Bio

I'm a Master's student in Cybersecurity at Georgia Tech, working with Prof. Paul Pearce. I am focused on darknet and darkweb research, creating automated tools to collect data and perform HUMINT.

I am currently working as a Head Teaching Assistant for CS 4235/6035 Intro to Information Security. During this Summer, I worked as a Security Research Intern at ICSI, UC Berkeley. I performed novel research on Threat Intelligence related to dark web data from forums and marketplaces. I previously worked as a Graduate Teaching Assistant at Georgia Tech for CS 4235/6035 Intro to Information Security and OMSCS 6250 Computer Networks. I am also volunteering as a Senior Teaching Assistant at Cybrary, Darknet researcher at CTI League, Teaching Assistant at StationX, and as a Community Challenger at Cybercademy.

During my first semester at Georgia Tech, I worked with Prof. Maria Konte and Gaurav Pande on a research project. It utilizes different threat intelligence feeds to assess network reputation and detecting & mitigating Volumetric anomalies using Machine Learning analysis using Python.

Previously, I worked as a Security Research Intern at Volon Cyber Security Pvt. Ltd. with Rahul Binjve, focusing on threat intelligence, threat hunting on dark web data, and designing data collection systems for the same.

During my undergrad at Symbiosis Institute of Technology, I worked on a research project with Prof Pooja Kamat and Yamini Gahlot titled Hacker Forum Exploit and Classification for Proactive Cyber Threat Intelligence. It utilizes hacker forum data for proactive cyber threat intelligence. I further wrote a research paper that I presented at ICICT Conference proceedings hosted by RVS Technical Campus, Coimbatore, Tamil Nadu, India. It was published in Springer Lecture Notes in Networks and Systems, Volume 98..

I also wrote a research chapter with Prof. Pooja Kamat, "Recent Trends in the Era of Cybercrime and the Measures to Control Them," which got published in Chapter 10 in the book Handbook of e-Business Security by CRC Press (Taylor and Francis Group).

I occasionally play CTFs and am learning many new things in the cybersecurity domain every day. I am passionate about giving back to the community and helping others get into this field. I have delivered talks at GrimmCon 0x2, DEFCON Red Team Village, The Diana Initiative, BSides Singapore, and a few other conferences. Apart from this, I have also delivered many talks and seminars in security meetups (Null Pune), colleges, and schools. I love attending security conferences and have attended Hakon Indore, BSides Delhi, BSides Tampa, BSides Atlanta, NulCon Goa, and many others. I like playing games, and I mostly play and stream Rainbow 6 Siege. I love nature and hiking.

Projects

Crawling and Analyzing Top 1 Million Domains

This is a research project that uses the top 1 million list of domains from three data sources, namely Majestic, Alexa, and Tranco, to apply a set of security metrics and visualize the results of that analysis along with a summary of the change in popularity of domains for 30 days. The project also provides a tool to enumerate sub-domains efficiently, without compromising on quality results.


Assess network reputation through multiple threat intelligence data feed

This is a research project that utilizes multiple threat intelligence feeds to assess network reputation and detecting & to mitigate Volumetric anomalies using Machine Learning analysis using Python. It utilizes PARAFAC tensor decomposition to decompose higher-order tensors in order-1 tensors.
Supervising Faculty - Prof. Maria Konte


PastebinScrapy

This is a Threat Hunting tool built on Flask. This tool scrapes IOCs, including IP addresses, hashes, and emails from Pastebin's latest pastes. It uses Elasticsearch as the database to store the forum data and Kibana for visualizing data from Elasticsearch.


ForumScrapy

This is a Web Scraping application built on Flask. This web application scrapes forum posts from the Bitshacking hack forum. It uses Elasticsearch as the database to store the forum data, and Kibana is used for visualizing data from Elasticsearch.


webhose.io Portal

This is a web application built on Flask. It utilizes webhose.io API to fetch the JSON data from News, Blog, Online Discussions, Online Reviews, Broadcast, and Dark Web filters and visualizes it.

You can see more projects on my Github Page.

Publications

Hacker Forum Exploit and Classification for Proactive Cyber Threat Intelligence

The exponential growth in data and technology has brought in prospects for progressively destructive cyber-attacks. Traditional security controls are struggling to match with the intricacy of cybercriminal tools and methods, and organizations are now looking for better approaches to strengthen their cybersecurity capabilities. Cyber Threat Intelligence (CTI) in real-time is one such proactive approach that ensures that deployed appliances, security solutions, and strategies are continually evaluated or optimized. Amongst various platforms for threat intelligence, hacker forums deliver rich metadata, and thousands of Tools, Techniques, and Procedures (TTP). This research paper employs machine learning and deep learning approach using neural networks to automatically classify hacker forum data into predefined categories and develop interactive visualizations that enable CTI practitioners to probe collected data for proactive and timely CTI. The results from this research show that among all the models, deep learning model RNN GRU gives the best classification results with 99.025% accuracy and 96.56% precision.


Recent Trends in the Era of Cybercrime and the Measures to Control Them

This chapter illustrates the understanding of cybercrime, recent trends in cybercrime, and the measures by which these cybercrimes can be eliminated to a considerable extent. The authors discuss various emerging cybercrime techniques, including steganography, next-generation malware, next-generation ransom wares, social engineering attacks, and attacks using machine learning and IoT devices. This chapter is published as Chapter 10 in the book Handbook of e-Business Security.

Talks/Seminars

RootCon - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video Coming Soon] - Oct 2020

I presented a talk at RootCon conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


SANS Cyber Defense Forum - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] - Oct 2020

I presented a talk at SANS Cyber Defense Forum conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, and automating threat hunting.


BSides Singapore - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Sept 2020

I presented a talk at BSides Singapore conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


The Diana Initiative - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Aug 2020

I presented a talk at The Diana Initiative conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


DEFCON 28 Red Team Village - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Aug 2020

I presented a talk at the DEFCON 28 Red Team Village conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


GRIMMCon 0x2 - Threat Hunting on the Dark Web [Slides] [YouTube Video] - Jul 2020

I presented a talk at the GRIMMCon 0x2 conference on Threat Hunting on the Dark Web. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, etc.


Career, Scope, and Future of CYBERSECURITY! Job Roles in Cybersecurity! Ft. Apurv [YouTube Video] - Jul 2020

YudiJ and I talk about cybersecurity, careers in cybersecurity, some of the misconceptions about studying cybersecurity in the US, how to build your profile in cybersecurity, and my day-to-day life looks like studying and working in cybersecurity.


How To Do Masters In USA under $5000 - Ft. Apurv | How To Get Funding For Education in America [YouTube Video] - Jun 2020

YudiJ and I talked about my journey from India to the USA for a master's in cybersecurity. We talked about my profile (GRE, TOEFL, GPA, etc.), how many admit I got, why I chose Georgia Tech, fees of Georgia Tech, living costs, on-campus jobs, how I got a TA offer, and what kind of work I do as a TA.


304 in GRE: Georgia Tech & 4 other top Admits: Get Apurv's strategy - GREedge Guest Seminar [Seminar] - Oct 2019

I was invited by GREedge to deliver this seminar Live from Georgia Tech. I presented it to around 250 MS aspirants that registered for the GREedge Guest Seminar. I talked about my profile, how to apply for MS, how to prepare for GRE, TOEFL, and how to build your profile, projects, research papers, internships, jobs, etc.


All about Cyber Security - From the perspective of an MS student [Slides] - Apr 2019

I was invited to present this seminar to Cyber Security Certification batch students at Symbiosis Institute of Technology, Pune. I talked about how to enter into cybersecurity, why cybersecurity is a right field, how to prepare for MS, how to make a good profile in cybersecurity, and my projects in cybersecurity.


Seminar on Cyber Security - SIT Pune Summer School [Slides] - Jun 2018

I was invited to present this seminar to high school students that visited Symbiosis Institute of Technology, Pune, as a part of their Summer School program. I talked about cybersecurity, cybercrime, how to be safe online, and different online safety tips.


LogOut Cyber Awareness Seminar - MIT Pune [Slides] - Feb 2018

I presented this seminar to 3rd and 4th-year students of Maharashtra Institute of Technology, Pune. It was a part of Cyber Awareness seminars by the LogOut group during Cyber Awareness month. I talked about cybersecurity awareness, cybercrime, cyber laws, and how to be secure online.


Talk on Bitcoin Forensics - Null Pune [Slides] - Jan 2018

I delivered this talk at the Null Pune chapter. I talked about how to conduct forensics on Bitcoins and Blockchains.


Talk on OSINT - Null Pune [Slides] - Nov 2017

I delivered this talk at the Null Pune chapter. I talked about different OSINT techniques and online resources that one can use while performing OSINT.


Talk on Network VAPT - Null Pune [Slides] - Oct 2017

I delivered this talkat the Null Pune chapter. I talked about steps in Network VAPT and practically demonstrated the performing of VAPT on a VulnHub machine.


Talk on trending cybersecurity news - Null Pune [Slides] - Sept 2017

I delivered this talk at the Null Pune chapter. I talked about trending news related to cybersecurity.


Seminar on Cyber Security Fundamentals - SIT Pune [Slides] - Jul 2017

I presented this seminar to 2nd-year Computer Science and Information Technology students of Symbiosis Institute of Technology, Pune. I talked about the fundamentals of networking and cybersecurity and practically demonstrated how to create a RAT trojan.


2-day Seminar on Cyber Security Fundamentals - TAIS Varanasi [Day1 Slides],[Day2 Slides] - Jul 2017

I was invited to present a 2-day seminar to 11th and 12th-grade students at The Aryan International School, Varanasi. I talked about the fundamentals of networking and cybersecurity.

Writeups

In my free time, I enjoy writing Computer Science and Cybersecurity related articles. I occasionally answer similar questions on Quora. These are some of my articles/writeups:

Anonymous Traffic Network

Applying Diamond Model on WannaCry Ransomware Incident

How I Started my Journey into Cybersecurity

How To Safely Access The Dark Web

How to Start in Cybersecurity

Insights Into Bitcoin Forensics

Starting with GitHub Education Pack

Top Linux Commands

WannaCry Ransomware

What You Should Know About the Judy Malware

Why Having an Online Portfolio is Important?