Romanch Agrawal
Research Student
Center for Security, Theory and Algorithmic Research
IIIT Hyderabad
email: romanch.agrawal AT research.iiit.ac.in 		Contact
#25, NBH, IIIT Hyderabad
Gachibowli, Hyderabad - 500 032, INDIA
Ph: +91 97036 68658
Home Work Links Blog

Research Experience

Research Scholar at Center for Security, Theory and Algorithmic Research at IIIT-H. (2007 - Present)
Research Topic: "Automatic Signature Generation of Malware Families"
Related Publications:
  • Romanch Agrawal, B. Bruhadeshwar, V.S. Sathyanarayan, "Static Program Behavior Tracing for Malware Detection and Program Classification", under review ASIACCS 2010.

Teaching and Professional Experience

  • Teaching Assistant for Advanced Problem Solving course at IIIT-H. (Monsoon 2008, Monsoon 2009)
  • Teaching Assistant for Information Security: Audit and Assurance course at IIIT-H. (Spring 2009)
  • System Administrator for Center for Security, Theory and Algorithmic Research (C-STAR) at IIIT-H. (May 2009 - Present)
    • Maintaining a network of one server and about 40 clients using NFS and LDAP/SSL.
    • Hardening the server using iptables.
    • Routine security audit of network and the server.
    • Maintaining users and groups and assigning them privileges.
    • Assigning disk and print quotas.
    • Patching and updating server software.
  • Reviewer, International Conference on Distributed Computing and Networking (ICDCN), 2009.

Projects

  • Static Program Behavior Tracing Tool for Malware Detection and Obfuscation Validation
    • Includes backward tracing algorithm and longest common sub-sequence algorithm implementations
    • Includes a home-grown obfuscation tool to validate results
  • API Call Frequency Based Malware Detector
    • Software that can characterize programs based on critical API call frequency and detects malware in scanned files.
    • Includes API call extraction and statistical analysis (implemented as plug-in for IDA pro disassembler)
  • Distributed SNMP for Effective Network Monitoring
    • This project considers the implementation of a distributed network monitoring tool that reduces the overhead and complexity of network monitoring.
    • Developed in Java.
  • The Tank Arcade
    • Developed the game Tank using C++ and OpenGL API

Courses

Advanced courses that I took during my term at IIIT Hyderabad:
  • Cryptography Foundations
  • System and Network Security
  • Information Security Audit and Assurance
  • Machine Learning
  • Research in Information Security
  • Understanding Work and Life

Skills

  • Disassembler/Debuggers:
IDA Pro (including plug-in development), OllyDbg
  • Operating Systems:
Linux, Windows XP
  • Programming Languages:
C, C++, Java, x86 Assembly
  • Scripting Languages:
Shell, Perl
  • Database Management:
MySQL
  • Network Tools:
nmap, Nessus, Ethereal
  • Program Analysis Tools:
Understand
  • Other Software and API's:
Adobe Flash, OpenGL

Page Last Updated: November 12, 2009
Romanch Agrawal