DUONG NGOduong@utdallas.edu

HIGHLIGHT OF QUALIFICATIONS

➤ Broad understanding of computer networking and security

➤ Proficient in wide variety of security, networking and system tools

➤ 3 year experience in Linux administration, networking troubleshooting

➤ 4 year experience in real-world penetration testing and vulnerability exploitation (SQL injection, XSS...)

➤ 4 year experience in secure web application development

➤ A good problem-solver, fast learner and a team-player

➤ Willing to work a variety of shifts and travel if needed

TECHNICAL EXPERTISE

Programing Languages: Python, PHP, Bash, JavaScript, Transact-SQL, Java

Applications/Tools: FireBug, Nmap, Wireshark, iptables, Apache Web Server,Scapy, Hping3, Metasploit, IDA, BackTrack, Self-written security tools

Operating Systems: Debian, Centos, Ubuntu, Windows Server

Networking Protocols: TCP/IP, HTTP, FTP, SMTP, DNS, ARP, SSL

Databases: MySQL, SQL Server, Oracle

WORK EXPERIENCE

System Administrator, Richland College Dec 2009 - Jan 2011

• Analyzed and troubleshot the college's wired & wireless networks using varietyof network tools like wireshark, tcpdump, tcpflow and nmap

• Administered four Apache web servers serving static and dynamic content forstudents

• Deployed Web Application Firewalls to prevent the websites from attacks suchas SQL injection, Code injection and Cross Site Scripting

• Monitored and analyzed network traffics to detect possible intrusions

Web Developer, Dallas Youth Sport Magazine June 2007 - Dec 2009

• Developed secure online magazine website in PHP & MySQL

• Provided technical support for customers to manage their ads on the website• Developed and managed ad clients service web application

ACADEMIC RESEARCH

Undergraduate Researcher, McAfee, Inc.Reverse Engineering Microsoft Windows Security Patches Jan 2011 - Present

• Reverse engineered & analyzed Microsoft Windows security patches• Developed intelligent automated tools to analyze Microsoft security patches

and create a comprehensive report of the expected behaviors and effects theyhave on the target system.

• Awarded Best Annual Senior Design Project by Computer Science Departmentof UT Dallas in 2011

Research Assistant, Data and Application Security Lab, UT DallasAttacking Oracle Database Sept 2010 - Present

• Developed a new method attacking Oracle by dumping the master key frommemory and automated the process of decrypting sensitive data and placing abackdoor inside Oracle databases

Lab Designer, Network Security Lab, UT DallasNetwork Security Training Hands-on Lab Sept 2009 - June 2010

• Developed VMWare images of hands-on labs (Capture The Flag style) fortraining graduate students in Network Security Course, funded by the NSA

Research Assistant, Data and Application Security Lab, UT DallasNext-generation botnets Analysis Jan 2009 - June 2009

• Explored how web-based Botnets work and how to defend against them. Thisresearch was funded by the Department of Defense

VULNERABILITIES DISCOVERED

• Yahoo! 360 Social Network: Making XSS web-based worms

• Blackboard Academic Suite: Accounts compromised by XSS• Invision Power Board: SQL Injection Vulnerability

EDUCATION

University of Texas at Dallas, Richardson, Texas June 2007 - June 2011

• Bachelor of Science, Major : Computer Science

AWARDS

• Champion of Hack In The Box Capture the Flags 2009

• 16th place in Defcon Capture the Flags 2011• 4th place in National CSAW Application Security Contest in NYC.

• Vice President, Computer Security Group, UT Dallas

REFERENCES AVAILABLE UPON REQUEST