Behzad Ousat - PhD Researcher in Computer Science & ML Engineer

Professional Summary

Ph.D. Researcher Applied ML Engineer Site Reliability Engineer Software Engineer

I am a Ph.D. candidate at Florida International University, working as a Research Assistant at the Systems Security Lab (SecLab) under the supervision of Dr. Amin Kharraz. My research focuses on web and browser security, with an emphasis on applying data-driven and machine learning techniques to detect emerging threats at scale, analyzing LLM-based browser agents and automated interactions in the age of the agentic web. I also bring over five years of industry experience as a Site Reliability Engineer and Software Engineer, providing a strong foundation in building secure and scalable systems.

Education

2022 - 2026

Ph.D. Computer Science

Florida International University

2018 - 2021

M.Sc. Computer Engineering

Sharif University of Technology

2014 - 2018

B.Sc. Computer Engineering

University of Tehran

Professional Experience

Graduate Research Assistant

Florida International University

2022 - Present

Developed LLM-powered Browser Agents to bypass complex web challenges such as reCaptcha with over 90% success rate, demonstrating critical detection requirements in modern agentic web.
Implemented ML pipelines to classify users from browser interaction data, creating Time Series data collection, feature extraction, and model training using PyTorch, Scikit-Learn, and LLM services.
Built a text Captcha solving framework with 80% success rate in real-world websites in a single attempt by using Tensorflow Object Detection trained on data from over 1M websites.
Analyzed ecosystem-wide Vulnerability Trends by unifying GitHub Advisory and Snyk.io reports across 10+ package managers, uncovering CWE patterns, ecosystem differences, and malicious packages.
Detected zero-day anomalies within encrypted network flows by implementing Open Set Recognition models in TensorFlow, leveraging feature extraction on terabytes of PCAP data.
Led research projects in collaboration with faculty, students, and external teams, including Microsoft Security, contributing to open-source tools for user behavior analysis and phishing detection.

Platform Technical Team Lead

Tapsi

2017 - 2021

Ensured 99% uptime for 60 microservices by maintaining the infrastructure of over 100 Ubuntu servers for compute clusters and databases across Kubernetes, PostgreSQL, and MongoDB.
Led platform team to design and build Node.js and Python gRPC and Socket message passing libraries with integrated Prometheus and healthcheck probes for full observability in Grafana dashboards.
Accelerated rapid adoption of new technologies such as MinIO, Vault, Kafka, and Spark, researching and deploying production-ready solutions to enhance platform reliability and data processing capabilities.
Reduced deployment errors and established automated rollouts by implementing CI/CD pipelines to include canary-testing, staging, and production environments, utilizing Bash and Ansible.

DevOps Consultant

Image Analysis Group

08/2020 - 12/2020

Set up and maintained runtime environment and deployment pipeline using Java app engine on Google Cloud Platform.
Implemented data storage infrastructure including PostgreSQL and Kafka for scalable data management.

Machine Learning Engineer Intern

Fraunhofer IDMT

09/2019 - 12/2019

Developed a Deep Learning video analysis pipeline (OpenCV and CNN) to process 100+ hours of news broadcast data.
Enabled Multimodal Modeling of temporal visual data for studio scene frame classification.
Implemented automated Face Detection pipeline with 90%+ precision for frame-level annotation.

Co-Founder and Full Stack Developer

Lambede

08/2016 - 12/2017

Developed backend using Express.js to provide REST APIs for users, payments, and request matching.
Designed and developed frontend using jQuery for request submission forms.
Implemented Telegram Bot for automated notifications to agents.

Projects

Analyzing LLM-Based Browser Agents in Captcha Solving

Evaluated popular Captcha defenses against modern LLM agents, exposing limitations in trust mechanisms and detection. Built an automated solver using LLM-based browser agents to simulate human behavior and successfully bypass reCaptcha v3 in real-world deployments.

LLM-Powered Clinical Trial Matching

Developed an LLM-driven pipeline for eligibility matching with clinical trial protocols, leveraging Prompt Chaining to process 30K+ trial documents. Implemented Chat-with-PDF feature using RAG for interactive querying.

Analyzing Adversarial Payloads via Large Language Models

Collected and analyzed a corpus of 90K+ payloads from publicly exposed online forms. Performed comprehensive analysis using Open-source Large Language Models for payload classification.

Investigating Security Challenges in Open-Source Software

Analyzed vulnerability trends across 10+ ecosystems using GitHub Advisory and Snyk.io data. Identified common vulnerability types and compared distribution patterns, with detailed analysis of malicious packages in the NPM ecosystem.

Real-Time Browser Interaction Modeling

Developed a scalable pipeline for Multi-Modal browser interaction data collection and classification of 1.6B+ artifacts. Published research demonstrating advanced bot detection capabilities.

View Publication

Evaluating Resilience of Behavioral Bot Detection

Implemented Adversarial Machine Learning attacks (FGSM, Genetic Algorithm) to evaluate deep learning model robustness in practical scenarios.

View Publication

Adversarial Assessment of Text Captchas

Developed Object Detection module using Tensorflow to solve real-world text-based Captchas, achieving 80%+ success rate on samples from 1M+ top websites.

View Publication

Phishing Websites Detection

Investigated code reuse patterns in 300K+ phishing websites using Semi-Supervised Clustering, enabling scalable detection of malicious websites with similar origins.

Deep Open Set Analysis for Network Traffic

Built Feature Engineering pipelines for terabytes of PCAP data and implemented Open Set Recognition models in TensorFlow to detect zero-day anomalies in encrypted flows.

View Publication

Publications

Cracking the Web: Analyzing LLM-Based Browsers and Automated Solvers in the Web

B. Ousat, L. Rampersaud, D. Bailey, N. Turkmen, S. Ulugac, A. Kharraz

To be Submitted to IEEE S&P (S&P), 2026

WebGuard: Detecting Evasive Web Scanners via a Multi‑Modal Forensics Engine

B. Ousat, M. Shariatnasab, E. Schafir, F. Shirani, A. Kharraz

Submitted to RAID, 2025

Submitted to RAID, 2025 View on arXiv

Open Source, Open Threats? Investigating Security Challenges in Open-Source Software

S.A. Akhavani*, B. Ousat*, A. Kharraz

Submitted to ACSAC, 2025

Submitted to ACSAC, 2025 View on arXiv

EnSolver: Uncertainty-Aware Ensemble Captcha Solvers with Theoretical Guarantees

D. C. Hoang, B. Ousat, A. Kharraz, C. V. Nguyen

Submitted to IEEE TPAMI, 2024

Breaking the Bot Barrier: Evaluating Adversarial AI Against Multi-Modal Defenses

Behzad Ousat, Dongsheng Luo, Amin Kharraz

ACM Web Conference (WWW), 2024

ACM Web Conference (WWW), 2024 View Publication

The Matter of Captchas: An Analysis of a Brittle Security Feature on the Modern Web

B. Ousat, E. Schafir, D. C. Hoang, M. Ali Tofighi, S. Arshad, C. Nguyen, S. Uluagac, A. Kharraz

ACM Web Conference (WWW), 2024

ACM Web Conference (WWW), 2024 View Publication

An End‑to‑End Analysis of Covid‑Themed Scams in the Wild

B. Ousat, M. A. Tofighi, A. Kharraz

ASIACCS, 2023

ASIACCS, 2023 View Publication

An Adaptable Deep Learning‑based Intrusion Detection System to Zero‑day Attacks

M. Soltani, B. Ousat, M. Jafari Siavoshani, A. H. Jahangir

Journal of Information Security and Applications, 2023

Journal of Information Security and Applications, 2023 View Publication

Honors and Services

Conference Reviewer

RAID, DIMVA (20-25% Acceptance Rate)

2024, 2025

Journal Reviewer

IEEE Transactions on Information Forensics & Security (TIFS, IF 8.0)

2024

Scholarship Recipient

Student Government Association Graduate Scholarship, FIU

2024

Teaching Assistant

Software Security, Operating Systems, and Python Programming, FIU

2021-2025

Mentor

Research methodologies, coding practices, and project planning for graduate students

2022-2025

Cloud Expertise

Amazon Web Services

EC2, Beanstalk, S3, RDS, DocumentDB, VPC, IAM, CloudWatch, AWS Sagemaker

Google Cloud Platform

Compute Engine, GKE, Vertex AI, MLflow, AutoML

Google Cloud Machine Learning Engineer Learning Path 🚀 In Progress - 100+ Hours

📊 Data & Feature Engineering

BigQuery ML SQL-based ML Data Preprocessing Feature Engineering

🤖 Model Development

TensorFlow Keras Vertex AI Workbench Model Training Hyperparameter Tuning

⚙️ MLOps

Vertex AI Pipelines Feature Store Model Registry Model Deployment Model Monitoring CI/CD for ML

🧠 Generative AI & LLMs

Large Language Models Generative AI on GCP Prompt Engineering Fine-tuning GenAI Generative AI Studio

✅ Responsible AI

Fairness & Bias Mitigation Explainable AI Model Interpretability AI Privacy & Safety

🌐 Cloud & Infrastructure

Vertex AI Lifecycle Cloud ML Pipelines Scalable ML Design

Technical Skills

Programming

Python Node.JS Java C++

Machine Learning

Keras TensorFlow PyTorch Scikit-Learn

Data Stores

MongoDB PostgreSQL Redis Pinecone

Orchestration

GitHub Actions Kubernetes Docker MLFlow

Cloud Services

AWS Google Cloud Platform Terraform

Monitoring

Prometheus Grafana Graylog Jaeger Tracing

Resume

Download