profile-pic

BharathNannaka

Familiar with debuggers, disassemblers, network protocols, file formats, sandboxes, hardware/firmware internals, software communication mechanisms Having good experience in Static analysis, Knowledge of security/threat landscape for Windows/ Linux Platforms. Having Good Experience in building Machine learning Models for Classification of Malware. Good understanding of common Internet standards (HTTP, SMTP, DNS, Whois, HTML, SSH) Strong understanding of Cyber Security, modern security problems and threat landscape, Operating Systems (internals), computer networking concepts. Analyzing large amounts of data. Passion for reverse engineering Automation of intelligence gathering, and malware analysis systems Experience with malware behaviors or Advanced Persistent Threats (APTs) . Experience in Greyware behaviors or Potentially Unwanted Applications(PUA / PUP)
  • Role

    Security & Lua Engineer

  • Years of Experience

    4 years

Skillsets

  • Git - 4 Years
  • AI - 4 Years
  • Lua - 4 Years

Professional Summary

4Years
  • Jul, 2024 - Present1 yr 3 months

    Security Engineer Specialist

    Google Operations Center
  • Aug, 2022 - Present3 yr 2 months

    Security Researcher

    LTIMindtree
  • May, 2021 - Aug, 20221 yr 3 months

    Malware Researcher

    Mindtree

Work History

4Years

Security Engineer Specialist

Google Operations Center
Jul, 2024 - Present1 yr 3 months
    -Working as Android Reverse engineer and Security Engineer -Conducting malware analysis and reverse engineering on suspicious code, and producing a detailed report of the findings -Continuously update threat models and scenarios to reflect the evolving threat landscape. -Adept in conducting malware analysis on the Android platform and developing detection methods leveraging Yara rules and the VirusTotal API -Identified malware behaviors within applications through static and dynamic analysis of Android APK files using reverse engineering tools, Android emulators, and static code analysis tools -Conducted Reverse engineering on Different Malware files to identify the threats and activities. -Crafting generic detection methods for malicious samples to proactively safeguard against emerging threats. -Producing detailed write-ups on various malware families, adhering to established formats and security protocols. -Efficiently handled customer and client submissions, promptly resolving issues with immediate remediation and fixes using CRM software and a Ticketing system

Security Researcher

LTIMindtree
Aug, 2022 - Present3 yr 2 months
    -Working as EDR and Greyware researcher for Microsoft -Did malware analyst for over a year, focusing on Analyzing and Detecting and Determining Malwares on Windows Platform. For Microsoft -Written tactical detection for several threats. -Worked on Cloud Rules with LUA scripting for detecting several Potentially Unwanted Applications(PUA/PUP). -Worked as Greyware Researcher for Microsoft.

Malware Researcher

Mindtree
May, 2021 - Aug, 20221 yr 3 months
    -For the most part, my job included: -Conducting malware analysis and reverse engineering on suspicious code, and producing a detailed report of the findings -Reverse Engineering the Samples Received. (With tools such as x32, x64 and Olly debuggers) -Performing Malware Analysis for PE files. -Performing Network analysis using tools like Wireshark. - Static and Dynamic Analysis of the samples Received. -Understanding the capabilities of the malware and finding the patterns. -Analyzing large amounts of data. -Adding Static Signatures and Generic Signatures on Positive samples and Exceptions on False Positives. -Working with Git Tools to merge and update the new builds.

Major Projects

2Projects

MACHINE LEARNING PROJECT FOR DETECTING THE MALWARE IN ANDROID DEVICES BY ANALYZING NETWORK TRAFFIC

    A classification machine learning algorithm DTC (decision tree classifier) is used, where the classification algorithm predicts whether a particular application is malicious or not, by using the dataset which consists of Network features like tcp packets, external ips, volume bytes, dns query times, etc.

AUTOMATING MALWARE ANALYSIS USING STATIC AND DYNAMIC FEATURES OF PE

    To automate this process I had leveraged several tools for analysing the malware and extracting the features which would help in the classification of malware. Firstly the signature has to be verified i.e the file(Binary) hash is calculated and sent to virus-total to know if the malware has already been detected. This saves any future analysis. If its not detected by third party vendors. Strings are analysed by the help of strings utility and extract ascii strings and they are analysed for matching domains or ip addresss, by using tools like floss. we look for the compromised ip addresses and domains. Then exports and imports of the sample can be explored with help of the pe-file module in python. This module will help in gathering the information of exports, imports and number of sections and their types and sizes along with their virtual address and names. The section table info also lets us know about the type of file whether its a packed or unpacked file by the names of the sections or size of the sections. Fuzzy hashing can also be used for knowing the similarity of the sample given with respect to already known malware. And import hashes, export hashes and section hashes can also be helpful because lot of malware use similar exports and imports. The required features for classification include the Api calls made and Process created by the application. These are the features which are gathered and fed into the classification model.

Education

  • Master of Technology - MTech, cybersecurity and networks

    Amrita Vishwa Vidyapeetham (2022)