Omid Mirzaei


I am a security research lead in the email threat research team at Cisco Talos.
My journey in the cybersecurity domain began during my doctoral studies in the COmputer Security (COSEC) lab at University Carlos III of Madrid (UC3M), Spain, where I immersed myself in Android application triage, malware detection, and characterization — experiences that set the stage for a rewarding research career. This period was immediately followed by my graduate studies in artificial intelligence.
After earning my PhD, I joined the Systems Security Lab (SecLab) at Northeastern University in Boston, MA, serving as both a postdoctoral research associate and a part-time lecturer. During this period, I led a funded project to detect code reuse in advanced Windows malware used in targeted attacks. I also taught several courses on cybersecurity and on applying machine learning to cybersecurity at both the undergraduate and graduate levels.
My areas of expertise and interest include computer security, mobile security, the application of machine learning in security, and the development of more secure and trustworthy AI-based solutions. My dedication and contributions to the field have been recognized through numerous prestigious awards.
In my spare time, I channel my enthusiasm for the field by crafting engaging blog posts, usually focused on the threat research landscape, but also covering topics related to machine learning.
News
Mar 18, 2025 | The TechRadar has reported on my blog about CSS abuse in emails. |
Mar 18, 2025 | The MSN has reported on my blog about CSS abuse in emails. |
Mar 17, 2025 | The Hacker News has reported on my blog about CSS abuse in emails. |
Mar 17, 2025 | The GBHackers has reported on my blog about CSS abuse in emails. |
Mar 17, 2025 | The Cyber Security News has reported on my blog about CSS abuse in emails. |
Mar 13, 2025 | The Computer Emergency Response Team of the Austrian Government has reported on my blog about CSS abuse in emails. |
News Archive |
Selected Publications
DIMVA'21 | SCRUTINIZER: Detecting Code Reuse in Malware via Decompilation and Machine Learning. [PDF] |
ASIACCS'19 | AndrEnsemble: Leveraging API Ensembles to Characterize Android Malware Families. [PDF] |
FGCS | AndrODet: An Adaptive Android Obfuscation Detector. [PDF] |
ASIACCS'17 | TriFlow: Triaging Android Applications using Speculative Information Flows. [PDF] |
NODY | A New Image Encryption Method: Parallel Sub-Image Encryption with Hyper Chaos. [PDF] |
All Publications |