Experimentation to discover cutting edge vulnerabilities and security solutions.
Develop tools to measure and enhance the security of computer systems and networks.
Penetration testing to evaluate the security of infrastructure.
Studied computer engineering at UC Davis, graduating in 2011. This major provided an excellent background in both hardware and software. Though I was interested in computer security even before beginning my degree, I became determined to focus on this field after taking an introductory computer security course.
In 2011 I began my doctoral studies in computer science. Through various research projects and internships, I explored many areas of computer and network security.
Between June and September 2012 I interned as a security researcher at Sandia National Labs. I worked on detecting malicious content hidden in media files and developed an interface that efficiently sanitizes data while preserving a high degree of fidelity.
My next summer internship was at Lawrence Livermore. Here, I investigated the feasibility of a generic metric for network resilience. Though a unified metric ultimately was not developed, I was able to thoroughly detail the technical, computational, and theoretical challenges in producing such a metric. I then focused on exploring quantitative metrics for specific security properties.
Continuing my work from last summer, I began researching multipath routing to fill the gaps in quantitative security metrics. Specifically I measured the recovery delay of data transfers over multipath networks with different quality of service levels.
At Lawrence Berkeley, I evaluated the performance of network monitors. The goal was to determine which tool scales the best with high-performance network traffic. This analysis can also be applied to other network tools, such as intrusion detection systems.
Performed a security evaluation of the infrastructure used by Reminder Services. Reported on vulnerabilities, prioritized by severity. Suggested solutions to the implementation and underlying architecture of network services in order to improve security posture.