## BIO
Mobile -- [login to view URL] Deepak Kumar Gupta Current Designation – Software Engineer (Grade B) Role - Software Developer (System Software Programmer) – NT Platform Summary • Experience as a Windows System Software Developer. • Experience of working on low level boot code and interaction with BIOS in pre boot environment. • Experience in Windows System Programming (Kernel Drivers and Win32 App. both) with some exciting reverse engineering work on malwares (spywares/root kits) and NT5.0/5.1/5.2 kernel. • Demonstrated the ability of immense reverse engineering work provide some generic solutions for detection and profiling of malware code. • Experience on NDIS Miniport drivers and working knowledge of Windows Networking Stack. • In depth knowledge on OpenIB Windows Infiniband Stack (Win OF). • Experience on Windows File system and storage stacks. Professional Skills • Programming Languages/Environments: C, C++, Intel x86 assembly language, VC++, MFC • Operating Systems: Windows Vista, HPC Server 2008, Windows 2000, XP, Server2003 (Internals), Linux Internals. Sound grasp on Virtualization Technologies (Para, host based, hardware assisted). • Security: Implemented rookit and key logger detection and removal in Anti Spyware product. • Networking: TCP/IP Networks, InfiniBand Network, RDMA feature. • Development Environments: Windows SDK, WDK/DDK, VS 6 and Visual Studio .NET 2003. • Debugging Tools: WinDbg/Soft ICE/DbgView for kernel and application debugging. Education • B.E in Computer Engineering, University Of Pune, July 2006 with aggregate of 63.18% Articles Published and Voluntary Work 1) Reading/Writing to disk bypassing upper disk class filter - [login to view URL] (on Windows NT5.0, 5.1, 5.2) 2) Contributed to Open Systems Resources (OSR) on boot configuration utility for Windows - [login to view URL]. 3) Contributed raw sector I/O driver to Win Slacker utility written by Prof. Rick Leinecker with some modifications. And [login to view URL] Independent Consultancy Worked as an independent consultant from April 2009 to September 2009 for an UK based security firm and wrote utilities and libraries for them. I can’t disclose my projects there as it will go against my contract terms. Areas of Interests Windows/Linux system software development. Studying latest Malware Strategies and developing solutions for them Developing behavior based Anti Malware engine with user interactive policy definitions which will provide a zero day protection mechanism. Core Systems Programming, Data Structures and Algorithms Operating Systems, Customizations and optimizations in remote (over a network transport) booting. Areas of Expertise In depth knowledge on COFF based (ELF and especially PE32) file formats. Windows Kernel Internals. Hook creation and detection on user and kernel land on NT platform. Sound in depth understanding of Windows Object Manager and I/O Manager. Work Experience (Reverse chronological) Software Engineer (Grade B), Symantec India Private Limited, Pune, India July 2009 – Till Now Currently working as a Software Engineer (Grade B) developing Virtual Volume mounting driver and Change tracking driver for volumes on windows platform. Generic Mount Framework for Any Disk Image Generic Mount Framework is a similar framework which follows a inverted call model, driver serves the purpose of mounting and redirecting the I/Os coming down to a user mode service which in turn calls the specific image parser providers and fulfils the I/Os. Volume Change Tracking Driver A change tracking driver to track the changes happening on volume on block level. Member of Technical Staff (MTS), Great Software Laboratory (GS Lab) Pvt. Ltd., Pune, India December 2007 – March 2009 Worked as a Member of Technical Staff providing boot services solutions and developing Windows network drivers for Infiniband Stack of open fabrics (Win OF) Booting Of Diskless Hosts over InfiniBand (IB) in Storage Area Network (SAN) environment A solution similar to Etherboot for booting diskless hosts with Infiniband Adapters from SAN disks. IB to Ethernet Gateway Module on Host side (NDIS Miniport development) Implementation of IB to ethernet and vice versa protocol on host side for connecting ethernet to outside world. Software Developer, Max Secure Software Pvt. Ltd., Pune, India March 2007 – November 2007 Worked as a Software Developer and was involved in reverse engineering of Windows Components and malware codes for developing more generic algorithms for detections of malware code. File System Filter for Folder Secure File locking Application. Folder Secure is a desktop based application used for hiding files or password protected the files. This can be used for disallowing the access to unauthorized user for the sensitive data at home/offices. ANTIROOTKIT Component for Max Spyware Detector Developed the kernel driver module and user code for detecting hidden objects i.e rootkits on the system. APISPYING TOOL (Internal Tool Used for API call monitoring of processes – DLL Injection) Developed framework for spying Win32 and NTDLL apis on Windows system for tracing the calls flow of malware processes. LIVE MONITORING COMPONENT A component was developed to monitor the system under execution for creation of processes, creation of files and creation of registry entries.
