Security SDE II, WA Eng Systems, Microsoft ... July 2013 - Present
Penetration Testing, Application Security.
- Penetration Testing, Application Security.
Technology Analyst Intern, Control, Risk and Governance Technology, Morgan Stanley ... June 2012 - Aug 2012
Algorithm and Tool Automation, Risk and Compliance for Trade Surveillance, Anti-Money Laundering.
- Algorithm and Tool Automation, Risk and Compliance for Trade Surveillance, Anti-Money Laundering.
- Assistant Software Engineer,iGnite Group for Research, Innovation and Development (iGrid), TATA Consultancy Services, India ...Dec 2008 - June 2011
Open Id System, Secure Software Architecture Design, Web Application Security Testing, Performance Analysis, Software Design and Development.
- Open Id System, Secure Software Architecture Design, Web Application Security Testing, Performance Analysis, Software Design and Development.
An Experimental Study of TLS Forward Secrecy Deployments
by Lin-Shung Huang, Shrikant Adhikarla, Dan Boneh and Collin Jackson
IEEE Internet Computing (Track: Best Conference Papers) 2014
Web 2.0 Security and Privacy (W2SP) 2014
Selfish Manipulation of Cooperative Cellular Communications via Channel Fabrication
by Shrikant Adhikarla, Min Suk Kang, and Patrick Tague
6th ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec 2013)
A Technique of Leveraging Human Factors to Facilitate Scientific Service Discovery and Recommendation
by Jia Zhang, Petr Votava, Tsengdar Lee, Shrikant Adhikarla, Isaraporn Kulkumjon, Matthew Schlau, Divya Natesan, and Ramakrishna Nemani
10th IEEE Conference on Services Computing (IEEE SCC 2013)
Malicious Node Localizing Apparatus using Bloom Filters ... Advised By: Dr. Adrain Perrig
Built a fault localization solution that identifies faulty links in a network minimizing per node state, while working across multiple flows. Wrote a prototype implementation of the localization technique using Click Routers.
Static Analysis on Android Platform to discover Privacy leaks ... Advised By: Dr. David Brumley
Build a Static Analysis tool which would enable us to catch explicit and implicit ows of Private data in an Android application. The major challenge was to catch the implicit ows which the existing tool TaintDroid does not catch and at the same time maintain a lower false positive rate.
Performance Evaluation of ECC ciphers for SSL/TLS ... Advised By: Dr.Collin Jackson
This project basically focuses on doing a real-time performance analysis of elliptical curve ciphers(ECC) for SSL/TLS, considering use cases on different platforms.
Selfish Manipulation of Cooperative Cellular Communication via Channel Fabrication ... Advised By: Dr.Patrick Tague
We propose a novel attack framework for a UE over the cooperative communications in LTE, that leads to performance degradation of the system while improving the service quality of the UE. We then evaluate the proposed attack strategies in cellular networks having different performance goals. Finally, we propose a anomaly-based technique for BSs to detect the attack with approximately 90% accuracy.
Exploiting against ASLR and DEP based Systems
Studied ASLR and DEP based systems and wrote exploits like GOT Hijacking and return to libc, in order to control program flow
Applying Information Assurance on IT based Networks
This involved Penetration Testing on a IT based network, Host based hardening of Linux and Windows Systems, Implementing Multi-platform Network Time Synchronization, Network Tra^Nc monitoring with vulnerability scanning
Vulnerability Assessment of a Virtually hosted Web Application
This project involved analyzing and exploiting web vulnerabilities like XSS, CSRF, SQL Injection and others, using tools like skipfish and to suggest remediation for the same.
Host-based Intrusion detection using Open Source Security (OSSEC)
Worked in a team to implement file integrity checking, syslog monitoring, log based IDS and active responses using OSSEC on a simulated virtual network. OSSEC is an open source, cross-platform host-based intrusion detection system (IDS). It provides intrusion detection for many operating systems such as Windows, Linux, Unix, MAC OSX and Solaris. It has a centralized and cross-platform architecture which enables any administrator to monitor and manage multiple systems
- Tools(i): Apache JMeter, Firebug, Bugzilla, CVS, SVN, Git Tools(ii): Wireshark, Nessus, MBSA, Metasploit, Nmap
- Database and Servers: MySQL, Apache Tomcat, DB2
- Browser Security (18636) taught by Collin Jackson ... Spring 2013
- Network Security (18731) taught by Adrain Perrig ... Fall 2012
- Web Application Security and Performance (14827) taught by Collin Jackson ... Summer 2012
- Secure Software Systems (18732) taught by David Brumley ... Spring 2012
- Wireless Network Security (14814) taught by Patrick Tague ... Spring 2011
- Information Security (14741) taught by Nicolas Christin ... Fall 2011
- Applied Information Assurance (14761) taught by Chris May and Richard Nolan ... Fall 2011
- Telecommunication Networks (14740) taught by Bill Nace ... Fall 2011
- Honored with Oustanding Student Achievement Award at Information Networking Institute (INI), Carnegie Mellon University (CMU) ... 2013
- Won Prakash Gaharwar Memorial Gold Medal for academic excellence as a undergrad student in ECE ... 2008
- Won second prize in PAYPAL Hackathon (More Details)
- Won first prize for Best Sprint API implementation at Sprint Hackathon (More Details)
- Member of CMU Capture the Flag Team (Plaid Parliament of Pwning)
- Received an appreciation from the iGrid group at TCS for publishing technical reports and re-usable components ... 2011
- Secured a position within top 1 percentile coders at all India level, in the competition The Great Programming Challenge organized by Reliance Group ... 2008