I am a masters student at Carnegie Mellon University, Information Networking Institute since 2014. My interests span information security, software security, threat modelling, incident response and network security. I am advised by professor Patrick Tague.
- MS student in Information Security, Carnegie Mellon University
- B.Tech in Information Technology, Vellore Institute of Technology
- Wireless Network Security(14-814) by Patrick Tague, Fall 2016
- Mobile Security (14-829) by Patrick Tague, Fall 2015
- Cybersecurity Research Seminar (14-850) by Patrick Tague, Fall 2015
- Nework Security (18731) by Vyas Sekar, Spring 2015
- Secure Software Systems (18-732) by Lujo Bauer, Spring 2015
- Applied Information Assurance (14-761) by Chris May and Dennis Allen, Fall 2014
- Introduction to Information Security (14-741) by Limin Jia, Fall 2014
- Fundamentals of Telecommunications and Networks (14-740) by Rajeev Gandhi, Spring 2015
- Influence and Persuasion Online 08-624 by James Herbsleb, Fall 2014
- Graduate Practicum -SLAC National Accelerator Laboratory, Stanford, CA
- Researched and developed an open source, secure and low cost BMS that is built on IoT platforms to seed the small commercial and residential energy control market to increase operational efficiencies with better analytics for decision making and to facilitate building-to-grid transactions.
- Performed threat analysis and identified security vulnerabilities and propose methods to mitigate the same.
- Enterprise Security Architecture Intern - Visa inc. Foster City, CA (May 2015 - Aug 2015)
Responsible for the following - Threshold Based Credential Protection System - Implemented a proof of concept using C on a windows host machine which would help VISA provide enhanced data protection. - Deployment Model of Public Cloud SIEM at VISA - Researched and published a detailed document which captures the entire existing deployment model of public cloud SIEM at VISA. Uncovered several critical data points and provided security recommendations. Skills Gained and/or Developed: OpenSSL, PBKDF2, SumoLogic, C, Windows, Visual Studio
- Software Engineer at Alcatel Lucent R&D, India (July 2012 - June 2014)
- Wrote software for Layer-2 Ethernet forwarding based on Virtual LANs and protocols like DHCP, ARP and CFM and using programming languages C/C++.
- Developed and implemented various critical features under intense timeline requirements.
- Developed code fixes and enhancments for inclusion in future code releases and patches.
- Developed strong understanding of Agile software development methodology.
- Intern at Alcatel Lucent R&D,India (Jan 2012 - May 2012)
Designed and implemented a feature to support Maintainence Intermediate Points at Line Terminal Card based on CFM protocol.
- Mutual authentication in cross-modal devices leveraging sensory data
This projects aims to research and propose an effective method to perform mutual authentication in cross modal devices leveraging the sensory data.
- Vehicle DataBus Security
Researched and proposed an extensible intrusion detection framework for vehicles. It is primarily an anomoly based IDS, with configurable rules similar to Snort, which listens to the CAN messages. We designed and implemented an Android application as a proof of concept.
- Information Assurance Exercise
Implemented information assurance principles on a vulnerable virtual company network which included hardening servers, defending and responding to live injected attacks to ensure uptime of critical services on the network
- Reverse engineering network access control policies on software defined networks
Research based project aimed at inferring firewall policies on a given SDN network. We experimented with random probing algorithm and smart probing algorithm which made use of machine learning (SVM classifier) to determine network access control policy. We also determined the effectiveness of the above algorithms in python and created a project report detailing theory, implementation and results of our research.
- Buffer Overflow Exploitation
Exploited buffer overflow vulnerability in C by writing shell code to change the runtime behavior of various programs (standalone, client-server) with and without ASLR protection
- Stateful Firewall using Click
Built a simple stateful firewall using the modular software router Click which can be used for fast prototyping of routing protocols. Network traffic is inspected against a policy file and decisions are made by the firewall.
- Control-Plane DoS Attack on SDN
Induced DOS attack by sending random SYN packets to a switch connected to a SDN controller in mininet. The switch was not able to find the matching handling rules and thus forwarded the packet to the controller, thereby flooding it with requests which saturated the SDN control plane.
- Dynamic Taint Tracking
Implemented a dynamic taint checker for a programming language called SIMPLE (subset of C). The taint checker ensured that no value derived from a secret is ever printed. Developed several test cases that demonstrate that the checker worked correctly.
Wrote custom static analysis checkers using the Coverity API to enforce desired program properties. Checkers detected usage of unsafe functions in C, modification of random variables, off-by-one and buffer overflow errors and negative shift values.
- Web Security Lab
Gained hands on experience on various prominent web application attacks such as SQL injection, XSS, CSRF and Timing Attacks. Documented each attack, clearly explaining the vulnerability and how the exploit works.
- Verification of security properties using SPARK
Used the SPARK verification tools to explore verification of security properties. Added preconditions and postconditions to existing ADA functions to enforce desired properties.
Honors and Awards
RSA Security Scholar 2016
Among the three candidate selected to represent Carnegie Mellon University at the RSA Conference 2016 as a security scholar.
More Details : http://www.rsaconference.com/about/rsac-security-scholar
Emirates Travel Hackathon 2015- 3 API Awards
1. Splunk API Award
2. mBientLab Group Award
3. StubHub Honourable Mention Award
Awarded a merit scholarship by Carnegie Mellon University for my information security degree program.
- Certified Cisco’s IT Essentials: PC Hardware and Software Professional
- Certifed Network Management Professional - Nettech Pvt. Ltd
Carnegie Mellon University - Silicon Valley Campus
23 NASA Ames Research Center
Moffett Field, CA 94035