Viren R

	Viren R. Shah 21800 Kings Crossing Terrace, Ashburn, VA 20147 703.729.6814 viren@viren.org http://www.viren.org/
Summary
Software professional with experience in research and analysis, as well as architecting, designing and implementing applications and user interfaces. Areas of interest include innovative technologies, software analysis, object-oriented design, networking, configuration management and security. Quick learner with the ability to adapt to new situations and technologies.
Languages/Products	Java, C, C++, Galaxy C/C++, Perl, SGML, UML
Operating Systems	Solaris, FreeBSD, Linux, Windows NT/2000
Skills	Software analysis, object-oriented design and programming, configuration management, user-interface design, network programming, educational/learning software.

Experience
Sr. Research Associate/System Administrator	Cigital, Inc. Dulles VA		1997-current
	· Duties involve leading research and development efforts on research projects, writing proposals and publications, performing risk assessments for clients, managing the in-house Software Configuration Management (SCM) and helping administer the computers systems. · Project Lead for a project looking into language-based security issues with resource-constrained wireless devices. Leading the analysis and development efforts focused on improving and extending the current security paradigms for Java-based devices. · As a consultant, analyzed and assessed the software architecture, SCM process and Quality Assurance efforts in a mission-critical project for a large company. This involved analyzing and assessing risks as well as devising practical, manageable risk mitigation strategies for the areas in question. · Project lead for a project concerned with developing an Aspect-Oriented Programming (AOP) solution for security issues. Led a team in designing and implementing a complete system, including an aspect language and an aspect weaver. · As a consultant, helped architect a SCM solution for an e-commerce company. Also planned and assisted in the migration of the development group from Visual Source Safe to CVS. · Technical Lead for a project involved in researching and developing a software certification pipeline for electronic commerce applications. As part of this project, researched and implemented a technique for the automated detection of buffer overflow exploits in C code. · Developed state-of-the-art analysis tools for Java bytecode. These involved static and dynamic techniques for analyzing Java bytecode for security and programming violations. As part of this research, built a bytecode parser, and also analyzed the implementation and specifications for bytecode and the Java Virtual Machine. · Researched and developed techniques to test Win32 applications and components for unstable behavior. This involved developing automated test and data generation tools to exploit possible flaws in the components. · Setup and maintenance of SCM software. Duties include tutoring and mentoring coworkers about SCM usage, as well as configuration management for various projects. · Involved in the setup and administration of UNIX-based SMTP, NFS, Samba, FTP, HTTP and NIS servers. Duties involve ensuring continuous availability of resources and infrastructure, maintaining high security levels, and installing and maintaining applications. Also involved in network router administration. Servers run Solaris, BSD, and Linux operating systems.
Software Engineer	Visix Software, Inc., Reston VA		1997
	Development of a cross-platform application development environment for Java, called Vibe. Also worked on Galaxy, a cross-platform class library for developing applications (C, Galaxy, C++) · Developed components for user interface of the product. · Worked on library code for the networking libraries.
Research Assistant	College of Computing, Georgia Institute of Technology, Atlanta GA		1994-1997
	Design and development of interactive multimedia courseware on the WWW . Also designed systems to promote human learning and problem-solving, based on cognitive principles (Java, Perl). · Developed content guidelines and application infrastructure. · Built authoring tools for use by instructors/authors that significantly helped reduce module development time. · Developed interactive content materials for an undergraduate graphics courseware module. · Teaching Assistant for the undergraduate Artificial Intelligence course. (Lisp)
Software Engineer	Elemental Interactive Design and Development, Atlanta GA			1996
	Design and implementation of cross-platform internet and intranet tools (Java, Perl, SGML) · Designed and developed a cross-platform information visualization and presentation system with the ability to deliver information through the WWW. (Java) · Developed an intranet publishing system. · Performed source control and configuration management tasks.
Graduate Assistant/	Department of Computer Science, University of Mississippi, Oxford MS	1993-1994
System Administrator	· Developed formal specification systems for concurrent programs; worked with B-tree variations for parallel models. Used different formal notation systems. (C, UNITY) · Taught part of the undergraduate senior-level Algorithms and Data Structures course. (C, Pascal) · Managed all the Computer Science department systems, including multi-platform UNIX workstations and DOS/Windows machines. System and software consultant. · Managed the departmental FTP and WWW sites. (C, HTML)
Graduate Assistant/	Research Institute of Pharmaceutical Sciences, University of Mississippi	1992-1994
System Administrator	Developed system integration tools. Also provided systems and application support. · Developed a statistical package for market analysis of products that was used in research into marketability factors of products. (C, Foxpro) · Managed a LAN, and provided hardware and software support for the department.

Education
Ph.D. Program	College of Computing, Georgia Institute of Technology, Atlanta GA GPA: 3.7/4.0	1994-1997
M.S. (C.S)	Department of Computer Science, University of Mississippi, Oxford MS GPA: 4.0/4.0	1994
B.S.C.S.	Department of Computer Science, University of Mississippi, Oxford MS GPA: 4.0/4.0	1992

Publications
Conference Proceedings	· M. Weber, Viren Shah and Chris Ren, “A Case Study in Detecting Software Security Vulnerabilities Using Constraint Optimization”, IEEE Workshop on Source Code Analysis and Manipulation, November 2001, Florence, Italy. · T J Walls, Viren Shah and Anup Ghosh, “Towards Certifying Software for Security”, Proceedings of ISACC 2000, September 2000, Reston, VA. · A.K. Ghosh, M. Schmid, and V. Shah, "Testing the Robustness of Windows NT Software", in Proceedings of the 9th International Symposium on Software Reliability Engineering, (ISSRE'98), November 4-7, 1998, Paderborn, GE. · A.K. Ghosh, V. Shah, and M. Schmid, "An Approach for Analyzing the Robustness of Windows NT Software", in Proceedings of the 21st National Information Systems Security Conference (NISSC98), October, 1998, Arlington, VA. · Carlson D., Guzdial M., Kehoe C., Shah V. and Stasko J. "WWW Interactive Learning Environments For Computer Science Education." Proceedings of SIGCSE `96, February 1996. · Bhattacharjee S., Ammar M., Zegura E., Shah V., and Zongming F. "Application-Layer Anycasting." Proceedings of INFOCOM 97, April 1997.
Technical Reports	· Bhattacharjee S., Ammar M., Zegura E., and Shah V. "On the Design and Implementation of Generalized Application-Layer Anycasting" Tech. Rep. GIT-CC-96-03, College of Computing, Georgia Institute of Technology, 1996. · Bhattacharjee S., Ammar M., Zegura E., Shah V., and Zongming F. "Application-Layer Anycasting." Tech. Rep. GIT-CC-96-25, College of Computing, Georgia Institute of Technology, 1996. · Cunningham H. C., Shah V., and Shen S. "Devising a Formal Specification for an Elevator Controller." Tech. Rep. UMCIS-1994-10, Computer and Information Science, University of Mississippi. September 1994.

Awards
	· Outstanding Computer Science Junior, University of Mississippi · Outstanding Computer Science Senior, University of Mississippi · Taylor Medal Honoree, University of Mississippi

Affiliations
	· The Honor Society of Phi Kappa Phi · ACM · IEEE

References	Available upon request.