Okon H Akpan

***** ****** *****, *****, ** *****

Mobile Phone: 301-***-****

Home Phone: 240-***-****

Email: ad2uq7@r.postjobfree.com

COUNTRY OF CITIZENSHIP: United States of America

SECURITY CLEARANCE: Top Secret (TS)

JOB TYPE: Permanent, Full Time

OBJECTIVE: Research and/or Software development, Network Security (Cyber Intrusion, Cyber Threat, Anomaly Detection), Data Mining from massive data sets for the purpose of detection of malicious contents through rigorous application of Machine Learning (ML) techniques.

DESIRED WORK ENVIRONMENT: US-MD, US-DC, US-VA

EDUCATION

1. Ph.D. Computer Science, Louisiana State University, Baton Rouge, Louisiana 2. M.S. Computer Science, University of Louisiana at Lafayette, Louisiana 3. M.S. Chemical Engineering, University of Tennessee, Knoxville, Tennessee 4. B.A. Mathematics, Maryville College, Maryville, Tennessee CERTIFICATIONS: AWS Certified Developer (DVA-C01), CEH, Security+ LANGUAGES: C, C++, Python, Perl, Java, FORTRAN 90, (HTML, JavaScript, Jscript).

(I have written and published books on C++).

DATA MINING TOOLS AND LIBRARIES: Pandas, NumPy, MatPlotLib, SciPy MACHING LEARNING LIBRARY: SciPy (SkiLearn)

GRAPHICAL UTILITY LIBRARIES: PyQT4/5.

SPECIALTIES

1. Use of various Machine Learning libraries and algorithms in ML research and applications in various projects. The ML algorithms often include Supervised Machine Learning Algorithms -- Linear Regression, Decision Tree, Random Forest, K-nearest Neighbors, Principal Component Analysis (dimensionality reduction), as well well as Unsupervised Machine Learning Algorithms --- Clustering, K-means, and Linear Discriminant Analysis (dimensionality reduction). ML research and activities in projects often entail heavy Data Mining (Pandas, Scipy, Numpy), Data Visualization (Matplotlib), Dataflow Analysis (Tensorflow), Selection and Training of ML models as well as Testing and Scoring them for suitability (for a specific ML project) using mathematical tools and analysis.

2. Threat Reduction and Performance Monitoring UI applications for the U.S. Customs and Border Protection (CBP) at the ports of entry (POEs), the applications that monitored and evaluated the health and performance of the radiation detection hardware/software systems’ scans (of the vehicles as they streamed across the POEs) for the purpose of reducing the false inspection alarm rates and thus helping the CBP field officers to efficiently inspect and scan the vehicles for any illegal contents, adjugate the scan results, and, if necessary, take appropriate actions.

3. Network Security – Mining network understandings from massive network data

(Data Mining Tools & Maching Learning Libraries: Pandas, NumPy, SciPy (SciKit-learn).)

4. Network Security – IDS, NIDS. (Tools and Libraries: Python, SQL (Postgres, Microsoft), Distributed Evolutionary Algorithm for Python

(DEAP)), Anomaly Detection. Heavy use of both SQL database

(PosgreSQLl), and NoSQL database (MongoDB, Elastisearch). 5. Traffic and alert correlation and labeling application relating to Intrusion Detection for network security and Cyber defenses.

6. High Performance Computing (HPC) and Scientific Computing (SC). (Tools and Libraries: C, C++, Fortran 90, Message Passing Interface (MPI).) 7. Programming Language Proficiency

Proficiency in Python, C, C++, Java, Perl, PHP also in use of a number of libraries including those of Python frameworks of Pandas, NumPy, SciPy, graphical

(Matplotlib), and GUI (PyQt4/5) libraries. For more than ten years, I have been using these libraries in software development tasks and in network-related research. My ideal computing environments are Linux and Microsoft Windows operating systems.

MOST RECENT WORK EXPERIENCE

A. OinetiQ US, 2100 Reston Parkway, Reston, VA 20191 (Nov 2022 – Present) PROJECTS (Ongoing)

a) Android Malware Detection and Prevention System The focus is to develop a multilevel classifier suitable for detection of Android mobile malware resulting from malware attacks on Android system using Machine Learning (ML) and Artificial Intelligence (AI) methodologies. The environment setup for the project consists of two major components: 1) Sabre Lite Board (BD-SL-iMX6) that serves as the Android system, 2) Ubuntu 22.04 operating system which serves as a host which controlled the BD-SL-iMX6 board and collects and stores the data resulting from Android applications. This project is concerned with the data from requests at the Android's Radio Interface Layer (RIL).

The RIL data are collected by letting the BD-SL-iMX/Ubuntu system run for many hours, often overnight, then booting up the host computer, and, finally, retrieving the data from the board's Micro SD Card using the Nitrogen6 ADB shell. These are the RIL dataset of 917 observations (Android RIL requests) and 65 features. Once collected, the RIL data are subjected to a number of preliminary ML/AI processings that included a) data mining for possible malicious contents, b) data visualization, and, c) data analysis. Next is to develop a multilevel classifier (fusion approach) for Android malware detection. The project is ongoing and, presently, it is at the classifier selection

(from ML/AI libraries), training, testing, and analysis stage. B. Avantus Federal, 2100 Reston Parkway, Reston, VA 20191 (Dec 2021 - Nov 2022) Occam’s Razor Technologies, Avantus 1840 Michael Faraday Dr #350, Reston, VA 20190 (Apr 2020 – Dec 2021)

PROJECTS (Completed)

a) Reticulator Project

The thrust of the project was to design and develop a specialized interpreter called Reticulator which was a dynamic Link library (DLL) that could implement Python3.7.9 interpreter, and also had an additional capability of interpreting both the standard Python byte code as well as Reticulator byte code. Reticulator byte code was created from the standard Python byte code by obfuscation, specifically by having the opcode values mapped to randomized integral values while leaving the corresponding operands unchanged. Reticulator, based upon settings, could interpret the standard CPython byte code as well as the Reticulator byte code. (The Reticulator byte code had to be converted back to the corresponding CPython byte code so CPython could understand and and interprete them.) The Reticulator was specifically designed and built for 64-bit Window 7, Windows 8.1, and Windows 10.

b) Kurtain Project

The purpose of this project was to reverse engineer scanned reports from Kaspersky Antivirus System (KAS) in order to have some insights into how KAS Scan Engine discovered infections from various malware such as viruses, Trojans, that potentially lurched in streamed data traffic. In addition, the various methods (signature- and heuristic-based) used by KAS were also studied. The infected traffic (TSL/SSL-encreypted) to KAS came mostly as the result of man-in-the-middle (MITM) attacks. The project’s development's environment comprised of four VMs (virtual machines): a) host VM which generated https traffic, b) private MITM VM which carried out the attack, c) traffic capture VM which captured KAS reports, and, d) analysis VM which collected the KAS reports that were timestamped, labeled as appropriate, and, finally, stored in the database. These data were destined to be used in the reverse-engineering study. (The project was not completed due to lack of funding.)

c) ZIFFS Project

The project aimed at taking VM (virtual machine) snapshots, have them stored in ZFS discs, and, finally, transfer them to a filesystem that was inaccessible to Internet. The major technologies utilized in this project were a) ZFS for massive data storage and management, b) Django for rapid code development, and, c) Docker for packaging applications into containers.

C. NT Concepts, 8150 Leesburg Pike, Suite 1400, Vienna, VA 22182 (Apr 2019 – Dec 2019 ) PROJECTS (Completed)

a) GeoWave Project

My main contribution to this large project was to build AWS DynamoDB tables capable of persisting XML-formated MStar imageries as well as relevant and efficient methods for retrieving those imageries. Using the relevant cloud resources, the database tables, provisioned with appropriate capabilities, were successfully built. The raw MStar imageries came in the form of XML data thus making it necessary to first convert them into the BSON (Binary JSON) format that were suitable for insertion into the DynamoDB tables. The table's data extraction capabilities were mainly those for individual data and batch data retrieval.

D. DigitalSPEC, 7799 Leesburg Pike, VA 20598 (Mar 2018 – Mar 2019). PROJECTS (Completed)

a) CBP Project

This was a big project in which I was tasked with creating a Threat Evaluation and Reduction product capable of monitoring and evaluating the health of threat detection computer systems of the U.S. Customs and Border Protection

(CBP) at the ports of entry. The product's major components were UI applications for CBP field officers. Its development necessitated use of massive data that were retrieved by the CBP's hardware systems that scanned vehicles as they streamed through the ports of entry. The data were collected and hed in Postgres database system. The UI system had the capability of displaying on the computer screens some statistical results and other relevant information that were suitable for use by the CBP field officers.

Contact this candidate