Experience

• 

  Star Lab

  • San Antonio, Texas Area

  • Technical Specialist

    • Feb 2016 - Present
    • San Antonio, Texas Area

    • Machine Learning and Artificial Intelligence o Hidden Markov Modeling Introduced dynamic model merging technique o Game Theoretical Modeling Implemented computational game theoretic framework for cyber defense applications Developed stochastic, simultaneous, and Stackelberg games, to include Bayesian variantso Neural Network Ensembles Designed and implemented novel three-tier ensemble detection system System comprised of ML detector ensemble reporting to top-tier neural network• Software Developmento Built Byzantine fault-tolerant systems Applied designs to effect fault tolerance based on system call monitoring and application profileso Implemented kernel drivers for Xen-based security solution Modules managed system call execution on Dom-U guest unikernel on behalf of virtualized host system as an efficient means of defending the network stacko Developed compatibility layer driver for cyber resiliency system Implemented hooks at system call boundary to marshal data between 32-bit user space and 64-bit kernel

• 

  Raytheon Pikewerks

  • San Antonio, Texas Area

  • Research Engineer

    • Sep 2011 - Feb 2016
    • San Antonio, Texas Area

    • Firmware Analysiso Developed tool to generate statistics based on GUIDs parsed from firmware volumeso Developed malice detectors based on GUID statistics Detectors ran as components in an automated analysis pipeline  • Machine Learningo Developed detectors based on Hidden Markov Model (HMM), Principal Component Analysis (PCA) and N-Gram analysis using the Mahalanobis Distance to compute anomaly thresholds Detectors integrated into a QEMU instrumentation solutiono Developed/implemented Artificial Neural Network (ANN) models to describe executable file characteristics resulting from a precise series of mutationso Provided enhancements to working model on research program by integrating Rank Aggregation/Cross-Entropy theoretical resultso Developed Bayesian Inference Engine to infer geographical locations based on evidences represented by various data aggregates and scalars• Binary Analysiso Developed cross-platform zero-day detector based on binary instrumentation technology o Developed tools to recognize and extract functions from binarieso Developed auto-reversing toolso Developed tool to insert and replace code in executable files• Reverse Engineeringo Performed reverse engineering analysis on complex suite of binaries constituting Kaspersky Anti-Virus Product Discovered/reversed cloud communication protocols• Reversed code across numerous binaries Provided results on successful effort that highly impressed customer• Cryptographic Framework Production Developmento Implemented RSA PKCS11 Standard Cryptographic Framework Designed plugin architecture Developed plugins for OpenSSL cryptographic wrapper libraries Designed/developed arrays of unit tests to exercise plugins• Validated encryption, decryption and hashing capabilities

• 

  General Dynamics

  • San Antonio, Texas Area

  • Lead Software Engineer

    • Aug 2003 - Sep 2011
    • San Antonio, Texas Area

    • Developed distributed computational trust models in mobile ad-hoc networks• Designed trust protocol for cyber defense systems• Built comprehensive host-based anomaly detectors• Developed zero-day attack auto-signature generation and comparison functionality• Developed packet payload anomaly detectors o Introduced innovative Partial Sum techniqueo Defeated stealthy mimicry attacks• Designed and developed game theoretical modules for proactive intrusion detection systemso Repeated Bayesian game approach to situational awarenesso Built dynamic Bayesian networks and inter-linked with game modelo Solved for Nash Equilibriums and pre-tabulated solutions for fast executiono Introduced innovative technique of utility function parameter randomizations to reflect inherent environmental uncertaintieso Showed consequential robustness of Nash equilibrium solutionso Presented research findings at the 2007 AFRL Cyber Defense Conference• Worked extensively with open source tools and libraries to include -o Berkeley DB XML database systemo Open Bayeso Gambit • Reverse Engineeringo Analyzed and patched numerous malware and hacker tool executableso Unpacked and de-obfuscated malwareo Conducted analysis to describe functionality • Vulnerability Analysis and Exploitation Developmento Discovered vulnerabilities in numerous net-aware files Executed live data traces Used Sully open source fuzzer toolo Developed several exploits for vulnerabilities