|School||School of Applied Computer Science and Information Technology|
- Bachelor of Computer Science (Honours)
|Academic and Professional Designations|
- PhD. Information Assurance
- MSc. Information Security
- BA. Computer Science
- Dipl. Electronic Engineering Technology
- ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
- PROG8300 – Malware and Hacking (reverse engineering executables, penetration testing)
- PROG8290 – Software Application Security 2 (secure coding and testing/analysis of same)
- PROG8270 – Software Application Security 1 (mainly identification and remediation options for enterprise risk)
- CSCN71010 – Computer System Architecture (hardware/system focused)
- PROG71985 – Programming Principles (intro to C programming language)
|Areas of Expertise & Interest|
- Security event and incident detection using latest methods of event collection and aggregation with machine learning techniques used to correlate and identify anomalous activity.
- Binary executable file analysis specifically geared toward identifying areas of code that represent malicious intent.
- The process and mechanisms of secure development and the development of the tools required to demonstrate the robustness of the resulting software.
|Industry Experience, Professional Currency Activities|
- Worked for a leading video game company, designing anti-cheat, anti-reverse-engineering capabilities for use in triple-A video games.
- Worked as an analyst, primarily doing security-based source code audits on business systems. A significant part of the role was following up with developers and helping them remediate the findings.
- Worked as a member of a Red Team for a consulting company, solely focused on exploiting the networked computer systems of the company's customers.
|Major Research Projects, Scholarly Activities, and/or Publications|
- Principal Investigator of a 16-month long project to develop a process for building machine learning classifiers to identify anomalous events from streams of events numbering thousands per second.
- Principal Investigator of a 13-month project to develop a testing tool capable of spidering through networks to create a graph of vulnerabilities and a "shortest path" to administrator/root.
- Principle Investigator in the design/development of a prototype "End to End Encryption" (E2EE) Web portal for document sharing.
Steve enjoys sharing his passion for computer systems and security with his students, hoping that they will find a similar passion through the course of their learning.