Currently at UvA (IViR)
(Last updated on 2022-08-04.)

I am a post-doctoral research scientist currently affiliated with the university of Amsterdam. My current research is within ICDS, a joint research initiative from the University of Amsterdam's Institute for Information Law (IVIR) and the university's School of Communication Research (ASCoR) that focuses on the way AI and algorithms affect society. Previously, I held a post-doctoral research position at Delft university of Technology's Cybersecurity Group. My research focus, generally stated, is on problems that arise from our ubiquitous shift to using information and communication technologies.

While information and communication technologies bring about many exciting opportunities, they also introduce complex societal problems. For instance, people loosing their savings due to some online phishing attack that steals their banking credentials, hacked toasters and fridges causing Internet outages, or even election outcomes being swung with micro-targeted online advertising and misinformation on online social media platforms. These are all examples of the types of complex problems that are brought about, are extremely difficult to tackle, and require interdisciplinary and evidence based approaches to solve. My research therefore, blends my computer science background with empirical research and other broader interdisciplinary areas of inquiry to help measure, understand, and find solutions to such problems, whether through technical means,or through non-technical means like aligning economic incentives, policy or regulation.

My work has been published in top-tier academic venues and covered in both national (Dutch) and International news/media outlets (see News section below). Parts of my work has also been used by the Dutch high-tech crime police unit, in legal hearings, and some continues to be employed in Dutch policy making context. For an overview of some of my peer-reviewed research publications you can refer to the publication list below.

You may also refer to the ICDS and cybersecurity group webpages for broader information on some of the research that I am involved in or have contributed to.

My Research

Peer Reviewed Publications

Other platforms

News

Coverage of my Research/Projects + Personal News

Follow the Money Political Advertising Dashboard
(Transparency in Political Advertising)

We have been busy bees and even managed to help the popular Dutch online blog Follow the Money build their own online political advertising dashboard for the 2021 Dutch Elections. Available at: dashboard (in Dutch)
Media Coverage of our Dutch Election Dashboard
(Transparency in Political Advertising)

Our Dutch political advertising dashboard has been a great success and we have been seeing great coverage of our work in Dutch media. It is wonderful to see this. Below some links to some of the articles/stories covering and discussing our dashboard.
NRC Coverage of my Doctoral Research
The Phenomen of Bad Hosting

The NRC has published an article discussing the phenomenon of `Bad Hosting', also covering in part some of my PhD work. This is the second time that a major outlet has covered my PhD work making me really proud. They didn't approach myself for an interview (similar to when the New Yorker also covered my research) but that doesn't make me any less proud. The article features an interview with Michel van Eeten, my PhD advisor, in which he discusses parts of my PhD work. The article is now behind a paywall (as most articles are these days) but I will include the link here anyway because it tells a fascinating story about a notorious Dutch hosting company and how difficult it is to deal with `Bad Hosting' in practice. It is definitely worth the read. What I also find interesting in addition to what is discussed in the article is that with current developments around the European Digital Services and Digital Markets Act proposals (DSA/DMA), a lot will probably change within the hosting world in terms of regulation, and so there will be a lot of questions with respect to their impacts on the phenomenon of bad hosting that need to be answered.
Letter of complaint to ACM Regarding 2020 Turing Award Selection
On the selection of Jeffery Ullman

I have decided to sign on to this letter of complaint to the ACM for their selection of Jeffery Ullman as a recipient of the 2020 Turing Award, despite his troubling statements. The Turing award is widely regarded as the highest distinction in computing, and the bestowal of the award to prof. Ullman goes against the spirit of the person whom this award is named after. A short thread on why I have decided to sign on via this link.
Launch of our Dutch Election Observatory
(Transparency in Political Advertising on Social Media Platforms)

Exicited to annouce the launch of our Dutch Election Observatory with the aim of bringing about transparency into the use of micro-targeted advertising on social media platforms in the upcoming 2021 Dutch parliamentary elections. Our Dashboard will be frequently updated and showing our most recent analysis of data liberated from the political ad archives of social media platforms like Facebook, Instagram and Google. A hugely exciting part of this experiment is that that we will also be analysing and discussing the limitations of current social platform transparency practices and the the limited advertising data which they release to the public with a specific focus on how this could/should be improved. We believe that through this observatory experiment, the limitations of current social media platform transparency practices can be better understood in a real-world practical setting, and that our experiment can provide extremely useful input to European efforts on regulating social media platforms and limiting their societal harms.
Hello UvA/IViR, Goodbye TU-Delft
(Societal Impact of Political Micro-Targeting)

I have joined IViR (University of Amsterdam) since Oct. 2019 as a computer scientist to study the societal effects of political ads on platforms like facebook.
The project is an integral part of the Information, Communication & The Data Society (ICDS) initiative headed by Prof. Natali Helberger and Prof. Claes De Vreese, which investigates the ways AI and algorithms affect the role, impact and regulation of information and communication in the Data Society. Our team of researchers consists of Natali, Clases, as well as Prof. Beate Roessler, Dr. Eva Groen-Reijman, Dr. Tom Dobber and Fabio Votta.
This of course also means that I will be leaving TU-Delft after a long affliation with the univeristy and a city which I have liked soo much. I still maintain research collaboration as a guest researcher with the cyber security research group at Delft University of Technology's TPM faculty headed by Prof Michel van Eeten where I have and continue to examine problems in the cross section of Internet security, economics, governance, and policy.
The New Yorker Coverage of my Bullet-Proof Hosting Research Article
#Bullet-Proof Hosting

The New Yorker has published an article discussing of the phenomenon of `Bullet-Proof Hosting' featuring my research into a notorious Bullet-Proof hosting company which was done in collaboration with the Dutch high-tech crime police. As an academic I must admit that it is quite exciting when a major magazine covers your work. The New Yorker have interviewed my former advisor Michel van Eeten, in which he discusses our research. The article is well worth the read, if I may say so, because it also paints a story with much more exciting details that is usually missing from academic research articles.
Ph(D)ONE!
Thesis Defended

I have succesfully defended my thesis and can now use the title of Doctor!
My doctoral research, focuses on measurements of harmful content, and cybercrime on the Internet, particularly in the hosting sector, and investigates security incentives within the global hosting companies market. My research lays the case for an evidence-based approach to policy making and what could be done to improve the notoriously bad state of security in the Dutch hosting market.
Krebs on Security Blog Post featuring my Research
#Bullet-Proof Hosting

Brian Krebs of the infamous Krebs on Security blog has covered my research article on bullet-proof hosting in a fascinating post discussing some of the real world challenges of dealing with the phonemonon of bullet-proof hosting. Criminals that willingly provide hosting services on the Internet and thereby facilitate lots of cybercrime. One of my main findings in this work is that the bullet-proof hosting business seems to be not so profitable as many have imagined them to be. My research is the first to have looked at the finances of such a business. What I have also come to realize after doing this research is that the `Economics of Cybersecurity' needs to have a harder look at and understanding of how cybercriminals make money. Something which interestingly enough some key figures of the field like Prof Ross Anderson and colleagues have also been apparently recently thinking of and publishing about: "Cybercrime gangs as tech startups"
Projects

Involved In

  • PMT - Political Micro-Targeting: Safeguarding Public Values
  • MINIONS - Mitigating IOT-based DDoS attacks via the DNS
  • REMEDI3S - Reputation Metrics Design to Improve Intermediary Incentives for Security - PhD Research
  • REMEDI3S-TLD - Reputation Metrics Design to Improve Intermediary Incentives for Security of TLDs
  • Clean Netherlands (Nederland Schoon) - Collaboration with Dutch Law Enforcement, Public Prosecutor and Market Authority to Measure Online Abuse of Dutch Hosting Provider Industry

Reviewing and other Community Contributions

I currently serve as a PC member on the European IEEE Security and Privacy collocated workshop on Traffic Measurements for Cybersecurity (WTMC) and do academic reviewing on an ad-hoc per request basis. I generally accept reviewing work that falls within in my areas expertise: Internet measurements, and economics of cybersecurity and more broadly empirical cybersecurity research. Feel free to contact me regarding reviewing inquires that falls within my expertise.

Code & Datasets

As a researcher I have developed or contributed to the development of tools which may be useful to others researchers and engineers. The most useful of these is probably pyasn. Pyasn is a python package that, allows one to historically lookup IP address to Autonomous System mappings from raw BGP data. In simpler language to find out in which network an IP addresses resided over different points of time. Below you will find a link to its source code and other useful information.

More recently, I have been working on padsxiv. It is a tool to collect extensive data from social media platforms' so-called (political) ad-libraries. with the purpose of making data collection, archiving, and analysis more accessible and easy. padsXiv can for instance be used to collect data on all political ads that ran in the US 2020 elections on Facebook's platforms retrospectively, or to collect ad data on the current ongoing elections as events are happening. A distintive feature of the tool is that the data it collects includes the images and videos that run along side ads which is part of the data not provided by the platforms through their standard APIs by default, nor via other transparency tools. If you are interested in this tool feel please contact me as it is still underdevelopment and not publicly available (yet).

Along side padsxiv, I'm also currently working on an political ads archiving project, to automatically collect all political-ads from social media platforms using padsxiv, on a daily basis, and further enrich the data with automatically transcribed video text, as well as extracted information from ad images, to enable more deep topic and context analysis. and extract text format content form archived ad images. If this is something that interests you don't hesititate to contact me as I am looking for funding to make this happen on a large scale.

pyasn
Historical ASN Lookup
padsXiv
Tool for Archiving of Political Ads

Resume

Data Science & Programming Skills
Data
I have strong data scraping, wrangling, (parallel) processing, analysis, and visualization experience as a researcher. Most of my work is done with python these days (I can also find my way around in R). A lot of times, my research involves applying statistical and machine learning techniques to data; applying techniques such as regression, clustering, factor-analysis, classification, NLP are the bread and butter of my work.
Programing
I have strong professional experience with programming languages such as Python and Java, am well-versed in database technologies (MySql, Postgres, Elastic, Cloud) and am quite seasoned with Unix scripting, CLI, and networking topics as well as web technologies and cybersecurity related topics.
Positions
2020 - Current
Post-Doctoral Researcher
UvA, Amsterdam, The Netherlands
2019 - 2020
Post-Doctoral Researcher
TU-Delft, Delft, The Netherlands
2019
External Researcher
Dutch High-Tech Crime Police Unit
2014 - 2019
PhD Candidate
TU-Delft, Delft, The Netherlands
2012 - 2014
Researcher
TU-Delft, Delft, The Netherlands
2010 - 2012
Software Developer
TOPdesk, Delft, The Netherlands
2008 - 2009
Software Developer
West Consulting BV, Delft, The Netherlands
Education
2014 - 2020
PhD
TU-Delft, Delft, The Netherlands
2006 - 2010
MSc Computer Science
TU-Delft, Delft, The Netherlands
2001 - 2006
BSc Computer Science
University of Tehran, Tehran, Iran
Hobbies & Interests
  • Bouldering
  • Music & Piano
  • Contemporary Art

Teaching and Supervision

Teaching, Lectures and Talks
2016
Economics of Security - (MSc DelftX - WM0824)
Course Assistant
Faculty of TPM, TU-Delft, Delft, The Netherlands
International Grand Challenges - (MSc - EPA1101)
Guest Lectures
Faculty of TPM, TU-Delft, Delft, The Netherlands
2013‐14
(Sept. -- Jan.)
Artificial Intelligence Techniques (MSc – IN4010)
Lectures and Tutorials
Faculty of EECMS, TU-Delft, Delft, The Netherlands
2012 - 2014
Introduction to Artificial Intelligence
Guest Lectures
De Haagse Hogeschool, Den Haag, The Netherlands
Supervision

Below a list of MSc theses that I have supervised during my time at TU-Delft. TU-Delft MSc students that are still interested in working on economics of information security topics, can still contact me if they are interested in exploring options for their graduation work that are 'data analytics' heavy and want to try their hands at some programming experience specially with Python. I am still able to advise you as your external supervisor.

Supervised Theses
Brennen Bouwmeester
(Daily Supervisor)
Faculty of TPM, TU-Delft, Delft, The Netherlands
MSc Thesis Title
A Visit to the Crime Scene - Monitoring end-users during the remediation process of Mirai infected Internet of Things devices
Susanne Verstegen
(Advisor)
Faculty of TPM, TU-Delft, Delft, The Netherlands
MSc Thesis Title
Understanding the role of IoT end users in Mirai-Like bot remediation
Jan Koenders
(Daily Supervisor)
Faculty of TPM, TU-Delft, Delft, The Netherlands
MSc Thesis Title
The DDoS plague from a Law enforcement view - A data analytical approach to getting a deeper insight into DDoS reporting
Ryan Cheung
(Daily Supervisor)
Faculty of TPM, TU-Delft, Delft, The Netherlands
MSc Thesis Title
Targeting financial organisations with DDoS: a multi-sided perspective
Contact Information


Other platforms