IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`
`
`Asghari-Kamrani, et al.
`In re Patent of:
`8,266,432 Attorney Docket No.: 36137-0007CP2
`U.S. Patent No.:
`September 11, 2012
`
`Issue Date:
`Appl. Serial No.: 12/210,926
`
`Filing Date:
`September 15, 2008
`
`Title:
`CENTRALIZED IDENTIFICATION AND
`AUTHENTICATION SYSTEM AND METHOD
`
`
`DECLARATION OF SETH NIELSON
`
`I.
`
`Personal Work Experience and Awards
`
` My name is Seth Nielson, Adjunct Associate Research Scientist at
`
`The Johns Hopkins University. I am also currently the Founder and Chief Scientist
`
`of Crimson Vista, Inc., an independent consulting firm. In addition to the below
`
`summary, a copy of my current curriculum vitae more fully setting forth my
`
`experience and qualifications is submitted herewith as Appendix A.
`
`
`
`I have more than 15 years of dual industrial and academic experience
`
`in Computer Science. I received a B.S. in Computer Science in 2000 and my M.S.
`
`in Computer Science in 2004, both from Brigham Young University in Provo, UT.
`
`I received my Ph.D. in Computer Science in 2009 from Rice University in
`
`Houston, TX. My doctoral dissertation concerned “Designing Incentives for Peer-
`
`to-Peer Systems.” I am the recipient of the Brown Fellowship and a Graduate
`
`Fellowship from the Rice University Computer Science Department. I was also a
`
`John and Eileen Tietze Fellow.
`
` 1
`
`USAA 1050
`USAA v Asghari-Kamrani
`CBM2016-00064
`
`

`
`
`
`
`
`
`
`
`
`
`
`
`
`During my final undergraduate semester, I worked both as a teaching
`
`assistant for the Computer Networking course and as a researcher in the
`
`Networked Computing Lab. In these capacities, I assisted students in debugging
`
`and designing their TCP/IP protocol stacks, ARP protocol implementations, and
`
`RPC projects. I also collaborated in investigating statistical traffic engineering for
`
`bandwidth allocation which culminated in a published paper entitled, “Effective
`
`Bandwidth for Traffic Engineering.”
`
`
`
`Effective bandwidth relates to the concept of bandwidth reservation
`
`for quality of service guarantees. On data connections designed to carry large
`
`quantities of data for many users, some users may pay extra to guarantee a certain
`
`quality of service. Nevertheless, given enough users, at any given time some
`
`percentage of users with guarantees will not be utilizing their full capacity.
`
`Effective bandwidth is a statistical model that dictates how many users can be
`
`guaranteed service under these conditions.
`
`
`
`During my graduate work I have also published additional papers
`
`related to networking and computer security. In 2005, I published a paper entitled,
`
`“A Taxonomy of Rational Attacks.” This paper categorized and described the
`
`various types of attacks that one might see in a decentralized, peer-to-peer (p2p)
`
`network. When there is no centralized authority, users have to cooperate to obtain
`
`
`
`
`Page 2 of 14
`
`
`
`
`2
`
`

`
`
`
`
`
`
`
`
`
`
`
`service. The term “rational attacks” refers to the economic incentives to not
`
`cooperate while still exploiting the system for service.
`
` My thesis, “Designing Incentives for Peer-to-Peer Systems” built on
`
`this concept. Given a network where participants cannot be forced to cooperate,
`
`the operation of said network must induce cooperation by design of the outcomes.
`
`In other words, it must be in each participant’s best interest to contribute to the
`
`cooperative operation. Experiments included simulated extensions to the
`
`BitTorrent peer-to-peer protocol for long-term identities and mechanisms for
`
`cooperative anonymity. I constructed my own simulator of the BitTorrent
`
`protocol, and simulated thousands of hours of operations. For further accuracy and
`
`realism, I cooperated with researchers at other universities that provided me with
`
`real data traces of BitTorrent users that used long term identifiers such as a login
`
`name.
`
`
`
`From 2001 through 2003, I worked as a software engineer at
`
`Metrowerks (formerly Lineo, Inc.). There I gained substantial experience in
`
`software architecture, computer networking, and technical project management. In
`
`particular, I developed and maintained the GUI for the Embedix SDK, ported the
`
`Linx GUI of the Embedix SDK to Windows, created an automated system to
`
`forward Linux python scripts to a Windows GUI, and developed a packaging and
`
`automated updating system for client software.
`
`
`
`
`Page 3 of 14
`
`
`
`
`3
`
`

`
`
`
`
`
`
`
`
`
`
`
`
`
`During the 2004 fall semester of my Ph.D. program at Rice
`
`University, I identified a security vulnerability in the Google Desktop Search that
`
`could have allowed hackers to compromise users’ computers and obtain private
`
`information. After contacting Google and assisting them in closing the
`
`vulnerability, we published the details of our investigation.
`
`
`
`Later, in 2005, I completed an internship at Google, where I designed
`
`and implemented a solution to privacy loss in Google Web Accelerator. The
`
`Google Web Accelerator was designed to increase the speed of browsing the
`
`Internet. Once installed on a user’s computer, the browser would request all
`
`content through a Google Proxy. The proxy performed pre-fetching and extensive
`
`caching in order to provide fast and responsive service to the user. At the time of
`
`my internship, news reports had identified odd problems in which users of the
`
`Accelerator were accessing other individual’s private pages. During my internship,
`
`I designed and implemented a prototype solution for this issue.
`
` From 2005 through 2011, I worked as a Security Analyst and later a
`
`Senior Security Analyst for Independent Security Evaluators. There, I developed a
`
`parallel-processing based security tool, developed a FIPS-certified encryption
`
`library, developed hardware-accelerated encryption algorithms, developed
`
`encrypted file-system prototypes, developed an encryption library for an ISE
`
`client, performed port-scanning analyses, evaluated security protocols using formal
`
`
`
`
`Page 4 of 14
`
`
`
`
`4
`
`

`
`
`
`
`
`
`
`
`
`
`
`methods and hand analysis, and evaluated security failures. I also designed and
`
`managed the implementation of a secure communication technology that splits
`
`trust between multiple SSL Certificate Authorities (CA), so that if one CA is
`
`compromised, the communication stream can still be safely authenticated. My
`
`work on the secure communications technology project led to the issuance of
`
`multiple patents including U.S. 8,745,372 entitled ―Systems and Methods for
`
`Securing Data in Motion.
`
`
`
`In 2011, I began work as a Research Scientist at Harbor Labs and later
`
`was promoted to the position of Principal. I served a wide range of clients
`
`providing them with specialized consulting in network security, network
`
`communications, software architecture, and programming languages. I have
`
`analyzed an extensive collection of commercial software, including software
`
`related to secure email, cloud-based multimedia delivery, document signing, anti-
`
`virus and anti-intrusion, high-performance routing, networking protocol stacks in
`
`mobile devices, PBX telecommunications software, VoIP, and peer-to-peer
`
`communications. I have also analyzed security considerations for potential
`
`technology acquisitions, re-created heuristic signatures for 1995-era viruses, and
`
`re-created a 1995-era network for testing virus scanners of that time period in
`
`gateway virus scanning. I, and teams under my direction, also review technologies
`
`
`
`
`Page 5 of 14
`
`
`
`
`5
`
`

`
`
`
`
`
`
`
`
`
`
`
`for compliance with various standards such as HIPAA and also for security
`
`vulnerabilities.
`
`
`
`In particular, I have reviewed and analyzed the design and
`
`implementation of multiple security-related gateway products. This includes
`
`industrial-grade firewalls that employ anti-virus and anti-malware engines for
`
`processing network traffic. I have also reviewed other gateway products that
`
`provide secure storage to cloud devices.
`
`
`
`I have also assessed the security and privacy technologies and policies
`
`provided by a third-party vendor to the Center for Copyright Infringement (CCI).
`
`CCI represents content owners, such as the RIAA and the MPAA, in finding and
`
`reducing piracy online. Because this process necessarily involves collecting
`
`information about private individuals, I was asked to investigate and determine that
`
`the information collected from online computing devices was adequately
`
`safeguarded and protected.
`
` One of my final assignments with Harbor Labs was leading an
`
`engagement with a large biomedical device firm in a one-year analysis of the
`
`security of their products. In particular, medical devices were for some time not
`
`considered significant threats in terms of computer security. However, recent
`
`demonstrations by security researchers of the various ways in which a malicious
`
`individual might harm a person hooked up to a medical device has shifted the
`
`
`
`
`Page 6 of 14
`
`
`
`
`6
`
`

`
`
`
`
`
`
`
`
`
`
`
`thinking in the industry. Accordingly, I assisted this company in the analysis of
`
`their products, their process, and their future roadmap in order to ensure that
`
`patients are not harmed. These evaluations, under my direction, analyzed design
`
`documents, hardware, and a broad range of additional resources in order to expose
`
`as many potential problems as possible for remediation. The security of these
`
`systems depends, in part, on the architecture and deployment of the networks in
`
`which they operate.
`
`
`
`I have now formed my own consulting company, Crimson Vista, Inc.
`
`I am already serving a wide range of clients in similar capacities, providing
`
`specialized research and analysis on topics of computer security, networking, and
`
`programming languages.
`
`
`
`In 2014 I received an appointment as a Lecturer at Johns Hopkins
`
`University and in 2015 I advanced to an Adjunct Associate Research Scientist. My
`
`responsibilities at Johns Hopkins include teaching classes, mentoring students, and
`
`conducting research. More specifically, I currently teach the Network Security
`
`course for which I created the curriculum from scratch. As part of this curriculum,
`
`I designed a novel experimentation framework for allowing students to both build
`
`and attack security protocols. The course covered topics ranging from
`
`cryptography and access controls to network architecture and user psychology.
`
`
`
`
`Page 7 of 14
`
`
`
`
`7
`
`

`
`
`
`
`
`
`
`
`
`
`
` One of the components of the students’ lab work is to create a
`
`protected sandbox for running untrusted code. The sandbox must provide access to
`
`the system in a manner that cannot be exploited. Conversely, the other half of their
`
`assignment is to design exploitative code that attempts to bypass and/or neutralize
`
`the protections of the sandbox environment. This experimental framework enables
`
`the students to learn about creating, identifying, and neutralizing malware such as
`
`viruses.
`
`
`
`In addition to my course instruction, I also mentor Masters students at
`
`Johns Hopkins in their capstone projects. These projects include networking
`
`security and privacy concerns across a wide range of technologies including iOS
`
`security, BitCoin, SSL vulnerabilities, and Twitter botnets. These are all
`
`contemporary issues in practical computer security.
`
` One group of students and I investigated the known Heartbleed
`
`vulnerability in certain versions of OpenSSL. Under my direction, the students
`
`created a vulnerable server to test. Once they were able to re-create the known
`
`vulnerability, they explored other ways of testing and finding vulnerabilities of the
`
`same sort using, for example, fuzzing.
`
` Another student performed an analysis on “bots” in social media such
`
`as Twitter. Twitter relies on advertising to make money as the individual users are
`
`not charged for their accounts. This advertising process is based, in part, on
`
`
`
`
`Page 8 of 14
`
`
`
`
`8
`
`

`
`
`
`
`
`
`
`
`
`
`
`identifying “influential” individuals (i.e., individuals with a large number of
`
`friends). Unfortunately, “bots” are computer programs that can act like a real
`
`person on social media sites. Individuals will sell buyers an arbitrary number of
`
`“friends” that are, in fact, just bots. My student and I created an approach for
`
`mapping out these so-called “botnets” in a novel way that may be useful in
`
`deterring such botnets. We are currently working on a draft of this research to be
`
`submitted for publication.
`
`
`
`I first served as an expert witness at the request of RMail in 2012.
`
`Since that time, I have been hired by numerous law firms to provide them and their
`
`clients with expert consultation and expert testimony, often in the areas of patent
`
`infringement litigation related to Computer Science.
`
` Based on my above-described 15 years of education, and dual
`
`industrial and academic experience in Computer Science, I have specialized
`
`knowledge in the field of computer security, network security, network
`
`communications, cryptography, and software architecture. I believe that I am
`
`considered to be an expert in the field of computer science generally, and more
`
`specifically in the fields of IT security and authentication.
`
`II. Materials Considered
`
`
`
`In writing this Declaration, I have considered the following: my own
`
`knowledge and experience, including my work experience in the fields of
`
`
`
`
`Page 9 of 14
`
`
`
`
`9
`
`

`
`
`
`
`
`
`
`
`
`
`
`computer science and IT security and authentication; my industry experience with
`
`those subjects; and my experience in working with others involved in those fields.
`
`I have also analyzed the following publications and materials, in addition to other
`
`materials I cite in my declaration:
`
` U.S. Patent No. 8,266,432 and its accompanying prosecution history
`
`(“the ‘432 Patent”, Ex. 1001, 1002)
`
` Patent Owner’s Preliminary Response (POPR filed 08/04/2016)
`
` PCT Application Publication WO2003021837 A1 (Ex.1028)
`
` Grandparent U.S. Patent Application Serial No. 09/940,635 (Ex. 1016)
`
`
`
` Although for the sake of brevity this Declaration refers to selected
`
`portions of the cited references, it should be understood that one of ordinary skill in
`
`the art would view the references cited herein in their entirety, and in combination
`
`with other references cited herein or cited within the references themselves. The
`
`references used in this Declaration, therefore, should be viewed as being
`
`incorporated herein in their entirety.
`
`
`
`I am not currently and have not at any time in the past been an
`
`employee of United Services Automobile Association, Inc. (“USAA”). I have
`
`been engaged in the present matter to provide my independent analysis of the
`
`issues raised in the petition for post-grant review of the ‘432 patent. I received no
`
`
`
`
`Page 10 of 14
`
`
`
`
`10
`
`

`
`
`
`
`
`
`
`
`
`
`
`compensation for this declaration beyond my normal hourly compensation based
`
`on my time actually spent studying the matter, and I will not receive any added
`
`compensation based on the outcome of this post-grant review of the ‘432 patent.
`
`III. Person of Ordinary Skill in the Art
`
`
`
`I am familiar with the content of the ‘432 patent, and I have reviewed
`
`the other references cited above in this declaration. Counsel has informed me that
`
`I should consider these materials through the lens of one of ordinary skill in the art
`
`related to the ‘432 patent at the time of the invention. I believe that a person
`
`having ordinary skill in the art at the effective filing date of the ‘432 Patent
`
`(“PHOSITA”) would have had a Bachelor of Science Degree in Electrical
`
`Engineering, Computer Engineering, or Computer Science with related work
`
`experience. Individuals with additional education or additional industry
`
`experience could still be of ordinary skill in the art if that additional aspect
`
`compensates for a deficit in one of the other aspects of the requirements stated
`
`above. I base my evaluation of a person of ordinary skill in this art on my own
`
`personal experience, including my knowledge of students, colleagues, and related
`
`professionals at the time of interest.
`
`
`
`
`
`
`Page 11 of 14
`
`
`
`
`11
`
`

`
`
`
`
`
`
`
`
`
`
`
`IV. Discussions
`
`
`
`I have reviewed the Grandparent application (USAA-1016, U.S.
`
`Patent Application Serial No. 09/940,635, filed on 8/28/2001) and PCT Application
`
`Publication WO2003021837 A1 (USAA-1028, filed on 8/21/2002 claiming
`
`priority to the Grandparent application). I determine that the specifications are
`
`identical.
`
`
`
`I have reviewed Patent Owner’s Preliminary Response (POPR)
`
`Section VIB. It is my opinion that Section VIB does not show sufficient written
`
`description support for all claim limitations of each claim of the ‘432 Patent. My
`
`opinion is based on the following observations.
`
`
`
`I cannot find claim charts for claims other than claims 1, 25, and 48.
`
` The charts for claims 1, 25, and 48 include various citations to the
`
`‘129 Patent, rather than the ‘400 Application.
`
` Some of these citations point to the specification of the issued ‘129
`
`Patent. These citations to the specification do not show support for the full
`
`complement of, for example, the claimed limitation of “dynamic code” and the
`
`claimed first and second computers of the central entity.
`
` Other citations point to the issued claims, for example, claim 46, of
`
`the ‘129 Patent. It is my understanding that the issued claims including, for
`
`
`
`
`Page 12 of 14
`
`
`
`
`12
`
`

`
`
`
`
`
`
`
`
`
`
`
`example, claim 46, were not included when the ‘400 application was originally
`
`filed.
`
` Claim 48 of the ‘432 Patent recites various features including, for
`
`example, separate “central-entity” computers. But the same claim 48, as cited in
`
`the chart from p. 71 to p. 73 of the POPR, does not even include such features.
`
`Therefore, the POPR does not cite to the actual claim 48 of the ‘432 patent.
`
` Claim 25 of the ‘432 Patent recites an apparatus, not a method as
`
`stated in the POPR on p. 74. Claim 25 also recites different claim limitations than
`
`claim 52, for which the POPR does not show a chart.
`
`
`
`It is my opinion that Section VIB does not show sufficient written
`
`description support for all claim limitations of each claim of the ‘432 Patent.
`
`
`
`V. ADDITIONAL REMARKS
`
`
`
`I currently hold the opinions set expressed in this declaration. But my
`
`analysis may continue, and I may acquire additional information and/or attain
`
`supplemental insights that may result in added observations.
`
`
`
`I hereby declare that all statements made of my own knowledge are
`
`true and that all statements made on information and belief are believed to be true.
`
`I further declare that these statements were made with the knowledge that willful
`
`false statements and the like so made are punishable by fine or imprisonment, or
`
`
`
`
`Page 13 of 14
`
`
`
`
`13
`
`

`
`
`
`
`
`
`
`
`
`
`
`both, under Section 1001 of the Title 18 of the United States Code and that such
`
`willful false statements may jeopardize the validity of the application or any
`
`patents issued thereon.
`
`
`
`Dated:
`
`
`
`
`
`
`By:
`
`
`
`
`
`
`
`
`Seth Nielson
`
`
`
`
`Page 14 of 14
`
`
`
`
`8/25/2016
`
`14
`
`

`
`APPENDIX A
`
`APPENDIX A
`
`15
`
`
`
`15
`
`

`
`
`Seth James Nielson, Ph.D.
`410.497.7384
`seth@crimsonvista.com
`
`
`Profile
`I am the Founder and Chief Scientist of Crimson Vista, a computer science research and consulting firm. With over
`fifteen years of industry and academic experience in programming languages, computer networking, and computer
`security, I provide vision and insight to client technical projects. I also have extensive experience consulting for legal
`teams on various matters including patents, DMCA, code theft, and trade secrets. In addition to my work at Crimson
`Vista, I am an Adjunct Associate Research Scientist at Johns Hopkins University wherein I teach network security
`classes, mentor student capstone projects, and engage in academic research.
`
`
`Academic Appointments
`
`1/2014 – Present
`
`
`
`
`12/2014 – Present
`
`
`
`1/2014 – 12/2014
`
`
`
`
`
`
`
`
`
`
`
`
`Johns Hopkins University
`Adjunct Associate Research Scientist
`Lecturer
`
`
`
`
`
`
`
`Instruction:
` Designed the curriculum from scratch
` Built the lab work around student-built network sandbox for attack/defense simulations
` Lectured on practical cryptography, protocol design, mobile code, network architecture, zero-day exploits
`
`EN.600.424 Network Security
`
`MSSI Capstone Projects
`
`
`
`
`
`Advising:
`Jingru Chen, Yaning Liu, Yifan Yu, Zhiyue Zu, Research on the Heartbleed Vulnerability, May 2015
`
` Richard Eaton, Buying Friends: Identifying Botnet Customers and Mapping Out Botnets on Twitter, May
`2015
` Kartik Thapar, Security Techniques for Developing iOS Applications, February 2015
`Jie Feng, Jianxiang Peng, Likai Zhang, Privacy and Threats in Bitcoin, January 2015
`
`
`In Progress
`
`
`
`
`
`Research:
` Refining PLAYGROUND: a student-developed network sandbox for computer security education
`Investigating automatic detection of Twitter Bots and customers through purchased bots
`
` Searching for potential exploits against formally verified seL4 kernel
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Industry Experience
`
`3/2016 – Present
`
`3/2016 – Present
`
`
`
`
`
`
`
`
`
`
`
`Crimson Vista, Inc.
`Founder and Chief Scientist
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Malware Analysis:
`4/2016 – Present
` Disassembled and decompiled suspicious binaries with IDA-Pro
` Evaluated the behavior of suspicious binaries in a live virtual environment
`
`
`
`Confidential Client
`
`16
`
`

`
`2
`
`
`
`
`
`
`
`
`
`
`Source Code Analysis:
`3/2016 – Present
` Financial trading software in C++
` Configuration software in VB script and a proprietary language
`
`
`
`Various Clients
`
`
`12/2015 – 3/2016
`
`12/2015 – 3/2016
`
`
`
`
`
`
`
`
`
`
`
`
`Ironwood Experts
`Managing Partner (Transitional)
`
`
`
`Leadership:
` Guided the company through a difficult transition of goals, operations, and focus
` Assisted in the negotiation and successful resolution of a difficult, non-paying client
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Harbor Labs
`Principal
`Research Scientist
`
`
`
`
`
`
`
`
`
`
`
`
`9/2011 – 11/2015
`
`9/2014 – 11/2015
`
`9/2011 – 9/2014
`
`
`
`
`
`
`
`
`
`
`
`Various Clients
`
`Source Code Analysis:
`9/2011 – 11/2015
` Anti-virus and HIPS software in C and C++
` Document signing software in C++ and Java
` Custom OS for industrial-strength firewall with layer-7 inspection in C
` Medical record anonymizing software in PL/SQL
` Network protocol stack for mobile phone
` Voip software in C++
` Anti-keylogging software in C++
` Personal fitness tracking software in C++ and Java
`
`
`
`
`
`
`
`
`
`Confidential Client
`
`Confidential Client
`
`Medical Device Security:
`11/2015
` Provided computer security guidance to a design team for an in-development prototype
`
`Medical Device Security:
`7/2015 – 11/2015
` Created a one-year, multi-stage plan for reviewing the security of multiple families of devices
` Created a rigorous set of security invariants as a framework for evaluating the devices
` Led the technical consulting team performing the evaluations
` Conducted on-site interviews and discussion with manufacturer engineering staff
` Evaluated physical hardware, software, and design documentation
`Identified a previously unknown buffer overflow vulnerability and created a fully operational exploit
`
` Proposed recommendations and solutions for mitigating current problems and preventing new ones
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`17
`
`

`
`3
`
`
`
`
`
`Confidential Client
`
`Legacy Software Resurrection:
`1/2015 – 12/2016
`Investigated Java and C++ source code developed during the 1990’s
`
` Researched and identified custom hardware, software, drivers, and other environment components
` Created a build and operational environments in virtual machines and on legacy hardware
` Corrected errors between mismatching versioned components
` Demonstrated fully operational system
`
`Device Analysis and Compliance:
`10/2014 – 11/2015
` Evaluated devices and software against HIPAA, FISMA, SOX, GLBA, NERC, ISO 27002 requirements
` Evaluated devices for security vulnerabilities and soundness of design
`
`Security First Corporation
`
`
`
`
`
`Center for Copyright Information
`
`
`
`
`
`
`
`Privacy Analysis:
`8/2013 – 11/2014
`Investigated whether private information collected in tracking copyright abuse was adequately protected
`
`
`Interviewed technical staff regarding software development and software operations
` Analyzed design and policy documents
` Proposed improvements in both development and operations
` Co-authored report (Public executive summary available: http://goo.gl/ZBOhzY)
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Confidential Client
`Automated Security Tools Engineering:
`(Initiated at Harbor Labs)
`7/2011 – 12/2011
`
`
`
` Developed an automated, parallelized code coverage tool based on gcov
` Developed a tool for fuzzing iOS applications
`
`
`
`
`
`
`9/2005 – 9/2011
`
`
`1/2010 – 9/2011
`
`1/2009 – 12/2010
`
`9/2005 – 12/2008
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Independent Security Evaluators
`Senior Security Analyst
`
`Security Analyst
`Security Consultant
`
`
`
`
`
`
`
`
`
`
`
`Confidential Client
`
`Source Code Analysis:
`2010 – 2011
` Travelled to on-site location for multi-week deep dive
` Reviewed and compared source code in C++ and Java
` Evaluated algorithmic similarities between two high-frequency trading systems
` Developed simulations to compare similarities
`
`
`
`
`
`Incident Response:
`2011
` Reviewed all documentation related to possible privacy breach
`Interviewed staff regarding the breach, policies, and other relevant information
`
` Presented findings and recommendations in a drafted report
`
`
`
`Confidential Client
`
`
`
`
`
`
`
`
`
`
`
`18
`
`

`
`4
`
`
`
`Technology Analysis of DMCA Cases:
`2010 – 2011
` Reviewed the technology and technical details from landmark DMCA cases
` Drafted analyses of which technical elements featured in the courts’ decisions
` Provided short-courses to counsel on core technical operations related to these cases
`
`K&L Gates
`
`
`
`
`
`Security First Corporation
`
`Software Development:
`9/2005 – 9/2011
` Developed custom cryptographic library for data at rest and data in motion in C
` Developed automated tests for cryptographic library
` Prepared library for FIPS testing requisite for certification
`Integrated library into a filesystem for automatic encryption
`
` Extended library to use CUDA and GPU’s for hardware acceleration
` Technical lead of a secure communication library including prototype, design, and implementation in C++
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`5/2005 – 8/2005
`
`5/2005 – 8/2005
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Google
`Summer Intern
`
`
`
`
`
`
`
`
`
`
`Software Development:
`Identified the security issue with the then-extent Google Web Accelerator
`
` Designed and implemented a viable security solution
`
`
`
`
`1/2001 – 9/2003
`
`1/2001 – 9/2003
`
`
`
`
`
`
`
`
`
`
`
`
`
`Metrowerks (Formerly Lineo, Inc.)
`Software Engineer II
`
`
`
`
`
`
`
`Patent Analysis:
` Performed an analysis of the DVR technologies in several patents
`
`Software Development:
` Developed and maintained the GUI for the flagship SDK product in C++ and Python
` Simplified and re-wrote large chunks of old code resulting in a speed boost and memory reduction
` Created a Windows port that used a Windows GUI front-end and Linux VM back-end
` Created a mechanism for automatically translating Python scripts to the Windows front-end
` Created a meta package management format and system to encapsulate multiple extent formats
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Education
`5/2004 – 12/2009
`
`12/2009
`
`
`
`
`Thesis:
`Investigated abuse of decentralized systems by economically rational agents
`
` Proposed a taxonomy of this type of abuse
` Experimented with simulations of long-term identifiers in BitTorrent
` Simulated a novel “anonymity of crowds” system based on BitTorrent
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Rice University
`Ph.D. in Computer Science
`
`
`
`
`
`
`
`Designing Incentives for Peer-to-Peer Systems
`
`19
`
`

`
`5
`
`
`
`Exploits in Local Searching Tools
`
`
`
`Additional Research:
`Investigated the then-extent local computer searching tools of Google, Yahoo, and Microsoft
`
` Uncovered a vulnerability in the Google Desktop Search product
` Assisted Google’s security team with a fix before publishing results
`
`Awards:
` Brown Fellowship
`John and Eileen Tietze Fellowship
`
`
`
`
`
`
`
`
`
`
`9/2002 – 12/2004
`
`12/2004
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Brigham Young University
`M.S. in Computer Science
`
`
`
`
`
`
`
`OO++: GoF Revisited
`
`
`
`
`
`Thesis:
` Extended Python to support Functional and Prolog-style syntax
` Considered how Software Design Patterns can be extended in evolved programming languages
`
`
`
`9/1994 – 5/1997; 9/1999 – 4/2000
`
`4/2000
`
`
`
`
`
`
`
`
`
`
`Brigham Young University
`B.S. in Computer Science
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Awards:
` Dean’s Honor List Fall Semester 1999, Winter Semester 2000
`
`
`Publications
`Pending Review:
`Seth James Nielson, PLAYGROUND: Preparing Students for the Cyber Battleground, Submitted to the Journal of
`Computer Science Education.
`
`Peer Reviewed Papers:
`Seth James Nielson and Charles D. Knutson, Design Dysphasia and the Design Patterns Maintenance Cycle.
`Information & Software Technology, volume 48, number 8, pp. 660- 675, (August 2006)
`
`
`
`
`
`
`Seth James Nielson, Scott S. Crosby, and Dan S. Wallach, A Taxonomy of Rational Attacks. In Proceedings of the
`Fourth International Workshop on Peer-to-Peer Systems (IPTPS ’05), Ithaca, New York, (February 2005)
`
`Rob Kunz, Seth Nielson, Mark Clement, Quinn Snell, Effective Bandwidth for Traffic Engineering, in Proceedings of
`the IEEE Workshop on High Performance Switching and Routing (HPSR 2001), Dallas, TX, (May 2001)
`
`Technical Reports and Open Access Papers:
`Seth James Nielson, Reintroducing Pylogical, BYU SEQuOIA Technical Report, (March 2012)
`
`Seth James Nielson and Dan S. Wallach, The BitTorrent Anonymity Marketplace, arXiv Technical Report
`1108.2718, (August 2011)
`
`
`
`20
`
`

`
`6
`
`
`
`Seth James Nielson, Caleb E. Spare, and Dan S. Wallach, Building Better Incentives for Robustness in BitTorrent,
`arXiv Technical Report 1108.2716, (August 2011)
`
`Seth James Nielson, Seth J. Fogarty, and Dan S. Wallach, Attacks on Local Searching Tools, arXiv Technical
`Report 1108.2704 (Originally produced in December, 2004, available on arXiv as of August 2011)
`
`Theses:
`Seth James Nielson, Designing Incentives for Peer-to-Peer Systems, Rice University Department of Computer
`Science Ph.D. Thesis (2010)
`
`
`
`
`
`
`
`Seth James Nielson, OO++ Design Patterns, GOF Revisited, Brigham Young University Department of Computer
`Science Master’s Thesis (2004)
`
`Professional Publications:
`Aviel D. Rubin, Seth J. Nielson, Sam Small, Christopher K. Monson, Guidelines for Source Code Review in Hi-Tech
`Litigation, Harbor Labs White Paper (September 2013)
`
`
`Patents
`Co-inventor: Orsini, R. 2014. Systems and methods for security data in motion. U.S. Patent 8,745,372 filed
`November 24, 2010 and issued June 3, 2014.
`
`Co-inventor: Orsini, R. 2014. Systems and methods for security data in motion. U.S. Patent 8,745,379 filed August
`20, 2012 and issued June 3, 2014.
`
`Co-inventor: O’Hare, R. 2014. Systems and methods for security data. U.S. Patent 8,677,148 filed January 27,
`2012 and issued March 18, 2014.
`
`
`Selected Technical Expertise
`
`Litigation Support
`
`1/2010-Present
`
`
`Technologies:
`Firewalls, databases, electronic voting, email, wireless protocols, network communications
`
`
`Services:
`
`Source code reviews, technical interviews, prior art search,
`
`
`
`
`
`claims charting, deposition assistance, technology demos for trial,
`
`
`
`
`
`patent portfolio review
`
`Vulnerability and System Analysis
`Medical device security, Google Desktop Search (2004), crypto protocols, viruses,
`malware, passwords, cryptographic implementation, security policy viability,
`marketplace viability and risks of existing and future products
`IDA Pro, port scanning, Formal cryptographic analysis tools,
`GCov and code coverage tools, fuzzing
`
`Malware Analysis and Reverse Engineering
`Reverse engineering of x86 and x64 suspicious binaries
`IDA Pro Disassembler and Decompiler, PE header tools, debuggers
`
`9/2004-Present
`
`Examples:
`
`
`
`
`
`
`
`Tools:
`
`
`
`
`3/2016-Present
`
`Examples:
`
`Tools:
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`21
`
`

`
`7
`
`
`
`
`9/2005-9/2011
`
`Algorithms:
`
`Special:
`
`
`Cryptogr