Hi I'm Vaibhav Hemant Dixit

Software Engineer and Cybersecurity enthusiast

A software engineer at Comcast Corporation, I am a part of network architecture group and work with some amazingly talented people in the field. Together, we are engineering a smart-next-gen security solutions for the datacenter-based Software Defined Networks (SDN).
I earned a Master of Science in Computer Science from Arizona State University in June 2018 after successfully defending my thesis under the supervision of Dr. Gail-Joon Ahn and Dr. Adam Doupé. As a Research Assistant, I have collaborated with some of the smartest mentors and students at The Laboratory of Security Engineering for Future Computing.
Before joining ASU, I have also worked as a Software Engineer at Samsung Electronics, India.


Jul-2018 to present

Software Engineer 2

Comcast Corporation

A part of network architecture group and work with some amazingly talented people in the field. Together, we are engineering a smart-next-gen security solutions for the datacenter-based Software Defined Networks (SDN).

Dec-2016 to July-2018

Graduate Research Assistant

Security Engineering for Future Computing Lab, ASU

Designed a novel SDN-based adaptive security mechanism on ASU’s Science-DMZ network. Devising countermeasure generation algorithm on Elastic Search Cluster using attack graph with CVSS scores of compromised services.

Aug-2016 to June-2018

Master of Science in computer Science

Arizona State University

Courses taken during the graduate program: Automatic Binary Code/Software Analysis, Embedded Operating System Internals, Mobile Computing, Software Security, Foundation of Algorithms, Data Mining, Knowledge Representation and Thesis
GPA: 3.7/4

Jul-2013 to Jun-2016

Software Engineer

Samsung Electronics, India

Youngest member of the Wi-Fi device driver team. Constructed 802.11 protocol based control plane networking features of Wi-Fi Access Point. Implemented Open, WEP, WPA, WPA2 and 802.11w secured connection procedures at Linux control plane. Consistently optimized the features to improve throughput and latency metrics.

Jul-2009 to Apr-2013

Bachelor of Technology in Information Technology

Vellore Institute of Technology, India

Courses: Programming in Java, Operating Systems, Embedded Systems, Network Security, Parallel Programming, Data Structures and Algorithms and Software Design
GPA: 8.5/10


AIM-SDN: Attacking Information Mismanagement in SDN-datastores

Vaibhav Hemant Dixit, A. Doupé, Y. Shoshitaishvili, Z. Zhao and G-J. Ahn

25th ACM Conference on Computer and Communications Security (CCS), Toronto, Canada, 2018

Challenges and preparedness of SDN-based Firewalls


Vaibhav Hemant Dixit, S. Kyung, Z. Zhao, A. Doupé, Y. Shoshitaishvili and G-J. Ahn

ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (SDNNFV-SEC) with ACM CODASPY 2018, Arizona, 2018

Science DMZ: Software Defined Networking based Secured Cloud Testbed


A. Chowdhary, Vaibhav Hemant Dixit, N. Tiwari, S. Kyung, D. Huang and G-J. Ahn

IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), Berlin, Germany, 2017

HONEYPROXY: Design and Implementation of Next-Generation Honeynet via SDN


S. Kyung, W. Han, N. Tiwari, Vaibhav Hemant Dixit, L. Srinivas, Z. Zhao, A. Doupé and G-J. Ahn

IEEE Conference on Communications and Network Security (CNS), Oct, 2017


SDN-based firewall with advanced capabilities

Performed intensive research of various proposed works on SDN-based firewalls. This included academic works like FortNOX, FlowGuard and industry accepted advanced firewalls like Palo Alto firewalls. The goal was to discover the challenges faced by these firewalls and their readiness for the production networks.
Process: Identified various metrics on which seven different firewalls were measured. Extended one of these work locally to evaluate challenges involved in networks which scale dynamically.
Results: The underlying challenges were discovered and firewalls were rated on different metrics. Proposed "network mapping" and "node caching" approaches to improve performance of firewall's conflict detection module. As a novel contribution, corrected the violation resolution approaches by introducing fine-granularity of flow rules. Proposed an "adaptive" firewall: process of detection and resolution made automated for a robust user experience.

Software Defined Networking based HoneyNet

Goal: To lure attackers to target an imitated version of production network (HoneyNet) and later analyze their methods and intentions by employing a covert proxy (HoneyProxy).
Process: Design and develop an SDN based network of Honeypots which run dummy WEB and FTP services (potential target of these attackers). Go public with this imitated services. Prevent internal propagation of malware to production network by leveraging SDN's centralized view to install secured flow policies. Analyze the method and intentions of attacks. Do not leak the "honey" - prevent Honeypots from being fingerprinted by dynamically improving covert proxy. Results of this research proved useful in blacklisting IPs performing brute force attacks and for hardening campus network servers.

Embedded driver programming in Intel Quark based Galileo Board

The project is part of the course “Embedded Operating System Internals”. The project aims to provide an understanding of internals of Linux and RTOS kernel architecture and implementing device drivers. Investigated Linux kernel source code including memory management, kernel synchronization, device driver design and trace or debug support. Programmed ioctls, syscall interface, static and dynamic probes, misc drivers, etc. Developed and tested the device driver software on the target platform (Galileo Gen 2).

Framework for exploit detection and patching in Capture the Flag competition

Participated in a project based CTF game. Developed a Python vulnerability detection engine. Contributed to the defense framework to reverse engineer the binaries, patch the application/web vulnerabilities in real time. An automated TCP/IP attack re-launch mechanism from victim to the attacker: Built a Python based network daemon to impersonate the victim IP addresses using ARP spoofing and relaunch the attack from victim to attacker. Used extensive libraries from Python Scapy packet for Deep Packet Inspection and modification. The team won the iCTF competition.

Contact Me

Contact Info

The best way to contact me would be to send a introductory message with some brief details. I check my inbox regularly and also appreciate your patience if there is a delay.

If the questions involve my research and prospective opportunities for either of us, you can expect an unusually faster response.


Philadelphia, PA, USA



Send Message

Your text message sent successfully!

Sorry! Message not sent. Something went wrong!!