About

I'm second year Graduate Student at Johns Hopkins, studying computer security. 2.5+ years of experience specializing in the cloud, network security, development, infrastructure protection, and computer hacking. My undergraduate degree is in computer science from Vellore Institure of Technology, India. My main research interests include building large scale secure systems, application security.

Education

Masters of Science, Information Security 2019 – Present
The Johns Hopkins University, Baltimore, MD
» Research interests in cloud, infrastructure, network, and IoT Security  
   
Bachelor of Technology, Computer Science 2013 – 2017
Vellore Institute of Technology, Vellore, India
» GPA: 4, Research Topics include Multi cloud security, SQL Injection  
   

Experience

Security Researcher Intern, Adobe May 2020 – Aug 2020
San Jose, CA
» Team: Enterprise Security  
» Project -1 : Create an automated risk firewall rule detection system to identify Security policy violation at DMZ Level and reduce the attack exposure  
» Impact: Formulated a violation matrix and setup an intelligent firewall rule detection process, published best practices guidelines, featured on Adobe Blog  
» Team: Cloud Security  
» Project -2 : Designed a plan to utilize the Organization Security Policies and enforce security controls at Adobe Public Cloud Scale, create violation strategies to bypass current AWS Security detections  
» Impact: Presented the findings to the team, helped in incorporating more secure controls  
   
Software Engineer - 2, Netskope Apr 2018 – Jul 2019
Bangalore, India
» Malware Efficacy Project: Developed API’s and data acquisition framework for training models on file features. Increased scalability from few hundreds to 10M samples per day, helped in reducing False Positives  
» Threat Intelligence Framework: Built a proactive Threat hunting framework for insights about the latest threats using file decomposition, macro analysis and dropped file clustering, improved detection rate by 50%  
   
Software Engineer - 1, Netskope Jul 2017 – Mar 2018
Bangalore, India
» Developed URL Heuristics engine using Machine Learning modelled on lexical features, dropped file extract, third-party reputation which improved the efficacy by 60%  
» Integrated Cuckoo Sandbox for Ransomware File Encryption system and used this in generating threat intelligence, which acted as a key differentiator for Netskope threat capabilities  
» Streamlined malware analysis with a task scheduling framework, integrated signature matching, static and dynamic analysis eliminating hours of manual effort at a cost reduction of 85%  
   
Software Intern, Netskope Jan 2017 – Jun 2017
Bangalore, India
» Built from scratch a Malware Corpus system for systematic collection of vast malware artifacts and an open-source Malware Organizer Tool to find useful insights about malware families.  
» I work part of Netskope Threat Research Labs, staffed by the industry’s foremost cloud threat and malware researchers, the Netskope Threat Research Labs build products help corporates protect against advanced threats using various technologies like machine learning, Heuristics, Sandboxing  
   
Summer Intern, Krify Jun 2015 – Jul 2015
Kakinada, India
» Developed cross platform applications  
   

Teaching

Teaching Assistant, Cloud computing Aug 2020 – Dec 2020
» Designed cloud ssignments utilizing GCP and AWS platforms  
» Graded programming assignments and conducted office hours to assist grad students  
   
Teaching Assistant, Cloud computing Jan 2020 – May 2020
» Conducted office hours to assist students on Mininet, GCP Programming Labs  
   
Course Assistant, Cloud computing security Aug 2019 – Dec 2019
» Graded programming assignments and conducted office hours to assist grad students  
   

Publications and Blogs

Malware and Threat Analysis and Remediation of Cloud SaaS Traffic May 2019
Journal of Computational and Theoretical Nanoscience
» Paper on different cloud attacks and methods to prevent them from an enterprise perspective using variety of detection mechanisms  
   
Practicing Proper DMZ and Firewall Hygiene Aug 2020
Adobe Security BLog
» Develop practices that can improve the overall security posture of DMZ configurations and general firewall hygien  
   

Projects

Network Security and Attacks
» Project aimed at implementing a HTTP Server on RPI box and test various network attacks  
» Capture the network interactions, analyze using wireshark, created both server and client on docker  
   
Malicious URL Detector
» A open-source Machine Learning Model to detect malicious urls using lexical features  
» It includes Deep File Analysis on attributes from the dropped executables  
   
Malware Organiser
» A tool to organise large malicious and benign files into a organised Structure  
» Helps in classification of Malwares according to tags, family names and mime type  
   
Ransomware C2C Server Detector
» Open Source Machine Learning Based Ransomware generated Command and Control Server Domain Detector  
» Identifies domains which are not humanly generated with good accuracy  
   
Generic Parser
» A single open-source library to extract meta information, static analysis and detect macros within the files  
» Works on popular file formats like doc, docx, pdf, xml etc  
   
CTF Writeups
» A collection of all Capture the Flag Writeups and Tools  
» Includes HacktheBox, Vulnhub and popular CTF Solutions  
   
Yara Finder
» A open-source tool to find the yara matches on a file  
» Easily extensible to custom Yara rules  
   

Awards and Recognition

Winner, HopHacks CTF Sep 2019
» Northrop Grumman along with Hophacks organized a Capture the Flag event  
» Won first place by capturing hidden flags in six machines in a time sensitive competition  
   
Finalist, Netskope - Hackathon Dec 2017
» Led two teams to the final five of the annual hackathon at Netskope, presented both ideas to the CTO and Chief Scientist