Curriculum Vitae

Education:

Ph.D. in Computer Science and Engineering (2011), The Pennsylvania State University
M.S. in Computer Science (2005), Nanjing University, Nanjing, China
B.S. in Computer Science (2002), Nanjing University, Nanjing, China

Working Experience:

- Cyberhaven, 2025.1 ~ present
  - AI Security
  - Data Security
- Normalyze, 2021.2 ~ 2025.1
  - Data-first Cloud Security
  - Black Hat'22 Innovation Spotlight Competition Finalist
- F5, 2020.7 ~ 2021.1
  - Architect and Implement an integrated SaaS AppSec platform with WAF, API protection, Anti-bot, and Anti-fraud & abuse
  - DDoS protection and CDN integration
  - Bot Detection and Protection Engine
- ForeScout Inc, 2016.6 ~2020.7
  - Design, architect and develop Forescout 1) OOTB (out-of-the-box) Device Classification, 2) IoT Posture Assessment, and 3) Device Intelligence Cloud from the ground up
  - Leverage machine learning to tackle multiple IoT security challenges, including device classification, risk assessment, segmentation, vulnerability detection, behavior analysis, etc.
  - Build and lead high performing teams (Research, Data, and Dev) to deliver cool features of Forescout eyeSight products.
  - My team owns the following:
    - Device Classification (Content & Engine)
    - IoT Posture Assessment
    - Forescout Device Cloud
    - Machine Learning Services (Device Classification, Segmentation)
    - NIC Vendor DB and DHCP Classifier
    - IoT Product and Threat Research
- Palo Alto Networks, 2011.4 ~ 2016.6
  - Lead the effort in research and developing content to power the firewall for providing content visibility and control.
  - Implement solutions to analyze different protocols such as HTTP, SSL, FTP, SSH, DHCP, etc, for application, threat and vulnerability detection.
  - Research on the root cause of publicly disclosed vulnerabilities and develop IPS detection logic (e.g., Noxxi evasion).
  - Design and implementation of new L7 firewall features (e.g., SafeSearch Enforcement, ALG).

Research Experience:

- Mobile Computing and Networking Laboratory, Department of Computer Science and Engineering, Penn State University
  - Sponsored by National Science Foundation program, I have worked on four topics in wireless networks, designed, implemented and evaluated protocols and algorithms for the following projects.
    - Data Dissemination in Vehicular Ad-hoc Networks.
      - Popularity Aware Content Sharing (Roadcast): design and invent distributed algorithms to achieve the balance between matching users’ query and increasing data accessibility in VANET by making use of Information Retrieval (IR) techniques.
      - Service Scheduling: design and invent a two-step scheduling algorithm to address the tradeoffs between service ratio and data quality and obtain a high-efficient service scheduling for vehicle-infrastructure data access.
      - Vehicle-Platoon Aware Data Access (V-PADA): achieve flexible data sharing among vehicles in the platoon. High-efficient platoon formation protocols and vehicle mobility anomaly detection techniques are proposed to predict the splits of vehicles
      - Trajectory-Aware Roaming (TAR): optimally handle the tradeoff between vehicle throughput and handoff reduction during vehicle-infrastructure association.
      - Data Pouring and Buffering on the Road: exploit how to use moving vehicles to forward and buffer data.
      - Extending Drive-thru Data Access: extend drive-thru vehicle-roadside communication performance by designing a vehicle relay based protocol.
    - Cooperative Data Replication in Mobile Ad Hoc Networks
      - Balance the tradeoffs between query delay and data accessibility in ad hoc networks by designing cooperative and distributed data replication algorithms
      - Quantify impact of mobility on data replication in mobile ad hoc networks
    - Content Based Routing for Large-scale Publish/Subscribe Systems
      - Community and Content-based Routing (CLONE): disseminate data from multiple mobile publishers to multiple mobile subscribers by building a two-tier structure based on content locality in large scale pub/sub systems.
    - Social Aware Data Diffusion in Delay Tolerant Networks
      - Social Aware Data Diffusion: use social network analysis and knowledge to design effective data diffusion schemes based on nodes’ social relationship and data similarity in delay tolerant networks.
- Internet and Mobile Computing Laboratory, Department of Computing, Hong Kong Polytechnic University
  - Sponsored by HK RGC Competitive Research Grant, I worked on data consistency of cooperative caching in mobile peer-to-peer networks.
    - Cache Invalidation Framework: provide a basis for designing, analyzing, and evaluating strategies to address data consistency issues in mobile wireless environments.
    - Relay-Peer based Cache Consistency: use mobile nodes as relays for cache invalidation in mobile networks.
    - P2P Content Sharing System: serve different customers with different data consistency requirements.
- Distributed Computing Laboratory, Department of Computer Science and Technology, Nanjing University
  - Study techniques on the running, managing and scheduling of web-based application servers.
  - Set up and impelment an application-servers platform with high scalability and availability.
  - Responsibility includes QoS characteristics description and implementation of the admission control module of the platform.

Honors and Awards:

ACM MobiHoc Best Poster Award, 2009
2009 IEEE ICDCS Travel Grant Award, 2009
ACM MobiHoc Travel Grant Award, 2009
College of Engineering Fellowship, 2005-2006
HP Outstanding Student Scholarship, Hewlett-Packard, 2004-2005
Outstanding Graduate Student Fellowship, Nanjing University, 2003-2004
Outstanding Undergraduate Student Fellowship, Nanjing University, 1999-2002

Professional Services:

Review for book chapter: Dynamic Analysis for Social Network by iConcept Press.
Review and judge papers for international scientific journals and transactions: IEEE Transactions on Vehicular Technology, IEEE Transactions on Mobile Computing, IEEE Transactions on Parallel and Distributed Systems, IEEE Communications Letters, IEEE Wireless Communications, ACM Mobile Networks and Applications, IEEE Transactions on Wireless Communications, Ad Hoc Networks, Sensors, Network Protocols and Algorithms, Wireless Communications and Mobile Computing, Journal of Ad Hoc & Sensor Wireless Networks, Computer Networks, and International Journal of Communication Systems.
Review and judge papers for international conferences or workshops: Nets4Cars (2011, 2010, 2009), PerCom (2011, 2010, 2008), MOSN (2011), GLOBECOM (2010), SECON (2011, 2010, 2009), MASS (2009), WOWMOM (2009), INFOCOM (2009), and MobiQuitous (2008).
Publicity Chair for: the First Wireless of the Students, by the Students, for the Students Workshop, in conjunction with ACM MobiHoc (MobiHoc-S3-2009).
Program Committee Member for: the International Workshop on Communication Technologies for Vehicles (Nets4Cars 2009, 2010, 2011, 2012), the First International Workshop on Wireless Computing and System (WCS 2010), the First IEEE NSS Workshop on Mobile and Online Social Networks (MOSN 2011).
Chair of the International Student Committee of the Graduate Student Association (GSA) in the Pennsylvania State University (2006-2007).

Page updated

Google Sites

Report abuse