----------------------------------------------------- Viren R. Shah Address:21800 Kings Crossing Terrace Ashburn, VA 20147 Phone: 703.729.6814 Email: viren@viren.org WWW: http://www.viren.org/ --------------------------------------------------------------------------- Summary Software professional with experience in research and analysis, as well as architecting, designing and implementing applications and user interfaces. Areas of interest include innovative technologies, software analysis, object-oriented design, networking, configuration management and security. Quick learner with the ability to adapt to new situations and technologies. Languages Java, C, C++, Perl, Lisp, SGML, UML Operating Systems Solaris, FreeBSD, Linux, Windows NT/2000 Skills Software analysis, object-oriented design and programming, configuration management, user-interface design, network programming, educational/learning software. --------------------------------------------------------------------------- Experience Sr. Research Cigital, Dulles VA Associate 1997-current * Duties involve leading research and development efforts on research projects, writing proposals and publications, performing risk assessments for clients, managing the in-house Software Configuration Management (SCM) and helping administer the computers systems. * Project Lead for a project looking into language-based security issues with resource- constrained wireless devices. Leading the analysis and development efforts focused on improving and extending the current security paradigms for Java-based devices. * As a consultant, analyzed and assessed the software architecture, SCM process and Quality Assurance efforts in a mission-critical project for a large company. This involved analyzing and assessing risks as well as devising practical, manageable risk mitigation strategies for the areas in question. * Project lead for a project concerned with developing an Aspect-Oriented Programming (AOP) solution for security issues. Led a team in designing and implementing a complete system, including an aspect language and an aspect weaver. * As a consultant, helped architect a SCM solution for an e-commerce company. Also planned and assisted in the migration of the development group from Visual Source Safe to CVS. * Technical Lead for a project involved in researching and developing a software certification pipeline for electronic commerce applications. As part of this project, researched and implemented a technique for the automated detection of buffer overflow exploits in C code. * Developed state-of-the-art analysis tools for Java bytecode. These involved static and dynamic techniques for analyzing Java bytecode for security and programming violations. As part of this research, built a bytecode parser, and also analyzed the implementation and specifications for bytecode and the Java Virtual Machine. * Researched and developed techniques to test Win32 applications and components for unstable behavior. This involved developing automated test and data generation tools to exploit possible flaws in the components. * Involved in the setup and administration of UNIX-based SMTP, NFS, Samba, FTP, HTTP and NIS servers. Duties involve ensuring continuous availability of resources and infrastructure, maintaining high security levels, and installing and maintaining applications. Also involved in network router administration. Servers run Solaris, BSD, and Linux operating systems. Software Engineer Visix Software Inc., Reston VA 1997 Development of a cross-platform application development environment for Java, called Vibe. Also worked on Galaxy, a cross-platform class library for developing applications (C, Galaxy, C++) * Developed component editors for user interface of Vibe * Worked on library code for the network aspect of Galaxy Research Assistant College of Computing, Georgia Institute of 1994-1997 Technology, Atlanta GA Design and development of interactive multimedia courseware on the WWW . Also designed systems to promote human learning and problem-solving, based on cognitive principles (Java, Perl). * Developed content guidelines and application infrastructure. * Built authoring tools for use by instructors/authors that significantly helped reduce module development time. * Developed interactive content materials for an undergraduate graphics courseware module. * Teaching Assistant for the undergraduate Artificial Intelligence course. (Lisp) Software Engineer Elemental Interactive Design & Development, Atlanta 1996 GA Design and implementation of cross-platform internet and intranet tools (Java, Perl, SGML) * Designed and developed a cross-platform information visualization and presentation system with the ability to deliver information through the WWW. (Java) * Part of team that developed an intranet publishing system. (SGML, Perl) Graduate Department of Computer Science,UUniversity of Assistant/System Mississippi, Oxford MS Administrator 1993-1994 * Developed formal specification systems for concurrent programs; worked with B-tree variations for parallel models. Used different formal notation systems. (C, UNITY) * Taught most of the undergraduate senior-level Algorithms and Data Structures course. (C, Pascal) * System administration of all the Computer Science department systems, including multi-platform UNIX workstations and DOS/Windows machines. System and software consultant. * Managed FTP and WWW sites. (C, HTML) Graduate Research Institute of Pharmaceutical Sciences, Assistant/System University of Mississippi. Administrator Developed system integration tools. Also provided 1992-1994 systems and application support. * Developed statistical package for market analysis of products that was used in research into marketability factors of products. (C, Foxpro) * Managed a LAN, and provided software and hardware support for the department. --------------------------------------------------------------------------- Education Ph.D. Program College of Computing, Georgia Institute of 1994-1997 Technology. GPA: 3.7/4.0 M.S (Comp. Sci.) Department of Computer Science, University of 1994 Mississippi. GPA: 4.0/4.0 B.S.C.S. Department of Computer Science, University of 1992 Mississippi. GPA: 4.0/4.0 --------------------------------------------------------------------------- Publications Conference * M. Weber, Viren Shah and Chris Ren, "A Case Proceedings Study in Detecting Software Security Vulnerabilities Using Constraint Optimization", IEEE Workshop on Source Code Analysis and Manipulation, November 2001, Florence, Italy. * T J Walls, Viren Shah and Anup Ghosh, "Towards Certifying Software for Security", Proceedings of ISACC 2000, September 2000, Reston, VA. * A.K. Ghosh, M. Schmid, and V. Shah, "Testing the Robustness of Windows NT Software", in Proceedings of the 9th International Symposium on Software Reliability Engineering, (ISSRE'98), November 4-7, 1998, Paderborn, GE. * A.K. Ghosh, V. Shah, and M. Schmid, "An Approach for Analyzing the Robustness of Windows NT Software", in Proceedings of the 21st National Information Systems Security Conference (NISSC98), October, 1998, Arlington, VA. * Carlson D., Guzdial M., Kehoe C., Shah V. and Stasko J. "WWW Interactive Learning Environments For Computer Science Education." Proceedings of SIGCSE `96, February 1996. * Bhattacharjee S., Ammar M., Zegura E., Shah V., and Zongming F. "Application-Layer Anycasting." to appear in Proceedings of INFOCOM 97. Technical Reports * Bhattacharjee S., Ammar M., Zegura E., and Shah V. "On the Design and Implementation of Generalized Application-Layer Anycasting" Tech. Rep. GIT-CC-96-03, College of Computing, Georgia Institute of Technology, 1996. * Bhattacharjee S., Ammar M., Zegura E., Shah V., and Zongming F. "Application-Layer Anycasting." Tech. Rep. GIT-CC-96-25, College of Computing, Georgia Institute of Technology, 1996. * Cunningham H. C., Shah V., and Shen S. "Devising a Formal Specification for an Elevator Controller." Tech. Rep. UMCIS-1994-10, Computer and Information Science, University of Mississippi. September 1994. --------------------------------------------------------------------------- Awards * Outstanding Computer Science Junior, University of Mississippi * Outstanding Computer Science Senior, University of Mississippi * Taylor Medal Honoree, University of Mississippi --------------------------------------------------------------------------- Affiliations * The Honor Society of Phi Kappa Phi --------------------------------------------------------------------------- References Available upon request. --------------------------------------------------------------------------- --------------------------------------------------------------------------- Viren Shah Last modified: Mon Aug 27 2001 20:40:47 EST