San Jose, CA
To pursue a challenging career in software development and advance in career through excellence, hard work and participation.
Authorized to work in the US for any employer
December 2015 to Present
· TCP/IP traffic generator module in C and Python: Added C extensions to Python module and made Python module to support Multiprocessing and Asynchronous IO under Linux. The module Finger Prints (detects) remotely connected hosts/devices OS’s and services.
December 2014 to October 2015
· NAT ALG porting: Made NAT (Network Address Translation) Application Layer Gateway Little Endian and Big Endian neutral under Cisco IOS-XE – Cisco IOS runs as a daemon under Linux and communicates Linux and ALGs using IPC. Used C and Sparse/Spark tools. NAT ALG uses IPC to communicate with other ALG’s such as Microsoft RPC and rest of the system.· Read Only File System: Investigated FreeBSD file systems, disk layout of OS and Applications of a network security appliance. Made root FS as read only for security. Modified netboot to net install derived OS and Applications images onto network appliance.
December 2013 to March 2014
· Porting NIC device driver features: Data ONTAP is NetApp’s FreeBSD derived Operating System runs on NetApp network storage filers supporting NAS and SAN. Ported applications and features of 10 Giga-bit NIC drivers (Intel, BroadCom, etc) from ONTAP to FreeBSD drivers. Developed and added proprietary socket ioctls to FreeBSD kernel network socket layer. Used gnu tools and Perforce.
November 2012 to October 2013
· TCP/IP traffic generator module in C and Python: Developed Python module extensions in C under Linux. The C extensions use raw sockets, craft TCP/IPv4 packets, Finger Print (detect) remotely connected hosts/Devices OS’s and services. Developed Link Layer Discovery Protocol (LLDP) in Python/C under Linux to discover neighbor LLDP capable devices. Developed a prototype Multiprotocol Label Switching sniffer module in Python/C. Developed a prototype Python extension to provide interface to the underlying NFV modules.
February 2012 to May 2012
Investment Optimization is a company-wide strategic and financial discipline used to gain visibility into where AmEx's resources are being deployed. Provided support and added T-SQL queries.
July 2011 to November 2011
January 2011 to May 2011
USB Video Driver for Finger Print Device: The finger print device connects to PC running Windows, Linux (Ubuntu) or Embedded Linux (TS-7800 ARM9 CPU based) using USB. When a person touches finger on it, the software needs to get the image from the device. Developed kernel mode and user mode drivers under Linux, built and maintained Embedded Linux 2.6.x kernel along with kernel UVC (USB Video Class) drivers. Developed UVC device driver for Windows using C/C++. Developed user mode GUI test tool using C++ and QT.
• Kernel Mode Driver for Finger Print Device: The finger print device connects to PC running Windows or Linux through USB. Both Windows and Linux consist of kernel mode device driver which sits on top of USB host controller driver, communicates with the device (using standard and proprietary commands). Developed kernel mode driver using C/C++. Co-ordinated with overseas firmware development team, identified performance issues, provided suggestions for firmware improvement and fixed PnP and Power Management under host drivers. Used BEAGEL USB analyzer for traffic analysis and debugging. Made driver compatible with 32 and 64 versions of Windows 7.
August 2009 to September 2010
Investment Optimization: Investment Optimization (IO) is a company-wide strategic and financial discipline used to gain visibility into where AmEx's resources are being deployed. It provides visibility on a BU by BU basis where they are spending their investment money, i.e. marketing, operations, sales force, R&D, technologies, etc.. My role was to monitor development and manage release process. Used MSSQL2005.
September 2008 to April 2009
Gigabit Ethernet Card: Gigabit Ethernet card consists of Intel 82546EB controller for dual Gigabit ports and custom bypass capability. Developed a tool under Linux using C/C++ and raw network sockets to automate testing and for bench marking. Fixed bugs and maintained drivers under Windows, LINUX and VxWorks.
April 2008 to July 2008
InfiniBand: Ported LINUX kernel mode drivers to Windows kernel mode drivers. Developed DCOM interface between kernel mode drivers and user mode C++ applications.
August 2007 to November 2007
Gigabit Ethernet Card: Gigabit Ethernet card consists of Intel 82546EB controller for dual Gigabit ports, custom bypass capability circuit and Intel 21154 PCI-to-PCI Bridge to support PMC connector for add on PCI cards. Added Windows kernel mode driver to manage bypass capability circuit.
• BroadCom BCM5820 IP Security (SSL/TSL/VPN) processor: Fixed bugs and maintained kernel mode drivers under LINUX and VxWorks.
November 2003 to July 2007
Network Security Scanner: Security scanner scans customer/corporate network, finger prints hosts (including OS, applications) and devices to determine vulnerabilities. The scanner is a user mode multi threaded application implemented in C/C++ and LISP under LINUX. Reverse engineered network traffic on wire (used Ethereal/WireShark) and implemented the following functionality under Linux.
o CIFS/SMB and Netbios: Windows supports Common Internet File System (CIFS) and Netbios. Under Linux, enhanced and maintained proprietary implementation of CIFS, Microsoft Remote Procedure Calls (RPCs) and Netbios to access remote Windows Registry, File Shares, Services, User Accounts and brute force. Used Ethereal, reverse engineered Microsoft Remote Procedure Calls (MS RPC) on wire and implemented them under Linux to access remote Windows. To scan Windows hosts from Linux, implemented the following Windows functionalities under Linux,
o Retrieve Windows object ACLs: Windows objects contain access control list (ACL) which specify user access permissions such as read, write, delete, etc. Reverse engineered RPCs and implemented them under Linux to retrieve remote Windows File and Registry key ACLs.
o PE Parser: Windows uses Portable Executable (PE) file format for executables and dlls. These binaries contain source, data and resource segments. Implemented a parser under Linux to get remote Windows PE file, parse segments and retrieve file version from resource segment. The version number is used for vulnerability detections.
o Load Windows user hives: Windows user settings such as environment variables, programs installed, etc., are stored in the registry hives. Windows loads currently logged in user's hive, but not rest of the users. Implemented RPCs under Linux to load all users' hives in to the Remote Windows registry.
o DCOM: Windows supports Distributed Common Object Model (DCOM). Reverse engineered Object RPCs (ORPCs) on wire and implemented them under Linux to interact with remote Windows DCOM applications. The scanner under Linux uses these ORPCs to get meta-base of remote Windows IIS server; and uses to interact with other Windows DCOM applications.
o Windows Vulnerability Detections: Microsoft releases patches for Windows every month. Worked with our development teams to release vulnerability signatures under Linux to detect vulnerabilities of Windows. Found CIFS/SMB vulnerability MS05-027 that could allow remote execution due to buffer overflow in Widows CIFS protocol stack. Got credit from Microsoft for the company.
o SMTP fingerprint: Designed and developed a module under Linux to detect remote SMTP servers such as Sendmail, Microsoft Email, Qmail, etc. The module sends SMTP commands to remote server and finger prints - detects server name and version.
o TCP/IP fingerprint: Maintained and enhanced TCP/IP fingerprint module under Linux. The module using Raw Sockets, uses combination of TCP/IP parameters to detect remote machine's operating system (Windows, Linux, Solaris and other devices like Cisco routers). Gained knowledge/experience of internals of TCP/IP/Ethernet packet headers, data transfer, flow control, etc and their implementation - IPv4, ARP, VLAN, OSPF, BGP, Multicast.
August 2002 to November 2003
Windows System API monitor: Researched Windows internals. Designed and developed Windows API monitor. Windows use Portable Executable (PE) File Format for binaries (.EXEs, .DLLS, etc). The API monitor parses loaded Windows application for imported functions, injects a proprietary Dll in to the applications memory space. The injected Dll functions replace imported Windows API calls - such as StartDoc, CreateProcess, LoadLibrary, SetClipboard, etc. When the user tries to print, cut & paste, or save to another file, the hooked functions communicate with the remote security server for credentials - either to allow or deny operation. To design this product, I did reverse engineering and research on Windows internals, documented and undocumented APIs, processes, internal structures and NT native API.
• Windows IFS: Developed Installable File Systems (IFS) filter driver under Windows XP/2K. The filter driver is a kernel mode driver sits on top of the file system and intercepts the File IO API (CreateFile, ReadFile, WriteFile, etc). The driver encrypts file content when it creates/updates and decrypts when it retrieves. The user mode applications access files normally and are unaware of the existence of the driver. The filter driver communicates to a user mode agent application using undocumented Local Port Communication (LPC) API. The agent communicates to the security server for user access permissions.
o Gigabit Ethernet Card: Gigabit Ethernet card consists of Intel 82546EB controller for dual Gigabit ports, custom bypass capability circuit and Intel 21154 PCI-to-PCI Bridge to support PMC connector for add on PCI cards. Lead a small team of engineers to bring up hardware - used VxWorks and Linux.
o Added functionality to device drivers under Linux to handle bypass circuit. When the OS crashes, traffic from one port will be passed to the other. This feature used to by pass traffic to other servers (in Data Centers) to take over the task in order keep the client to continue communicate. The driver handles DMA, interrupts and uses timer to handle for bypass circuit.
• Set-top box: Residential Gateway is based on Intel IXP425 (ARM) network processor and embedded Linux - consists of IO devices LAN, WAN, USB and IEEE1394. Lead a small team of software and hardware engineers.
o Developed board bring up code (BSP) and power on self-tests (POST). After the tests, the POST gives execution control to the LINUX boot code. Added diagnostics to kernel mode drivers of IO devices. The board consists of Flash to store microcode used for network processors. Developed code to program Flash. Used logic analyzer and JTAG interface to bring up the board.
• Network Processor and Security Processor: DSLAM based on Intel IXP1200 network processor.
o Ported BroadCom BCM5820 IP Security (SSL/TSL/VPN) processor driver to VxWorks. The BCM5820 supports Cryptographic functions (DES, 3DES, etc).
Staff Software Engineer
December 1998 to July 2002
Network Printer Server: Lead a team of engineers to design and develop a network printer server - includes integration and customization of a third party network protocol stack consists of TCP/IP, SPX/IPX, DHCP, HTTP, SSL, IPP, SNMP, etc - under VxWorks running on IBM PowerPC 405GP CPU. Used Etherpeek to analyze TCP/IP traffic on wire.
o Developed kernel mode WDM driver for USB under Windows. The USB driver sits on top of Windows USB driver and handles IO requests from the spooler and the other applications. Used SoftIce to debug kernel mode driver and CATC USB tools for USB protocol analysis.
o Developed Kernel mode IO driver for IEEE1284 (parallel port) under Windows. The driver directly access parallel port, handles interrupts and provides IO to the user mode applications. Developed IEEE1284 driver under VxWorks.
o Developed IDE hard disk driver under VxWorks. The FAT file system interacts with the driver to send ATA commands, read and write data. The driver interfaces with PCI IDE chip, configures PCI IO, handles interrupts, supports PIO and DMA in bus master mode.
o Debugged and maintained TCP/IP, DHCP, multicast, IPP protocols source code under VxWorks.
• IEEE1394 printer: Lead a team of engineers to integrate IEEE1394/SBP-2 technology in to printers. Worked with Microsoft Windows 2K Beta program to define and develop kernel mode driver.
o Developed a WDM kernel mode driver under Windows 2K. The driver sits on top of Windows IEEE1394/SBP-2 stack and provides file IO to the applications. The driver takes user mode application data, encapsulates in to SCSI command descriptor block and sends to the IEEE1394/SBP-2 protocol stack. Implemented SCSI protocol for printers under VxWorks.
• Network Copier: High quality color copier connected to network supporting local copy and remote printing.
o Fixed cache coherency problems of Ethernet driver (END driver) under VxWork/IBM405GP, modified Boot Code, brought up boards, developed modules to access Flash and interface with custom FPGA.
o Developed printer driver simulator under Windows. Developed status response module using TCP/IP under VxWorks.
• Network/USB Printer: Lead a team of engineers to design and develop a network printer - includes a network adopter card supporting TCP/IP, SPX/IPX, HTTP server, etc. - under VxWorks running on Hitachi SH-2 CPU.
o Developed a driver under VxWorks for NetSilicon Net+ARM network card. The network card supports TCP/IP, IPX/SPX, HTTP, SNMP, etc and provides a logical interface to the CPU. Debugged TCP protocol implementation issues such as Sequencing and Acknowledgement - used Etherpeek. Developed PJL language.
March 1994 to November 1998
Multifunction Peripheral: Lead domestic and overseas engineering teams to design and develop a multifunction peripheral - consists of printer, scanner and fax devices. The device has been designed to support Windows 3.x, 95 and NT 4.0.
o Designed and developed a multi-function peripheral communication protocol used between multi-function peripheral and Windows. The protocol supports concurrent operations - printing, faxing and scanning.
o Implemented IEEE1284 kernel mode driver under Windows 3.1/95. Implemented multi-function peripheral communication protocol as a kernel mode driver over IEEE1284 driver. Implemented a DLL to provide API to applications and communicate with the kernel mode protocol driver.
o Ported IEEE1284 and multi-function protocol drivers to Windows NT 4.0. Implemented as kernel mode IO drivers. This became the first stack available under NT 4.0. No other competitors had their stacks ported to Windows NT 4.0.
• Multifunction Peripheral Protocol over USB:
o Ported the above multi-function peripheral protocol to support USB under Windows NT 5.0. Implemented multi-function protocol as kernel mode WDM USB driver. The driver interacts with the under lying USB stack and communicates with the device.
• RTOS Evaluation: As a part of a team member, evaluated various RTOS (VxWorks, Psos, Lynx) developed IEEE1284 device driver under Lynx.
• Microsoft At Work - Multifunction Peripheral: The multifunction peripheral is based on i386 and Microsoft at work - supports print, scan and fax locally and from Windows. Developed Power on Self Tests (POST) in x86 assembly and customized Hardware Abstraction Layer (HAL).
February 1993 to January 1994
Software Development Tools: The development tools include C compiler, cross platform debugger and an instruction level simulator for a National Semiconductor RISC CPU.
o Developed GUI for the debugger and the Instruction level simulator under Windows and HP-UX using XVT tools
o Enhanced an existing communication protocol over serial link under HP-UX. The protocol communicates with the evaluation board and provides API for the tools.
February 1992 to December 1992
Network Spooler: The network spooler runs under SunOS and manages various Xerox raster plotters in a network.
o Developed test scripts in Printer Description Languages such as PostScript, HPGL-2, CGM, etc. Enhanced Versatec Parallel Interface driver under SunOS.
August 1989 to January 1992
Multilingual Editor under Windows: Lead a team of 3 software engineers to design and develop a multi-lingual WordProcessor under Windows 3.1.
o Designed and developed WordProcessor to support English and 8 Indian languages; developed language input parser DLLs; developed page layout and document description modules.
• Network Desktop Publisher: Desktop Publisher consists of a multilingual WordProcessor supporting Indian languages and English.
o Participated in the design of proprietary Remote Desktop Protocol (RDP) and implemented under UNIX and DOS.
o Enhanced multilingual WordProcessor to support additional Indian languages, under DOS and UNIX. Added new languages support in dot matrix and laser printer drivers.
o Developed device drivers (keyboard, mouse, serial) and proprietary RPCs for Graphics Terminal (similar to X-Terminal) under diskless DOS.
o Enhanced Graphics Terminal using sockets to support TCP/IP under DOS.
o Enhanced VGA and HGA drivers under UNIX: made kernel mode drivers as memory mapped user mode drivers to reduce system calls and improve performance.
MS in Computer Science
1986 to 1989