Non-Intrusive Malware Detection based on Hardware Root-of-Trust MoMA Lab, NYU
Proposed an out-of-the-device non-intrusive malware detection methodology utilizing high and low-level information collected by JTAG using Lauterbach PowerDebug PRO.
Demonstrated an accuracy increase to 99.75% by utilizing semantic and microarchitectural information with an SVM model for malware detection.
Utilized integrity verification of critical static Linux kernel data structures for rootkit detection and OCSVM trained on static analysis information of shared libraries for user-level rootkits, achieving an accuracy of 96.3%.
Platform Agnostic Remote Static Analysis Malware Detection for ICS MoMA Lab, NYU
Implemented external non-intrusive static analysis malware detection leveraging out-of-the-device virtual to physical address translation with JTAG.
Performed static analysis of process text section for extracting entropy values for a 32-byte sliding window, string, and syscall histograms, to be utilized as platform-agnostic features.
Achieved 98%, 95% malware detection accuracy for ARM and x86_64 architecture, respectively, with an SVM model.
[Code] [Poster] [Video]
Process-Aware Cyberattacks for Thermal Desalination Plants Center for Cyber Security, NYUAD
Performed process-aware security assessment of desalination plants to identify attack entry points, categorize the attacks, estimate the corresponding financial loss, and mechanical damage.
Computed the resultant thermal shocks and pressure surges during water hammer in the piping system on sudden valve closure in MATLAB.
Quantified the detrimental effects of water hammering during such attacks in terms of Maximum induced von Mises stresses (340 MPa) and maximum displacement (19.94mm) with ANSYS.
[Code] [Paper] [Presentation]
Phish Muzzle UCLA
Proposed and developed a metadata based approach for defending against email spear phishing attack.
Extended Levenshtein Distance and MySQL queries for identifying suspicious emails.
Optimized the solution by reducing search space using additional MySQL query.
Automated NFV Deployment Wireless Networking Group (WiNG)
Developed a command line tool to automatically deploy OAI components using OpenStack.
Implemented automated scripts for OAI configuration based on user specified modular SLA files.
Introduced simple interactive functionality to deploy, delete and check status of the spawned VMs.
ASCII Transliteration Format (ATF) Parser CDLI
Developed a parser to validate ATF texts using PLY in Python.
Enhanced and adopted the parser for online use by connecting PHP front with Python backend.
Implemented rules for automatically detecting structural and semantic defects in the texts.
Secure Code Analysis Software Evolution and Analysis Laboratory
Proposed a novel technique to detect violations of secure coding techniques using abstract symbol tree in Java.
Extended Google’s Error Prone to analyse the code for security vulnerabilities during compile time.
Detected vulnerabilities such as weak random number generation and return value ignored in open source projects.
Machine Learning for Cancer Treatment Prediction Center for Smart Health
Proposed a novel technique using clinical data for predicting best treatment option for cancer patients.
Implemented multiple machine learning techniques using TensorFlow and scikit library in Python.