Safe Service Workers

Skills: C++, Javascript, Python, ML, Web Security

• Analyzed thousands of websites that support Web Push Notifications (WPNs) for my MS Thesis project; remotely advised by Dr. Mustaque Ahamad

• Analyzed 3K websites to develop a tool to detect if the website misuses service workers to trigger malicious notifications with 96% recall and 98% accuracy.

Blockchain federated identity

Skills: Ethereum, Python, React, Identity & Access Management

• Implemented a private, decentralized Identity Verification solution to create a federated service for users to create or update their identity with federal agencies like DMV.

• The solution employed a Proof-of-Authority based consensus algorithm to validate changes in a user’s identity attributes. The underlying cryptographic chain was used to ensure that the data stored is tamper-resistant

Risk-based threat and vulnerability management

Skills: Python, Javascript, Neo4j, Threat intelligence, Vulnerability management

• Developed a proof-of-concept solution to quantify risk across vulnerable assets, by correlating with threat intelligence and information about active security violations on the assets

• The solution provided a unified interface to investigate critical vulnerable assets and provided visibility into the riskiest vectors for large organizations with segregated business units

Social media scraping detection and analysis

Skills: SOAR, Python, Github, Web-scraping

• Created a proof-of-concept to discover social-media data scraping projects on Github by analyzing 200k+ public repositories.

• Created for a large social media company, the project identifies repositories that are accessing disallowed or risky endpoints for scanning.

• Designed a threat actor tracking system by correlating intel from the deep and dark web forums to identify actors who perform unauthorized scraping and subsequently sell that data on the dark net