida

Formal Methods & Verification

HOL4 Isabelle ProVerif Tamarin DeepSec CryptoVerif

Typesetting & Office Tools

LaTeX Microsoft Office

Soft Skills

Communication Problem Solving Proactive Learning Self-Management Teamwork Independence

Languages

Persian: Native English: C1 German: B1

Let’s Connect

I am based in Saarbrücken, Germany, and available for research, collaboration, academic exchange, and security-related opportunities.

Email Call LinkedIn LinkedIn GitHub ORCID ORCID