Bradley Reaves
advertisement
Bradley Reaves http://www.cc.gatech.edu/ breaves3 Education Georgia Institute of Technology, Atlanta, GA Doctor of Philosophy, Computer Science Emphasis: Mobile Security Minor: Higher Education Advisor: Patrick Traynor Projected 2016 Mississippi State University, Starkville, MS Master of Science, Computer Engineering August 2011 Emphases: Computer Security; SCADA, Industrial Control System, and Smart Grid Security Thesis: “An Open Virtual Testbed for Industrial Control System Security Research” Information Security Certificate Bachelor of Science, summa cum laude, Computer Engineering Minors in Spanish and Mathematics May 2010 Research Experience Graduate Research Assistant August 2011 – Present Georgia Institute of Technology • Studied prioritizing Android malware analysis at application market-scale using statistical analyses of declared behavior. Tests showed nearly an order of magnitude reduction in the number of apps to be analyzed to identify more than 90% of malware present in a given market • Investigated presence of mobile-specific malware in a cellular IP network, finding that actual infection rates are quite low (around 0.001%). Graduate Research Assistant May 2010 – July 2011 Mississippi State University • Designed black-box cybersecurity testing methodology for Smart Grid equipment for Fortune 500 electric utility • Implemented and tested common networking attacks in a Smart Grid testbed • Discovered novel network denial-of-service attacks in Smart Grid equipment • Created a framework for the development of testbeds for SCADA/industrial control system security research. Undergraduate Research Assistant January 2009 – May 2010 Mississippi State University • Troubleshooted Linux kernel modification to enable execution of encrypted binary executables only decrypted in main memory. • Discovered vulnerabilities and developed proof-of-concept code for wireless network intrusion, packet injection, and denial of service in a common proprietary SCADA wireless system. Reaves p. 1 Industry Experience Intern, Software Security Research May 2012 – August 2012 Hewlett Packard Company • Prepared document detailing research strategies and development needs for a new web technology in WebInspect, a dynamic application security testing product for web applications • Discovered and responsibly disclosed vulnerabilities in a web application found during technology research Teaching Experience Instructor Summer 2014 CS 4235: Intro. to Computer Security Security (Georgia Institute of Technology) • Developed course curriculum and laboratory-style exercises • Students surveyed gave a unanimous 5/5 rating for overall effectiveness • Selected student comments: “The homeworks were fun and very educational,” “Very effective teacher overall. I would definitely recommend him to future students,” “#favoriteGTclass.” Teaching Assistant Spring 2013 CS 6262: Network Security (Georgia Institute of Technology) • Delivered five lectures • Developed and graded laboratory-style exercises • Students surveyed gave a median 4.78 rating (out of a possible 5) for TA effectiveness Guest Lecturer CS 6238: Secure Computing Systems (Georgia Institute of Technology) Lecture: Android Security CS 3251: Computer Networks (Georgia Institute of Technology) Lectures: Wireless Networks, Android Development, Security Protocols Spring 2013 Spring 2014 Honors Graduate Honors • National Science Foundation Graduate Research Fellowship • James Worth Bagley Supplemental Fellowship (MSU) • Best Paper Award: “On SCADA Control System Command and Response Injection and Intrusion Detection” • Best Paper Award: “MAST: Triage for Market-scale Mobile Malware Analysis” • Student Travel Grant to CCS 2012 • Student Travel Grant to the 2013 Trusted Infrastructure Workshop Undergraduate Honors • Most Outstanding Computer Engineering Senior • Member, Arts and Sciences Society of Scholars (Limited to top 1.5% of graduating seniors) • Shackouls Summer Undergraduate Research Fellow (Competitive research grant) • Joseph Barrier Engineering Scholarship • Nucor Foundation Academic Scholarship • National Merit Scholarship • Best Undergraduate Poster: B. Reaves and T. Morris, “Vulnerabilities in a Proprietary SCADA Wireless System.” IEEE Power Energy Society Transmission and Distribution Conference, New Orleans, LA, April 19-22, 2010. • Engineering Poster Award: B. Reaves and T. Morris, “Vulnerabilities in a Proprietary SCADA Wireless System.” Shackouls Honors College Undergraduate Research Symposium, Mississippi State University, April 2010. Reaves p. 2 Publications [1] Charles Lever, Manos Antonakakis, Brad Reaves, Patrick Traynor, and Wenke Lee. The core of the matter: Analyzing malicious traffic in cellular carriers. In Proceedings of the 20th Network and Distributed System Security Symposium, San Diego, CA, February 2013. [2] Saurabh Chakradeo, Bradley Reaves, Patrick Traynor, and William Enck. MAST: Triage for Market-scale Mobile Malware Analysis. In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2013. (Full Paper; Acceptance Rate: 15.0%). [3] Reaves, Bradley and Thomas Morris. Analysis and mitigation of vulnerabilities in short-range wireless communications for industrial control systems. International Journal of Critical Infrastructure Protection, 2012. [4] Reaves, Bradley and Thomas Morris. An open virtual testbed for industrial control system security research. International Journal of Information Security, 11(4):215–229, 2012. [5] Thomas Morris, Anurag Srivastava, Bradley Reaves, Wei Gao, Kalyan Pavurapu, and Ram Reddi. A control system testbed to validate critical infrastructure protection concepts. International Journal of Critical Infrastructure Protection, August 2011. [6] Wei Gao, Thomas Morris, Bradley Reaves, and Drew Richey. On SCADA control system command and response injection and intrusion detection. In IEEE eCrime Researchers Summit, Dallas, TX, October 2010. [7] Bradley Reaves and Thomas Morris. Discovery, infiltration, and denial of service in a process control system wireless network. In 2009 eCrime Researchers Summit, Tacoma, WA, USA, October 2009. [8] Thomas Morris, Anurag Srivastava, Bradley Reaves, Kalyan Pavurapu, Sharif Abdelwahed, Rayford Vaughn, Wesley McGrew, and Yoginder Dandass. Engineering future Cyber-Physical energy systems: Challenges, research needs, and roadmap. In 2009 IEEE North American Power Symposium, Starkville, MS, October 2009. Relevant Skills • Programming Languages – Proficient: Python, C, Java – Familiar: C++, C#, Tcl, Matlab, R, JavaScript, PLC Ladder Logic, SQL • System Administration: Ubuntu and Fedora Linux, Windows, OS X • Tools: Vim, LATEX, Subversion, Git, Mu Dynamics Studio Security • Relevant Graduate Courses: Information Security, Cryptography and Network Security (MSU), Network Security (GT), Computer Forensics, Secure Computer Systems, Computer Networks, Cellular and Mobile Security, Applied Cryptography Service and Extracurricular Activities Georgia Institute of Technology • Reviewer: Communications of the ACM • Reviewer: IEEE Symposium on Security and Privacy • Reviewer: Usenix Security Symposium • Reviewer: ACM Conference on Computer and Communications Security • Reviewer: Networked and Distributed System Security Symposium • Reviewer: Annual Computer Security Applications Conference • Reviewer: Financial Cryptography and Data Security • Reviewer: Transactions on Dependable and Secure Computing • Reviewer: IEEE Security and Privacy Magazine • Graduate Student Council Vice President, School of Computer Science Reaves 2012 2013, 2014 2013, 2014 2013, 2014 2013, 2014 2014 2013 2013 2013 Fall 2013 – Fall 2014 p. 3
