Selected Work
I have hands-on experience in Security Operations Center (SOC) environments, where I’ve worked on designing and deploying end-to-end detection and response systems. My work includes integrating tools like SIEM, IDS/IPS, and SOAR to simulate and handle real attack scenarios aligned with frameworks like MITRE ATT&CK.
HIPAA-aware SOC simulation with segmented VLANs (Medical, Admin, DMZ), 17 custom detection rules, 8 MITRE ATT&CK scenarios including ransomware and DICOM exfiltration. SOAR auto-triggers on breach detection.
ML pipeline for automotive CAN bus intrusion detection. Rule Sentinel + LightGBM + TCN Autoencoder with SHAP. F1=99.5% in-domain; cross-domain AUC 0.54 to 0.93 via MMD fine-tuning.
XGBoost integrated with Suricata IDS to classify network alerts using the UNSW-NB15 dataset. High-accuracy threat detection with significantly reduced false positives over baseline rules.
Real-time counterfeit detection system. Manufacturers generate SHA-256 QR codes stored on blockchain; users scan to instantly verify product authenticity.
AI-powered voice assistant for health queries in local languages with spoken responses. Targets low-literacy and rural users across hygiene, nutrition, maternal health, and common diseases.
Full authorized black-box penetration test. Recon to API exploitation to JS bundle static analysis to formal report. Identified localStorage token exposure, hardcoded private IPs, and unprotected admin routes.