SDN-based firewall with advanced capabilities
Performed intensive research of various proposed works on SDN-based firewalls.
This included academic works like FortNOX, FlowGuard and industry accepted advanced firewalls like Palo Alto firewalls.
The goal was to discover the challenges faced by these firewalls and their readiness for the production networks.
Process: Identified various metrics on which seven different firewalls were measured. Extended one of these work locally to evaluate
challenges involved in networks which scale dynamically.
Results: The underlying challenges were discovered and firewalls were rated on different metrics. Proposed "network mapping" and
"node caching" approaches to improve performance of firewall's conflict detection module. As a novel contribution, corrected the
violation resolution approaches by introducing fine-granularity of flow rules. Proposed an "adaptive" firewall: process of detection
and resolution made automated for a robust user experience.
Software Defined Networking based HoneyNet
Goal: To lure attackers to target an imitated version of production network (HoneyNet) and later analyze their methods
and intentions by employing a covert proxy (HoneyProxy).
Process: Design and develop an SDN based network of Honeypots which run dummy WEB
and FTP services (potential target of these attackers). Go public with this imitated services. Prevent internal propagation of malware
to production network by leveraging SDN's centralized view to install secured flow policies. Analyze the method and intentions of attacks.
Do not leak the "honey" - prevent Honeypots from being fingerprinted by dynamically improving covert proxy. Results of this
research proved useful in blacklisting IPs performing brute force attacks and for hardening campus network servers.
Embedded driver programming in Intel Quark based Galileo Board
The project is part of the course “Embedded Operating System Internals”. The project aims to provide an understanding
of internals of Linux and RTOS kernel architecture and implementing device drivers. Investigated Linux kernel source code
including memory management, kernel synchronization, device driver design and trace or debug support. Programmed ioctls,
syscall interface, static and dynamic probes, misc drivers, etc. Developed and tested the device driver software on the
target platform (Galileo Gen 2).
Framework for exploit detection and patching in Capture the Flag competition
Participated in a project based CTF game. Developed a Python vulnerability detection engine. Contributed
to the defense framework to reverse engineer the binaries, patch the application/web vulnerabilities in real time.
An automated TCP/IP attack re-launch mechanism from victim to the attacker: Built a Python based network daemon to
impersonate the victim IP addresses using ARP spoofing and relaunch the attack from victim to attacker. Used extensive
libraries from Python Scapy packet for Deep Packet Inspection and modification. The team won the iCTF competition.
