PhD Student, SecT, TU Berlin.
Ph.D. Electrical Engineering and Computer Science, SecT, TU Berlin.
Dissertation title: Compiler Assisted Vulnerability Discovery
Over the past five years, I have developed an expertise in C/C++ code security audits, and compiler-driven static and dynamic vulnerability analyses. My work has contributed to four peer reviewed scientific publications on the topic which I have conceptualized and led, and several others which I have actively contributed to. Moreover, the tools I have written have helped uncover tens of vulnerabilities in open source networking software such as tcpdump, snort++, and Open vSwitch.
M.Sc. Computer Science, Ecole Polytechnique Federale de Lausanne.
At EPFL, I obtained a masters degree in computer science with a specialization in computer engineering. My masters thesis is titled “DPA attacks on certain cryptographic primitives on a common 8-bit microcontroller”. This work benefited from my specialisation and kindled my interest in computer security.
B.Tech Electrical and Electronics Engineering, National Institute of Technology Karnataka.
Security Engineer, Ethereum foundation.
Aug 2012-May 2013
Research Assistant, Computer Security Lab, Rice University.
At Rice University, I consulted on a security-program analysis project focused on large scale analysis of Tizen mobile applications. Specifically, I enumerated the ways in which security critical information flows from user input gathering APIs to data processing end points (sinks). My work contributed to the first security analysis of Tizen applications.
June 2011-May 2012
Research Employee, Fraunhofer Secure IT Institute, Darmstadt.
At Fraunhofer SIT, I ported TOMOYO Mandatory Access Control (MAC) system to Android. I also contributed to the design and development of an Android phone prototype with enhanced security features. The work has been published work in top-tier security conferences.
July 2007-July 2008
Software Engineer, Ittiam Systems Private Limited, Bangalore.
At Ittiam, I worked as an software development and testing engineer. I wrote C code for adding new features to the Voice over IP phone, Ittiam’s flagship product. Moreover, I was actively involved in fixing bugs, and serving as the point of contact for customers in remote locations.
Student Assistant, EPFL+ECAL Lab, Lausanne.
At the ECAL lab, Implemented OpenCV extensions for a media research project.
Intern, Ittiam Systems Private Limited, Bangalore.
As an intern at Ittiam, I designed an experiment to measure and analyze audio jitter in Ittiam VoIP phones so that Ittiam’s jitter reduction could be quantitatively and qualitatively evaluated.
Best paper award for “Taking Control of SDN-based Cloud Systems via the Data Plane” at SOSR’18
K. Thimmaraju, B. Shastry, T. Fiebig, F. Hetzelt, J.P. Seifert, A. Feldmann, S. Schmid.
USENIX Student Grant.
Swiss Government Excellence Scholarship.
Best paper presentation award for “Advanced Educational Tools for Modeling, Simulation, Impleme-ntation and Real-Time Testing of Modern Power System Protection Schemes-Particular Reference to Distance Protection” at the National Systems Conference (India) 2007
U.J. Shenoy, K.R. Satheesh, B.S. Kavyashree, B.Shastry
Young Engineering Fellow, Indian Institute of Science, Bangalore.
- C, C++, Python, Java, Bash
WOOT’14, MASCOTS’16, COMNET’17
18 April 2017
Code-sharing leads to widespread bug sharing that black-hats can track
Our study on the relationship between vulnerable tutorials and real-world code was covered by The Register.
Software Security, Computer Security Seminar, Telecommunications Security
Available on request.