Security enthusiast | Geocacher | Objectivist | Blogger | Researcher | Speaker | Amateur media critic | Wannabe toucan owner
21 Washington, DC
I am a fourth-year student in the M.S. Computing Security program at RIT, just starting my career in the industry and striving to create secure, inclusive, accessible, and joyful technologies for all to use. My research interests are in systems and network analytics for malware detection, steganography, and disinformation.
I frequently participate in computer security red/blue competitions, Capture the Flag tournaments, and STEM outreach events around the world. More recently, I have been working to address media bias and ethical research issues plaguing the national dialogue. I also enjoy being a lifelong student by incorporating other disciplines and perspectives into my activities, from technology to psychology, philosophy, journalism, communication, and political science.
I am a member of the RIT Security Club (RITSEC), RIT FIRST, and the RIT Honors Program in my spare time. I also enjoy adventurous activities such as geocaching in the Rochester area, bouldering, and traveling with my friends. In the future, I hope to obtain a Ph.D. in information assurance and own a paramotor.
Technical, professional, educational, and volunteer involvements
I was awarded the National Science Foundation's CyberCorps Scholarship for Service (SFS) while attending RIT to recognize my academic achievements and personal commitment to making national systems and data more secure and accountable to civilians.
I was also the recipient of the International Systems Security Association (ISSA)'s Howard A. Schmidt Award in honor of the past president of the ISSA International Board, presidential computer security adviser, and US-CERT chief security strategist, as well as the Black Hat Student Scholarship. I was awarded these scholarships due to my academics, activities, and desire to work in national security.
I currently hold GIAC Certified Incident Handler (GCIH), Cisco Certified Cyber Ops Associate (CCCOA), and CompTIA Cybersecurity Analyst+ (CySA+), as well as membership in the GIAC Advisory Board and other lower certifications. Certifications complement my academics, extracurriculars, and work experience, and I see them as an excellent way to validate and reinforce my growing skillset.
I plan to obtain further certifications in security analytics and blue team operations soon. These certifications will validate the skills I have learned through classes, personal and club projects, internships, and competitions.
HotH, FIRST, Scholarship America
I frequently advocate for cybersecurity proficiency and the technology workforce in the federal government. As part of Hackers on the Hill, I met with the Committee on Homeland Security and Governmental Affairs to address the cyber talent gap and the shortfalls in federal, state, and local cybersecurity employees.
I was one of 30 honorees at Scholarship America's National Dreams to Success Awards for improving STEM curriculum and extracurricular opportunities for students in rural areas. Involving myself as a FIRST Robotics volunteer, a Computing Security Ambassador, and an RIT IMPRESS member helps me achieve these goals.
A selection of projects and activities I've worked on
Recent Blog Post
I chose to re-evaluate the methodologies and rigor of academic malware publications for my CyberCorps and Advanced Malware Forensics research project. Based on the paper "Prudent Practices for Designing Malware Experiments," I re-performed the original experiment to determine if proper sampling, analysis, and safety measures improved since 2012.
I plan to continue developing this paper in the hope of submitting it to a conference sometime in Fall 2020.
Watch my project presentation below.
My friends and I created a custom command-and-control server and Windows malware written in C++ for our Malware Reverse Engineering class. Our malware could obtain system information such as processes, usernames and passwords, network information, and operating system version. It also could send and receive files across a network using a custom encryption algorithm.
We also reverse engineered our client malware using IDA Pro and presented the project to our class.
Our detailed analysis is available below.
I evaluated the first beta release of Volatility 3 for my Computer System Security final project. In my presentation, I explained how computer memory functions, introduced fundamental memory analysis and forensic techniques, and discussed the release of Volatility 3 as well as several of the landmark changes it presents for memory analysis.
Then, I demonstrated Volatility 3 by using various commands to identify the Zeus rootkit on a memory image obtained from an infected Windows system.
Check out the presentation and demo below.
I created a Docker container hosting a web server vulnerable to Shellshock (CVE-2014-6271) for a course CTF. The flag could be obtained using command injection via Apache cgi-bin and exploiting an outdated version of Bash. I also configured Snort on a separate Docker container to monitor exploitation and create a threat map on the class network.
I published the container and a video walkthrough of the exploitation commands at the end of the CTF.
The CTF challenge Docker container is available below.
CompetitionsBlue Team, DoE CyberForce 2020 Black Team, RITSEC IRSeC 2020 White Team, RITSEC IRSeC 2019 Blue Team (4th Place), RITSEC ISTS 2019 Blue Team (4th Place), RC3 IRSeC 2018
CTFs1st Place, RITSEC Demos, Spring 2019 4th Place, RITSEC Demos, Fall 2018 RITSEC CTF, 2018 RC3 CTF, 2017 RC3 Demos, 2017
ConferencesDEF CON (Safe Mode) Black Hat Layer 8 Con ShmooCon CyberCorps SFS Convention ISSA RSS Security BSides (Rochester) Dreams to Success Awards
Past projects and competitions are available on Medium
Employment, education, and skills
The Department of Defense provides the military forces necessary to protect the security of our country.
MITRE works in the public interest across federal, state, and local governments, as well as industry and academia, to bring innovative ideas into existence in areas such as artificial intelligence, data science, quantum information science, health informatics, space security, policy and economic expertise, trustworthy autonomy, cyber threat sharing, and cyber resilience.
Parsons is a leading provider of scientific, technical, and cyber solutions to the intelligence community specializing in defensive and offensive network intelligence solutions, closed network security engineering, weapons system intelligence, and facilities design and optimization.
Rochester Institute of Technology; Rochester, NY
CASTLE is a network of faculty, projects, and programs committed to improving science and math collaboration between educators, education researchers, and students. Members engage in scholarship of pedagogy, facilitating dialog, encouraging collaborative opportunities in evidence-based practices, conducting discipline-based education research, and establishing methods of assessment and evaluation.
Detailed work experience, classes, and testimonials are available on LinkedIn
Some fun stuff about me
Check out my travels on YouTube
If you don't know, the thing to do is not to get scared, but to learn.
A mind is like a parachute. It doesn't work if it is not open.
I never lose. Either I win or I learn.
Conquer anger with lack of anger; bad with good; stinginess with a gift; a liar with truth.
A creative man is motivated by the desire to achieve, not by the desire to beat others.
Treat people as if they were what they ought to be and you help them to become what they are capable of being.
The question is not who is going to let me; it's who is going to stop me.
Be a nuisance where it counts. Be depressed, discouraged, and disappointed at failure and the disheartening effects of ignorance, greed, corruption and bad politics—but never give up.
I am rich no matter what I lose. I'd rather risk it all to find the truth.
This whole time, I thought changing the world was something you did, an act you performed, something you fought for. I don't know if that's true any more. What if changing the world was just about being here, by showing up no matter how many times we get told we don't belong, by staying true even when we are shamed into being false, by believing in ourselves even when we're told we're too different? And if we all held on to that, if we refuse to budge and fall in line, if we stood our ground for long enough, just maybe the world can't help but change around us.
Get in touch with me