Engineer Development
Resume:
JONATHAN A. ZDZIARSKI
********@*********.***
EXPERIENCE
** ***** ***** ******** *** Software Development Experience
** ***** **** *** ***** Administration, Infrastructure, Computer Security
** **ars Software Engineering, Development Life Cycle, Methodology, Process and Procedure
6+ Years Computer Forensics, Penetration Testing, Secure Infrastructure Development
6+ Years Machine Learning and Adaptive Analysis
5+ Years Cyber Threat Research and Development
TRADE SKILLS
C, C++, OBJC 12+ Years UNIX C/C++, Cocoa ObjC, Win32/WinCE C++
Design and development of applications and tools for Solaris, Linux, BSD, Windows, OS X
(Cocoa), iPhone, and Embedded Windows. Experience includes proprietary protocol design and
implementation, hardware emulation, databases, encryption, compression, networking, Bayesian
classification, algorithm design, dynamic data structures, secure programming, local and network
sockets and multi-threaded applications, and real-time data access middleware.
MACHINE LEARNING 6 +Years
Research and development of machine learning techniques utilizing Bayesian language analysis,
neural networking, Markovian discrimination (weighted Markov models), probabilistic digital
fingerprinting, and other adaptive lexical and binary analysis techniques. Original work includes
contextual anomaly detection, probabilistic digital fingerprinting, adaptive parsing, and
overlapping nGram analysis.
UNIX / LINUX 14 Years Sun Solaris, Linux, OS X, HP/UX, BSD, DUNIX, SCO, others
Systems design and architecture, performance tuning, low-level diagnostics, extensive security,
topology layout, scripting, and enterprise class systems experience. Experience with all standard
Internet protocols including POP3, HTTP, SSH, SSL, DNS, SNMP, etc. Experience includes
proprietary protocol design, encryption, distributed and large-scale architectures, disaster
recovery, and security.
SECURITY 10 Years Computer Forensics, Application Layer and Network Layer + 802.11 Wireless
Security auditing, intrusion testing, and forensic examination for law enforcement. Security
architecture programming incorporating application-layer encryption, token-based authentication,
adaptive intrusion detection analysis, and forensic recovery and electronic discovery.
OTHER Perl (14 Years), JavaScript (4 Years), J2EE (2 Years), PHP (1 Year), Python (3 Years), Ruby (1
Year), TCL (1 Year), Oracle (5+ Years), Hadoop/MapReduce (1 Year), Sybase (1 Year), MySQL
(Years), Hbase
EMPLOYMENT HISTORY
Sr. Forensic Scientist Via Forensics (September 2011 Present)
Responsible for research and development in the field of computer forensics and software engineering related to technology
within the digital forensics sector. Responsibilities include penetration testing of mobile applications including run-time
manipulation, disassembly, full analysis, and otherwise evil and nefarious hacking to determine the risk level of applications
of clients. Responsibilities also include research and development, improvement, and continued uberfication of new and
existing forensic imaging and analysis techniques.
Sr. Research Scientist Barracuda Networks (February 2011 August 2011)
Responsible for the research and development of new technology from conceptual phase to engine development. Role
involves invention, collaboration, and research of new probabilistic, heuristic, and machine learning techniques to solve
problems related to text classification, authorship via syntactic analysis, messaging security, antivirus, spam filtering,
regulatory/corporate compliance, and other areas covering the company s scope of research.
Lead Software Systems Engineer MITRE Corporation (December 2009 January 2011)
JONATHAN A. ZDZIARSKI
Responsible for research, development, and engineering of technologies to solve complex national problems. Role involves
engineering of real-time data access software, encryption, design and implementation of new standards, machine learning
technologies, and software engineering using a variety of languages.
Research Scientist McAfee, Inc. (April 2005 November 2009)
Responsible for the research and development of new machine-learning technology from conceptual phase to engine
development and final product deployment. Role involves the invention, collaboration, and research of new probabilistic,
heuristic, and machine learning approaches to solve problems related to text classification, authorship via syntactic analysis,
messaging security, antivirus, spam filtering, regulatory/corporate compliance, and other areas covering the company s scope
of research.
ACCOMPLISHMENTS
Designed and deployed statistical corporate compliance solution utilizing random Markov models in a lexical
analysis implementation.
Designed and deployed probabilistic digital fingerprinting solution for high-speed and unsupervised detection of
phishing websites and source-correlation/clustering of origin, using primarily source negative data, without the
need for positive samples. Added positive template fingerprinting to identify new phishing kits prior to seeing
positive samples.
Designed and deployed probabilistic binary digital fingerprinting of virus and image samples to identify and
correlate new variants in a 0-day environment.
Designed and deployed image pixel fingerprinting solution for machine-automated fuzzy detection of image
plagiarism, image spam, phishing, and other forms of bulk image detection.
Research and development of new spam fingerprinting techniques and corporate compliance detection utilizing
digital fingerprinting
Designed and deployed statistical language classifier and framework for the categorization of websites
Designed and prototyped statistical assembly instruction classifier utilizing hidden markov models of disassembled
Windows binaries based on instructions and operands
Designed and prototyped adaptive language classifier for asian character sets with no whitespace utilizing adaptive
tokenization techniques
Inventor on seven US patent applications for techniques applied to online fraud detection, malware detection, spam
filtering, and collaborative networking.
Sr. Software Engineer Cybera, Inc. (September 2001 April 2005)
Responsible for all aspects of a startup company s software development cycle as it pertains to in-house developed
applications utilizing C, C++, Perl, and J2EE on an Oracle Enterprise platform. Design and integration of systems including
real-time data access EDI middleware and custom sales, ordering, provisioning, billing, and auditing systems.
ACCOMPLISHMENTS
Designed complete internal information system architecture from scratch covering all mission critical tasks from
leads generation to order management, service provisioning, billing, ticketing, and auditing systems
Designed customer management portal for external provisioning and billing of services
Designed and implemented Cybera s preliminary IT/MIS infrastructure from scratch
Model Development Engineer Micromuse, Inc. (May 2001 July 2001)
Responsible for the design and development of code and analytical models to perform predictive failure analysis, which
involved in-depth research and analysis of systems and their respective SNMP MIBs for many network devices, performing
exhaustive SNMP mining, and OID mapping. Collaborated with 11 other engineers, perform peer-review and pre-
certification of data. Performed several Unix-based administration tasks such as configuration of Sun Management Center
and other third party software packages.
ACCOMPLISHMENTS
Designed several commercial rule sets which comprise the preformance monitoring and predictive failure host rules
including Sun Solaris (SMC v3.0 MIBs) and NEBS compliant Sun (Netra MIBs), Compaq (Insight Manager MIBs)
Introduced an adaptive technique for tracking acceleration of correlated variables
Director of Development - NetRail, Inc (June 2000 April 2001)
As employee number three of what grew to a company of ~200 between 1997 and 2001, responsibilities included a host of
different roles including the build-out of the entire department and development infrastructure, performing hands-on
development and management of a team of 13 including two managers and a five-million dollar operations budget.
JONATHAN A. ZDZIARSKI
ACCOMPLISHMENTS
Designed custom operational support system (OSS) supporting real-time data access middle-ware to interface
with partner EDI systems of vendors such as Covad, BellSouth, and others
Designed and implemented all process and procedures, implementing and maintaining metrics for the
department and managing to them
Director of MIS - NetRail, Inc (December 1999 June 2000)
Responsibilities included infrastructure and LAN systems design, administration, security, and support. Also software
development of several key pieces of mission critical software, managing multi-million dollar budget and inter-departmental
protocol
ACCOMPLISHMENTS
Managed server topology layout and design, deployment, and maintenance for over 50 points of presence.
Designed from scratch a carrier class MIS/IT infrastructure including basic Internet services and personally
oversaw and participated in implementation of Oracle 8i, SAPR3, InfoVista, Micromuse Netcool, Remedy
ARS, HP OpenView, and several other enterprise applications.
Development of company-wide security policy including access control policies, data protection and encryption
methods, disaster procedures, and in-house post-mortem forensics
Sr. Systems Administrator / Sr. Software Engineer - NetRail, Inc (July 1997-December 1999)
Responsibilities included installation, configuration, and staging of systems, administration and security for 50 points of
presence. Also load balancing and performance tuning, backups, training of entry-level personnel, and software development
for special purposes.
Network Operations Center (NOC) Engineer RCN (Nov 1996-Jul 1997)
Escalation Technician - TIAC; The Internet Access Company (Jun 1995-Nov 1996)
Computer Tech - TMC; The Micro Connection (September 1994-Jun 1995)
BOOKS AND PUBLICATIONS
[1] Forensic Investigative Methods For The iPhone, iPhone 3G, iPhone 3G[s]; 171pp
Zdziarski J. Law Enforcement Publication; July 2009
[2] iPhone SDK Application Development
Zdziarski J. O Reilly Media, Inc.; December 2008; ISBN 978-0596154059; 350pp
[3] iPhone Open Application Development, 2nd Edition
Zdziarski J.; O Reilly Media, Inc.; October 2008; ISBN 978-0596155193; 268pp
1st Edition, ISBN 978-0596518554; 280pp
[4] iPhone Forensics: Recovering Evidence, Personal Data, and Corporate Assets
Zdziarski J.; O Reilly Media, Inc.; October 2008; ISBN 978-0596153892; 144pp
[5] Ending Spam: Bayesian Content Filtering and the Art of Statistical Language Classification
Zdziarski J.; No Starch Press; July 2005; ISBN 159*******; 240pp
[6] Reasoning-Based Adaptive Language Parsing
Zdziarski J., Secure Computing Corp.; Proceedings of the MIT Spam Conference, 2008
Voted Best Overall Paper for MIT Spam Conference 2008
[7] Approaches to Phishing Identification using Match and Probabilistic Digital Fingerprinting Techniques
Zdziarski J., Judge P., Yang W.; Proceedings of the MIT Spam Conference, 2006
[8] Detecting Contextual Anomalies in Lexical Reasoning Machines
Zdziarski J.; Proceedings of the MIT Spam Conference, 2005
[9] Advanced Language Classification using nGrams
Zdziarski J.; Proceedings of the MIT Spam Conference, 2004
[10] A MIME encoding for message inoculation
Zdziarski J., Yerazunis W; Proceedings of the MIT Spam Conference, 2004
RECENT COMMUNITY PROJECTS
iPhone Forensic Imaging Tools Law Enforcement Restricted
JONATHAN A. ZDZIARSKI
A suite of tools I ve designed for performing forensically sound recovery and/or bypassing passcode and backup encryption
security to perform a lawful forensic recovery of an iPhone. I presently distribute these tools freely to more than 2,000 law
enforcement agencies worldwide and provide support as well as a series of training workshops.
http://www.iosresearch.org
mod_evasive: Evasive Maneuvers Module for Apache
A module for Apache 1.3, 2.0, and SunOne NSAPI enabling a web server to detect, report, and defend against request-based
DoS/DDoS attacks or brute force attacks. Integrates with many IDS tools and firewalls.
DSPAM (Acquired by Sensory Networks April 2006)
A popular and highly accurate statistical two-concept language classifier geared specifically at learning and filtering
unsolicited bulk email. DSPAM operates as both a shared library for developers and a server-side agent and has delivered as
high as 99.991% accuracy using advanced machine-learning techniques.
AFFILIATIONS
InfraGard Members Alliance Boston Chapter; http://www.infragard-boston.org
High Tech Crime Consortium, HTCC; http://www.hightechcrimecops.com
International Association for Computer Information Systems, IACIS; http://www.iacis.org
CLEARANCES
Secret Clearance (inactive)
Contact this candidate