AARAV SHAH

Aspiring Cybersecurity & AI Engineer
Hyderabad, IN.

About

Highly motivated and results-oriented B.Tech student specializing in Computer Science and Engineering, with hands-on experience in cybersecurity, threat intelligence, and machine learning. Proven ability to lead technical teams, conduct in-depth data analysis, and develop innovative solutions for complex security challenges. Seeking to leverage strong analytical skills, technical expertise, and a commitment to continuous learning to contribute to cutting-edge technology and security initiatives.

Work

Mphasis
|

Threat Hunting and ML Intern

Intern

Summary

Actively contributing to defensive security initiatives within Mphasis's CRO SOC team, gaining direct mentorship from a former CERT-In scientist and cyber defense head. My primary focus involves developing an automated forensic tool to streamline system compromise assessment based on advanced artifact analysis.• Deveveloping a forensic tool to automate compromise assessment for Windows/Linux systems, analyzing 220+ key artifacts to determine system integrity. • Supported Integrating industry-standard tools like KAPE, Eric Zimmerman's tools, and Sigcheck, alongside Zircolite with Sigma rules, for comprehensive event log and file-based threat hunting. • This ongoing project aims to streamline forensic investigations, significantly enhancing the ability to rapidly identify and confirm system compromises through robust artifact analysis.

Highlights

Developing an automated forensic tool to determine system compromise by analyzing 220+ key Windows/Linux artifacts.

Integrating industry-standard tools like KAPE, Eric Zimmerman's tools, and Sigcheck, alongside Zircolite and Hayabusa with Sigma rules, for comprehensive event log and file-based threat hunting.

Learning advanced defensive security strategies and practices through direct collaboration with the CRO SOC team and mentorship from a former CERT-In scientist and cyber defense head.

This ongoing project aims to significantly enhance the speed and accuracy of forensic investigations, directly impacting incident response capabilities.

CyberXtron
|

Cyber Threat Research Intern

Summary

Contributed to enhancing threat detection and intelligence capabilities within an Operational Technology (OT) team, focusing on data analysis and cross-functional collaboration.

Highlights

Contributed to an Operational Technology (OT) team, enhancing threat detection and intelligence capabilities through targeted research and analysis.

Conducted in-depth research to update over 1,000 CISA Threat Alerts, significantly improving the accuracy and effectiveness of the Threat Intelligence Engine.

Enhanced the Data Breach Database by identifying and integrating over 20GB of DarkWeb breach data, leveraging advanced data analysis for real-time threat intelligence updates.

Collaborated effectively with cross-functional teams in a dynamic environment, contributing to core threat intelligence initiatives and gaining exposure to innovative cybersecurity solutions.

Information Sharing and Analysis Center
|

Threat Analyst Intern

Summary

Supported cybersecurity intelligence efforts through DarkWeb data analysis and internal team collaboration, undergoing training as a Cybercriminal Intervention Officer.

Highlights

Executed comprehensive research to collect and analyze DarkWeb data sources, directly contributing to enhanced cybersecurity intelligence and proactive threat mitigation.

Provided critical support to internal teams by streamlining information gathering and ensuring efficient data collection processes for intelligence operations.

Completed rigorous training to qualify as a Cybercriminal Intervention Officer (CCIO), developing expertise in combating cybercrime.

Education

SRMIST

B.Tech

Computer Science and Engineering

Grade: SGPA: 9.3, CGPA: 8.95

Courses

Red Hat Enterprise Linux (RHEL)

Short Range Wireless Communication Devices

Computer Networks

GPU Programming (CUDA, OpenACC, OpenCL)

Drone Analytics

Network Security

Projects

Vigilance Endpoint Protector (VEP)

Summary

Developed Vigilance Endpoint Protector (VEP), a proof-of-concept unified EDR/DLP agent. This agent collects high-fidelity endpoint telemetry from Windows systems via Sysmon, processes it into structured JSON logs, and seamlessly forwards it to Wazuh for centralized aggregation. VEP's foundation aims to provide scalable threat detection and data loss prevention capabilities, specifically enhancing security for resource-constrained small to medium-sized businesses.

CANSAT Competition – NASA (Team 3190, ranked 5th in India and 10th globally)

Summary

Led the software team for a NASA CANSAT competition, developing avionics and flight software, achieving top marks in software during the Preliminary Design Review (PDR), and designing active fin control systems.

ML for Drone-based Surveillance & Object Detection (Published at: ICECA 2024)

Summary

Conducted research and developed an ML-based system for real-time object detection using drone footage, including training deep learning models and integrating computer vision techniques.

Publications

Research on ML for Drone-based Surveillance & Object Detection

Published by

ICECA 2024

Summary

Published research on developing an ML-based system for real-time object detection using drone footage, optimizing models for challenging conditions, and integrating computer vision techniques.

Certificates

Linux Systems

Issued By

Linux Foundation

Ethical Hacking

Issued By

MSME PPDC

100W Industrial Control Systems (ICS) Cybersecurity Practices

Issued By

Cybersecurity and Infrastructure Security Agency (CISA)

CEH v13

Issued By

EC-Council (In-progress)

Skills

Cybersecurity

Cyber Threat Intelligence, DarkWeb Monitoring, Threat Detection, Intelligence Analysis, Network Security.

Machine Learning & AI

ML, Deep Learning, Computer Vision, Object Detection, Drone Analytics, OpenCV.

Programming Languages

Python, C++, GPU Programming (CUDA, OpenACC, OpenCL).

Systems & Tools

System Administration (Linux), Red Hat Enterprise Linux (RHEL), Arduino IDE, Teensy, Raspberry Pi, IoT.

Data Analysis

Data Analysis, Real-time Data Telemetry.

Threat Detection & Incident Analysis Automation

Sigma Rule Application, Artifact Parsing (EZ Tools), Digital Signature Validation, Compromise Scoring, MITRE ATT&CK Mapping, Automated Reporting..

Endpoint Security & Telemetry Engineering

Sysmon Integration, Windows API Interfacing, Event Normalization, Artifact Collection, Log Forwarding, Process Telemetry..