Cybersecurity R&D Team Lead Canadian Institute for Cybersecurity (CIC), Fredericton, Canada Jan 2020 - Present Key
Projects 1. Scotiabank Project: ”Security Evaluation and Risk Assessment for Post Quantum Cryptography”
- Conducted research on classical and post-quantum cryptographic algorithms, aligning with NIST recommendations and the imminent advent of quantum computing capabilities.
- Proactively identified potential security threats posed by quantum computers, critically analyzing cryptographic mechanisms for data security at rest and in transit.
- Delivered a comprehensive gap analysis report, meticulously assessing risks associated with transitioning from non-quantum-safe to quantum-safe cryptographic systems.
- Led the development of a holistic security risk assessment framework for a secure quantum-safe transition.
- Canadian Internet Registration Authority (CIRA) Project: ”DNS Firewall for Households”
- Collaborated with industry partners to extract and analyze data using Amazon Elasticsearch and Kibana services.
- Designed and implemented a risk assessment process aligned with NIST (SP) 800 guidelines for user identification.
- Created a prototype demonstrating the functionality of the DNS firewall system.
- Huawei Project: ”Feature Map Privacy”
- Investigated privacy threats and vulnerabilities in machine learning.
- Conducted attacks, including reconstruction, model inversion, and membership inference.
- Evaluated cryptographic and non-cryptographic techniques for machine learning model protection.
- Developed and validated privacy-enhancing prototypes.
- Bell Project: ”BGP Anomaly Detection using Machine Learning”
- Researched and analyzed BGP cyber threats and vulnerabilities.
- Simulated diverse attack scenarios to assess their impact on BGP networks.
- Utilized specialized software tools and developed ML-based visualization methods to identify anomalous behavior in live BGP traffic.
- Siemens Project: ”Digital Forensics for Smart Grid”
- Designed a classification system to identify and categorize OT attacks in smart grids.
- Utilized advanced forensics tools to analyze network, memory, file, and data communication in smart grid environments.
- Investigated adversary tactics using MITRE ATT&CK methodology and ICS Cyber Kill Chain framework.
- Discovered security vulnerabilities targeting specific devices and developed attack scripts.
Postdoctoral Research Fellow Cryptography, Security, and Privacy (CrySP), University of Waterloo, Waterloo, Canada Jul 2018 - Nov 2019
Key Project
- RBC Project: ”Privacy Preserving Information Sharing”
- Researched cryptographic techniques for privacy-preserving information sharing.
- Developed a private set intersection solution based on Homomorphic Encryption and differential privacy.
- Optimized solution parameters for improved performance.
- Implemented solutions using C++ and integrated encryption libraries.
Instructed Course • CS458/658: ”Computer Security and Privacy”
– Introduced security and privacy issues in various computing aspects.
– Explored causes of security breaches and prevention methods.
Research Assistant Université de Montréal, Montreal, QC, Canada May 2012 - Mar 2018
Key Project 1. NSERC Project: ”Secure Access Control in Mobile Cloud”
- Designed IAM solutions including Attribute-Based Access Control (ABAC) for secure data access in the mobile cloud.
- Implemented attribute-based encryption to enhance Access Control in Mobile Cloud environments.
