Chief Scientist for Security, Systems, and Networks
Creativity, analysis, and leadership across a diverse range of classified and open technological problem areas, such as cloud-based DDoS Defense, realtime U.S. Weapon System defense, dynamic & deceptive networks, Intrusion Detection, Firewalls, Cyberwarfare Planning & Operations, and the first web server load balancer on the market.
Perspecta Labs (a.k.a. Applied Communication Sciences, Vencore Labs)—Basking Ridge, NJ
May 2012 – Present
Ideated, proposed, planned, conducted, and technically
directed $14M in research programs. For the DARPA Extreme
Distributed Denial of Service (DDoS) Defense program (XD3) program,
used deceptive network maneuvers implemented on distributed,
ephemeral, cloud-based VMs to inexpensively defend against and deceive
both sophisticated high and low volume attacks against any network
protocol. Designed and acquired a terabit per second network
testbed to allow realistic testing of large scale network attacks
(now used by five contracts); and designed and implemented test software
that could work on laptops, the terabit cluster, and live internet
cloud providers. For AFRL Cyber Deception, created a dynamic &
ephemeral network environment using Software Defined Networks to
deceive and confuse cyber attackers while preserving a seemingly
normal user experience. For the defense of U.S. Weapons
systems, created a real-time system to add critically-needed
security to both legacy and modern platforms.
Developed new business by analyzing and applying advanced methods, theories, and research techniques to create substantiated proposals to solve complex and advanced technical problems posed by customers. Proposal lead for the programs listed above, and helped with the DARPA EdgeCT and two classified programs. Won or helped win $37M in total new business in last three years.
Provided leadership, design, development, and testing expertise. For the DARPA Plan X program, created an attribution-hiding cloud provisioning system for Computer Network Operation listening posts, redirectors, and vantage nodes; designed and developed test, wargaming, and operational range automated instantiation, performed initial system capability development and deployment; prototyped Cyber Domain Specific Language and reasoning system. For other programs, created a high-security Android cell phone (SMC), framework (CRUSHPROOF), and Linux security systems (DEFIANT) for the U.S. Army; including development of anomaly detectors plus user and kernel IDS modules for both Android and Linux, synchronizing development on both platforms, plus creating build and deployment infrastructure.
Additionally, authored six patent applications, published research papers, developed classified lab security audit systems, mentored junior staff, and created technical documentation and automation tools for team members.
Raytheon Trusted Computer Solutions—Herndon, VA
Principal Secure System Engineer
August 2008 – May 2012
Lead Technologist for and driving the technical design, implementation, core code design, security, and integrity of CounterStorm, a network intrusion and attack detection and response appliance, including SELinux, STIG, and IPv6 implementation. Performed tactical management of a distributed team of developers. Further responsible for RShield-ICAP integration, Nagios monitoring of RShield installations, RShield log analysis and mail load synthesis.
CounterStorm—New York City
August 2001 – August 2008
Chief Architect for CounterStorm as described above until company acquired by Raytheon. Responsible for patents, senior technical liaisons, technical management of DARPA Information Assurance and Army FCS projects, on-site deployment at governmental facilities, and Homeland Security contracts for bot-net and worm detection.
Product users include: New York Police Department, Warner Music Group, The Brookings Institute, McGraw-Hill, Columbia-Presbyterian Hospital, BAE Systems.
HydraWEB Technologies—New York City
Chief Technical Officer
September 1994 – May 2001
Lead Technologist for HydraWEB & created first web load balancer on market. Responsible for all technical evaluations, plans, designs, and technical customer proposals. Senior inventor, designer, and developer of HydraGPS (WAN client/server reliability and optimization system), HydraWEB (LAN client/server reliability and optimization device), Brimstone (firewall), and Proconsul (serial console middle ware). Responsible for patents, senior technical liaisons, plus core code design, review, and integrity. Systems/network administrator and guidance for both the company LAN, the Internet connection, plus several large corporate clients with large Unix Internet-connected network installations dealing with Interactive TV and WWW hosting.
Product users include: Allen Bradley, Ascend, Associated Press, ATKK, AT&T, Bear Stearns, Citicorp, Corel, DLJ, Deutsche Post, Dow Jones, JC Penney, Juno, MCI, Monster, Reuters.
Columbia University—New York City
January 1988 (FT&PT) — FT: March 1992 – August 1994
Solely responsible for all CTR systems, maintenance, and network operations for a network of 300+ users, 90+ Unix machines, and 100+ PCs, Macs, and X-terminals. Including requirement analysis, purchase, installation, and maintenance of all technical equipment and software. Compiled, installed, and maintained all normal Internet services such as DNS, sendmail, USENET, WWW, anonymous FTP, and IRC. Extraordinary duties included the total redesign, purchase and implementation of the network due to a move to a different building.
S. Robertson, S. Alexander, J. Micallef, J. Pucci, J. Tanis, A. Macera. "CINDAM: Customized Information Networks for Deception and Attack Mitigation." In Self-Adaptive and Self-Organizing Systems Workshops (SASOW), 2015 IEEE Ninth International Conference on, 2015.
S. Beitzel, T. Bowen, R. Chadha, J. Chiang, B. Falchuk, Y. Gottlieb, G. Levin, J. Micallef, C. Orji, R. Porter, A. Poylisher, S. Robertson, G. Walther, C. Paprcka, J. Santos. "Cydef: A unified and adaptive cyber defense framework." In Classified US Military Communications (CUMC) Conference, 2013.
S. Robertson, E. Siegel, M. Miller, S. Stolfo. "Surveillance detection in high bandwidth environments." In DARPA Information Survivability Conference and Exposition (DISCEX), 2003.
Raytheon Trusted Computer Solutions (CounterStorm): "Detecting Probes and Scans Over High-Bandwidth, Long-Term, Incomplete Network Traffic Information Using Limited Memory." US 7,752,665 granted July 6, 2010.
Perspecta Labs: "Identifying and Deceiving Adversary Nodes and Maneuvers for Attack Deception and Mitigation"; Sole inventor, 15/952,711, 2018-04-13.
Perspecta Labs: "Low Delay Intrusion Prevention"; First inventor, 15/482,341, 2017-04-07.
Perspecta Labs: "Customized Information Network for Deception and Attack Mitigation"; Sole inventor, 15/274,855, 2016-09-23.
Columbia University, School of Engineering and Applied Sciences. B.S. in Computer Science, 1992.