- Use technology and research to create some positive change for humanity.
- Research Objective
Enhance Situational Awareness in large-scale, complex, distributed systems using a combination of knowledge-based and data-driven approaches.
This has immediate applications in areas like CyberSecurity, Smart Grids, Networked Experiment Testbeds and Social Networks (to name a few) where the scale and complexity of such systems, combined with the exaflood of data is creating challenges and opportunities that may have not been witnessed since Gutenberg. Situational Awareness will aid users of these systems in making better sense of the environment they are in and help them make better decisions.
- Education Summary
- Pursuing a PhD in Computer Science advised by Dr. Clifford Neuman at University of Southern California (3rd Year).
- Masters in Computer Science (with specialization in Computer Security) from University of Southern California, LA (GPA: 3.91/4.0)
- Bachelor of Engineering in Computer Science from Pune Institute of Computer Technology, Pune, India. (GPA : 3.78 / 4.0)
- Relevant Skills
- Research Experience
- Graduate Research Assistant (USC-ISI / Los Angeles, USA / Jun 2007 - Present)
- ThirdEye ThirdEye is my attempt to address the challenge of making sense of the vast amounts of data collected by information systems. ThirdEye creates Situational Awareness by enabling users/operators of such systems to build security, diagnostic, analytic and decision-making applications. This work is currently being done in the context of two domains: Networking Testbeds and Smart Grids.
- Knowledge Plane Project (with John Wrocklawski, Karen Sollins and Ted Faber)
- The high level objective of the research was to build a diagnostic system for intrusion detectors in a Knowledge Plane like environment. Such a diagnostic system would then help distributed intrusion detection systems to effectively correlate detection reports from various sources.
- There were 4 approaches investigated:
- Passive learning - In this approach, an unsupervised learning model (Hidden Markov Model) was used for inferring detector trust using only detector ouputs from weak-local detectors.
- Active Probing - In this approach, active probes or tests are fired from a central evaluator towards a detector and its responses are benchmarked against expected results.
- Systematic Testing - This mechanism aims at systematically testing a detector offline for True Positives and False Positives by generating tests relevant to the deployment context of a detector.
- Ensemble Framework - This approach uses an ensemble of detectors (at a single location or distributed) to find a global consensus. This approach takes a slightly different approach to the diagnostic problem as it tries to build a complete intrusion detection system instead of just building a diagnostic system.
- Worked on testing the Federation Architecture for DETER by running a worm experiment across three DETER sites.
Check the publications page.
- Teaching Experience
- Teaching Assistant for Security Systems (CS530) (USC / Fall 2007)
Was the lead Teaching Assistant for the Security Systems Course under Dr. Clifford Neuman
- Work Experience
- Graduate Research Assistant (USC Graduate School / Los Angeles,USA / Oct 2006 – Aug 2007)
- Worked as a system administrator managing the Graduate School Windows Servers and workstations.
- Designed and implemented a firewall deployment for the graduate school.
- Managed the Active Directory, IIS, MSSQL, Backup and Firewall services for graduate school.
- Managed the graduate school servers and workstations by performing regular sysadmin duties.
- Software Engineer (Nevis Networks Pvt. Ltd / Pune, India / Jan 2004 – July 2006)
- Built a GDB based remote debugger stub for the Nevis MIPS Processor
- Designed, built and managed a test lab / attack lab for Nevis.
- Developed penetration tests for IPS/Firewall/Worm Containment modules for the Nevis LanEnforcer Secure Switches.
- Built WormNet – A worm testing framework
- Built Tsunami – A stateful test generator for testing intrusion detection systems.
- Built Skraft – A stateful packet generation tool for testing protocol anomaly.
- Was part of a team that built a 10G stateful traffic generator on Nevis hardware.
- Software Engineer (IBM India Software Labs / Pune, India / March 2003 – Jan 2004)
- Worked as a Software Engineer in the IBM Directory Server (IDS) LDAP Functional Verification Testing (FVT) team.
- Responsible for developing and maintaining the Directory Server’s test suites in Object Oriented Perl.
- Involved in testing the TLS, SSL, MD5 and Replication components of IDS.
- Responsible for administering HP-UX, AIX, Linux and Solaris machines.
- Responsible for designing and developing an automatic install / uninstall framework to ease the testing of IBM Directory Server.
- Responsible for building an advanced testing framework providing remote administering and logging capabilities using STAF, Perl and C.
- Software Engineer (Kuokoa Networks Pvt. Ltd / Pune, India / June 2002 – Dec2002)
- Involved in designing and implementing the directory handling code for the Kuokoa Data Management System using a novel indexing concept called “Htree” [Refer http://ext2.sourceforge.net/2005-ols/paper-html/node3.html].
- Designed, coded and tested algorithms for file and directory lookups, creation, deletion and metadata management for the Kuokoa File System.
Winner of the “Best Systems Networking project” during Undergrad Final Year, Engineering for building a media server filesystem and a deterministic filesystem scheduler.