Ram B. Basnet, Ph.D.



Similar documents
Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008

Course Title: Course Description: Course Key Objective: Fee & Duration:

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Security of Web Applications and Browsers: Challenges and Solutions

INFORMATION SECURITY TRAINING CATALOG (2015)

A clustering Approach for Web Vulnerabilities Detection

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

MH NOROUZI RÉSUMÉ AND CV

CRYPTUS DIPLOMA IN IT SECURITY

Evaluation of Penetration Testing Software. Research

IS Careers. MIS 4133 Software Systems

Abdullah Mohammed Abdullah Khamis

60467 Project 1. Net Vulnerabilities scans and attacks. Chun Li

CAREER OPPORTUNITIES

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

capabilities statement

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Product Roadmap. Sushant Rao Principal Product Manager Fortify Software, a HP company

Acunetix Website Audit. 5 November, Developer Report. Generated by Acunetix WVS Reporter (v8.0 Build )

Pwning Intranets with HTML5

Ethical Hacking Course Layout

2016 TÜBİTAK BİLGEM Cyber Security Institute

INFORMATION SECURITY TRAINING CATALOG (2016)

I'M MICHAL I'M JANKOWSKI

Security Tools - Hands On

Jennifer L. Davidson

CS 558 Internet Systems and Technologies

Business Information System Courses Description

Detailed Description about course module wise:

Open Source Security Tool Overview

System Specification. Author: CMU Team

Certified Cyber Security Expert V Web Application Development

Master of Science (M.S.), Major in Software Engineering

Common Security Vulnerabilities in Online Payment Systems

Web Forensic Evidence of SQL Injection Analysis

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

EC-Council Ethical Hacking and Countermeasures

HTML5. Turn this page to see Quick Guide of CTTC

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Agenda Holistic view of Infosec Jobs Infosec Domains Various Jobs and required Skills Egg and Chicken problem Breaking the ice Profile Building

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. abechtsoudis (at) ieee.

SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES *

INFORMATION TECHNOLOGY (INFO)

Course Syllabus For Operations Management. Management Information Systems

Los Angeles Trade-Technical College Student Employment Center. Computer Science. Part-Time

EC-Council Certified Security Analyst (ECSA)

Deciphering The Prominent Security Tools Ofkali Linux

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

Web application testing

ASSOCIATE IN ARTS DEGREE-60 UNITS

CYBERTRON NETWORK SOLUTIONS

The Cyber Threat Profiler

PKF Avant Edge. Penetration Testing. Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP

Analyzing Huge Data Sets in Forensic Investigations

Preprocessing Web Logs for Web Intrusion Detection

Web Vulnerability Scanner by Using HTTP Method

Pentesting Web Frameworks (preview of next year's SEC642 update)

CORE CLASSES: IS 6410 Information Systems Analysis and Design IS 6420 Database Theory and Design IS 6440 Networking & Servers (3)


Yuri Pevzner Lembrecht way Tampa, FL Phone: (610)

Security Testing for Web Applications and Network Resources. (Banking).

Description: Course Details:

PSG College of Technology, Coimbatore Department of Computer & Information Sciences BSc (CT) G1 & G2 Sixth Semester PROJECT DETAILS.

WHITEPAPER. Nessus Exploit Integration

Master of Science Service Oriented Architecture for Enterprise. Courses description

629 Meier Lane, Onalaska, WI

By : Khalid Alfalqi Department of Computer Science, Umm Al-Qura University

Programming Languages

Study Plan for the Bachelor Degree in Computer Information Systems

An Introduction to Data Mining

Wayne State University Phone: Woodward Avenue, Suite

NSFOCUS Web Vulnerability Scanning System

Master of Science in Software Engineering Student Guide

Penetration Testing. Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014

Integrating Tools Into the SDLC

CURRICULUM VITAE PETROS KARVELIS

A review and analysis of technologies for developing web applications

AtlSecCon 2012, 01 March Intru-Shun.ca Inc.

Vulnerability Management

Computer Science A.A. Degree, Certificate of Achievement & Department Certificate Programs

Job Opportunity. Full time, although we would consider part-time on a job-share basis

IBM Security Intelligence Strategy

Malicious Network Traffic Analysis

Terry Ann Morris, Ed.D.

DBMS Infrastructures and IT Career Recommendations. Jeff Fineberg November 21, 2011

MEng, BSc Applied Computer Science

Integrating a Big Data Platform into Government:

COMPUTER SCIENCE/ COMPUTER NETWORKING AND TECHNOLOGIES (COSC)

REPORT State of Vulnerability Risk Management

Backend System Engineer, AscesoBee Limited. EHR Specialist in Genetics, Codex Genetics Limited

BRIAN RUSSEL DAVIS. New Media Programming, Design & Concept Development. Summary

STEP Networks Inc North routledge Park Ontario, Canada, N6H 5N5 OUR COMMITMENT TO EXCELLENCE

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Vulnerability Assessment and Penetration Testing

1. Digital Literacy - Computer Security and Privacy 2. Partners in Learning: Organize and Manage the Use of ICT in Your Classroom 3.

Toward a lightweight framework for monitoring public clouds

June 2014 WMLUG Meeting Kali Linux

Transcription:

Ram B. Basnet, Ph.D. EDUCATION New Mexico Tech, Socorro, New Mexico Ph.D. in Computer Science, 5/2010 1/2012, Area of Specialization: Phishing Detection M.S. in Computer Science, 8/2005 12/2007 Colorado Mesa University, Grand Junction, Colorado, 8/2001 5/2004 B.S. in Computer Science and Minor in Mathematics, summa kum laude RESEARCH EXPERIENCE Graduate Research Associate: 5/2010 12/2011, Institute for Complex Additive Systems Analysis (ICASA), New Mexico Tech, (research adviser: Dr. Andrew H. Sung), Socorro, New Mexico. Designed and developed systems using machine learning techniques and rulebased expert system to counter phishing attacks by detecting phishing emails, phishing URLs, and phishing webpages. Contributed in writing research proposals to apply for grants. Published research and findings in peer-reviewed conferences and journals. Research Scientist II: 1/2008 4/2010, ICASA, New Mexico Tech, Albuquerque, New Mexico. Researcher and lead developer on CACTUS (Computational Analysis of Cyber Terrorism against the United States), $1,000,000 project funded by federal grant; focused on research and development in text and Web mining; collaborated and integrated software modules in Natural Language Processing developed by Computing Research Laboratory (crl.nmsu.edu) at New Mexico State University. Directed innovative design and development of a scalable information gathering, retrieval, and visualization framework. Supervised graduate students and interns on various projects such as network security and forensics, machine learning, data mining, client and compliance management systems, application security, etc. Identified and demonstrated XSS and SQL Injection vulnerabilities on New Mexico Legislator website when it was compromised during the 2008 session; reviewed and fixed the source codes written in ASP and JSP and brought the site back online in 4 days. Designed and developed an application called Tweezer to gather, analyze (sentiment analysis), and present results on tweets from Twitter using Django (MVC) framework. Ram B. Basnet, CV, Page 1 of 5

Developed teaching materials (http://code.google.com/p/owasp-top-10/) and provided hands-on trainings on Top 25 Most Dangerous Programming Errors and OWASP Top 10 Errors to developers from New Mexico State departments and BudgeText Corp. (www.budgetext.com). Performed information security posture assessment for various New Mexico state agencies such as taxation and revenue, judicial information systems, legislative council service, corrections department, etc. and private businesses. Graduate Research Assistant: 8/2005 12/2007, ICASA, New Mexico Tech, Socorro, New Mexico. Performed research and development in network and web application security. As a founding member of the Strike Team, participated in network security posture assessment of various government agencies and private firms. Participated in full software development life cycle including requirements definition, prototyping, designing, interface implementation, testing and maintenance using agile software development methodology. Analyzed and used several commercial and open-source network security and digital forensic software tools. PUBLICATIONS R. B. Basnet (2012), Detecting Phishing Attacks: a Comprehensive Approach, Ph.D. Dissertation, New Mexico Tech. R. B. Basnet, A. H. Sung, Q. Liu, and D. Ackley, Learning to Detect Phishing URLs, Information Sciences, under review. R. B. Basnet and Andrew H. Sung (2012), Mining Web to Detect Phishing URLs, 11 th International Conference on Machine Learning and Application (ICMLA), 2012. R. B. Basnet, A. H. Sung, and Q. Liu (2012), Feature Selection for Improved Phishing Detection, Data Mining and Computational Intelligence for Digital Forensics and Information Assurance (IEA/AIE 2012). R. B. Basnet, A. H. Sung, and Q. Liu (2011), Rule-Based Phishing Attack Detection, Proc. of International Conference on Security and Management, pp. 624-630. R. B. Basnet and A. H. Sung (2010), Classifying Phishing Emails Using Confidence-Weighted Linear Classifiers, Proc. of International Conference on Information Security and Artificial Intelligence, pp. 108-112. G. J. Torres, R. B. Basnet, A. H. Sung, and S. Mukkamala (2009), A Similarity Measure for Clustering and its Applications, International Journal of Electrical and Electronic Engineering, pp.164-170. R. B. Basnet and S. Mukkamala (2009), Event Detection and Localization Using Sensor Networks, Proc. of International Conference on Wireless Networks, pp. 103-108. M. K. Shankarapani, R. B. Basnet, S. Mukkamala, A. H. Sung, and B. M. Ribeiro (2008), Translation Based Arabic Text Categorization, Proc. of 2 nd International Conference on Information Systems Technology and Management. Ram B. Basnet, CV, Page 2 of 5

R. B. Basnet, S. Mukkamala, and A. H. Sung (2008), Detection of Phishing Attacks: A Machine Learning Approach, Studies in Fuzziness and Soft Computing, Springer, pp. 373-383. S. Mukkamala, K. Yendrapalli, R. B. Basnet, and A. H. Sung (2007), Detecting Coordinated Distributed Multiple Attacks, Proc. of 21st International Conference on Advanced Information Networking and Applications, pp. 557-562. S. Mukkamala, K. Yendrapalli, R. B. Basnet, M. K. Shankarpani, and A. H. Sung (2007), Detection of Virtual Environments and Low Interaction Honeypots, Proc. of Information Assurance and Security Workshop, IEEE SMC, pp. 92-98. R. B. Basnet, K. Yandrapali, T. Dolek, and S. Mukkamala (2007), Knowledge Based Discovery of Phishing Attacks, IICAI, 2007. S. Mukkamala, A. H. Sung, K. Yendrapalli, R. B. Basnet (2007), Biased Support Vector Machine and Kernel Methods for Tumor Classification, Rocky Mountain Bioinformatics Conference, Aspen, CO, 2007. R. B. Basnet, G. Torres, A. H. Sung, S. Mukkamala, B. Ribeiro (2008), Translation Based Foreign Language Text Categorization, unpublished (https://cs.nmt.edu/~rbasnet/research/tbtc.pdf). INDUSTRY EXPERIENCE Chief Technology Officer: 4/2012 6/2013, Sage Technology Partners, Inc. Albuquerque, New Mexico. Lead R&D and consulting efforts in cyber security services especially in network and web application security. Performed network and application security assessment and penetration testing for various private and government entities. Developed custom applications for clients. Lead the effort in developing various in-house software tools and applications. Provided cyber security awareness training to clients. Evaluated and implemented various security and IT products for managed services. Revamped corporate web presence; developed marketing strategy using social media. Software Developer: 9/2004 8/2005, Flow-Data, Inc., Grand Junction, Colorado. Designed and developed desktop and web applications in VB6 and ASP.NET. Designed and maintained company s website. Freelance Web Developer: 5/2004 8/2006. Developed and maintained e-commerce website for Black Canyon Foods, LLC using ASP.NET. Ram B. Basnet, CV, Page 3 of 5

Network Administrator: Killian & Davis, P.C., 7/2004 7/2005, Grand Junction, Colorado. Provided IT support, maintained systems and network, designed and maintained databases and website, designed ads, etc. Computer Lab Technician: 8/2001 5/2004, Colorado Mesa University, Grand Junction, Colorado. Provided computer lab help desk support; fixed and setup computers, printers, and network devices, etc. TEACHING INTERESTS Data Structures and Algorithms Software Engineering and Secure Software Development Information Assurance Digital Forensics Database and Security Programming Languages Secure Web Application Development RESEARCH INTERESTS Phishing detection, data mining and machine learning Information assurance, risk management, network security, digital forensics, web application security, web-based malware, steganalysis, intrusion detection and prevention, etc. PROJECTS EVENT (Enterprise Vulnerability Exploration & Network Topology) - consolidates network vulnerability assessment reports from industry best scanners and generates prioritized custom reports for all levels of IT staff. Provides a unified GUI framework for popular network security scanners (Nmap, Amap, and Nessus Client). The framework also contains exploit module. MAKE2 (Media Analysis Knowledge Extraction & Exploration) - a compressive digital forensic toolkit. Major features include: disk imaging, file system exploration, MAC time visualization, full-text indexing and searching, email graph visualization, image search and visualization, hex viewer, etc. CAaNES (http://www.caanes.com/), a cyber security company in Albuquerque NM, offered to buy EVENT and MAKE2. ARIN WhoisRWS API Wrapper - http://code.google.com/p/pywhoisapi/. Python API for longurl.org - http://code.google.com/p/pylongurl/. Hands-on learning materials on OWASP Top 10 and Top 25 Most Dangerous Programming Errors for asp.net developers - http://code.google.com/p/owasptop-10/. Ram B. Basnet, CV, Page 4 of 5

PROFESSIONAL SERVICES Reviewer: Elsevier - Computers and Security (2011 Present) Program committee: Data Mining and Computational Intelligence for Digital Forensics and Information Assurance (IEA/AIE 2012) TECHNICAL SKILLS Python, C#, JAVA, C++, VB, C, Matlab, Perl ASP.NET, PHP, JSP, ASP, HTML, XML, CSS, JavaScript, Silverlight, MVC MySQL, MSSQL, Sqlite, MS Access, OOP/OOD (UML, Design Patterns), GUI Design, Web Services, etc. Nessus, LANGuard, SPI Dynamics, Retina, XScan, Nmap, Amap, Metasploit, Canvas, Qualys, Acunetix, WebInspect, Nikto, Wireshark, pyflag, dd, The Sleuth Kit, COFEE, EnCase, FTK, etc. AWARDS & HONORS The Dean s List, 2006 2007 The Chancellor s List, 2005 2006 The President s List, 2001 2004 Kappa Mu Epsilon and Upsilon Pi Epsilon, 2003 Rim Rock International Scholarship, 2001 2004 Wayne Aspinall Foundation Science Scholarship, 2003 2004 Mesa State College Foundation - Bacon Family Scholarship, 2002 2004 Outstanding Student of the Batch (Little Angels College, Nepal), 1997 1999 Best All Rounder (Little Angels School, Nepal), 1997 Ram B. Basnet, CV, Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information