Professional Documents
Culture Documents
duong@utdallas.edu HIGHLIGHT OF QUALIFICATIONS Broad understanding of computer networking and security Proficient in wide variety of security, networking and system tools 3 year experience in Linux administration, networking troubleshooting 4 year experience in real-world penetration testing and vulnerability exploitation ( SQL injection, XSS...) 4 year experience in secure web application development A good problem-solver, fast learner and a team-player Willing to work a variety of shifts and travel if needed TECHNICAL EXPERTISE Programing Languages: Python, PHP, Bash, JavaScript, Transact-SQL, Java Applications/Tools: FireBug, Nmap, Wireshark, iptables, Apache Web Server, Scapy, Hping3, Metasploit, IDA, BackTrack, Self-written security tools Operating Systems: Debian, Centos, Ubuntu, Windows Server Networking Protocols: TCP/IP, HTTP, FTP, SMTP, DNS, ARP, SSL Databases: MySQL, SQL Server, Oracle WORK EXPERIENCE System Administrator, Richland College
Analyzed and troubleshot the college's wired & wireless networks using variety of network tools like wireshark, tcpdump, tcpflow and nmap Administered four Apache web servers serving static and dynamic content for students Deployed Web Application Firewalls to prevent the websites from attacks such as SQL injection, Code injection and Cross Site Scripting Monitored and analyzed network traffics to detect possible intrusions June 2007 - Dec 2009
Provided technical support for customers to manage their ads on the website Developed and managed ad clients service web application
ACADEMIC RESEARCH Undergraduate Researcher, McAfee, Inc. Reverse Engineering Microsoft Windows Security Patches Jan 2011 - Present
Reverse engineered & analyzed Microsoft Windows security patches Developed intelligent automated tools to analyze Microsoft security patches and create a comprehensive report of the expected behaviors and effects they have on the target system. Awarded Best Annual Senior Design Project by Computer Science Department of UT Dallas in 2011 Sept 2010 - Present
Research Assistant, Data and Application Security Lab, UT Dallas Attacking Oracle Database
Developed a new method attacking Oracle by dumping the master key from memory and automated the process of decrypting sensitive data and placing a backdoor inside Oracle databases Sept 2009 - June 2010
Lab Designer, Network Security Lab, UT Dallas Network Security Training Hands-on Lab
Developed VMWare images of hands-on labs (Capture The Flag style) for training graduate students in Network Security Course, funded by the NSA Jan 2009 - June 2009
Research Assistant, Data and Application Security Lab, UT Dallas Next-generation botnets Analysis
Explored how web-based Botnets work and how to defend against them. This research was funded by the Department of Defense
VULNERABILITIES DISCOVERED
Yahoo! 360 Social Network: Making XSS web-based worms Blackboard Academic Suite: Accounts compromised by XSS Invision Power Board: SQL Injection Vulnerability
AWARDS
16th place in Defcon Capture the Flags 2011 4th place in National CSAW Application Security Contest in NYC. Vice President, Computer Security Group, UT Dallas
REFERENCES AVAILABLE UPON REQUEST