Introducing CyberDefenders 2018 Summer Program!

Last years’ student, Akshatha, speaking to the 2018 cohort about her experience

According to the Cybercrime report released by Cybersecurity Ventures in 2017, it is predicted that cybercrime will cost the world more than $6 trillion annually by 2021 and that it will be one of the biggest challenges that humanity will face in the next two decades. Protecting information, systems and our own personal devices from breach has become an inevitable part of our lives, owing to the growth in technology. This is where our Cyber Defenders program comes into play by setting the stage for the students by understanding, analyzing and implementing the security concepts to make a career out of it.

Cyber Defenders brings together Education, Government and Industry to create an immersive 8-week cybersecurity bootcamp internship for California based Community College Students. The focus of the program is to enrich the students with cybersecurity skills giving them a foundation and getting them familiarized through analysis, research and implementation of various projects and assignments, so that they are industry ready for a beneficial career in the field.

One of the students from our 2017 program, Akshatha is currently working as a security intern at Silicon Valley Bank. During our orientation program on June 15, 2018, she gave a brief note on how the program helped her gain familiarity with Python programming, security modules, concepts of Machine Learning and how she was aided by the industry partners and program advisors through her tough times during the project implementation.

Through the Cyber Defenders program, the students get to work in an environment that simulates a cybersecurity startup by implementing Agile methodology, creating accountability, tracking progress and identifying obstructions in completing the projects. The emphasis of the security project areas is primarily on Application Security, Blockchain & Cryptography, Malware Analysis with machine learning, Network security for IoT devices and Mobile App Security.


1. Cyber Security Skill Development

The skill development track comprises of 25% of our focus providing the foundation of the concepts of cybersecurity. During the first week of the program, a Boot Camp is conducted covering a range of subjects like gaining insight of their career paths and interests, Penetration testing, Network security and Machine Learning. The students are also encouraged to perform Code Review by splitting them into the Red and blue teams whose intention should be to exploit the vulnerabilities and fortify the attacks respectively. In the second week, the students are imparted knowledge on Python for Cybersecurity by making them work on various small projects like Port Scanning, Packet Sniffing, Penetration testing, etc. and getting them familiarized with various security tools. Throughout the course of these two weeks, the students are given assignments, assessments and case study activities to strengthen their base.

2. Cyber Security Industry Project

The major emphasis of the Cyber Defenders internship program is the project, which comprises of 45% of our focus area. Gauging the interest of the students and their research, they will be encouraged to form teams of 3–5 people. We help them to narrow down their focus area and direct them to the demands of the industry. We help them to figure out their project and help in planning ahead for timely completion and ensuring that they have a write-up describing their project and its technicalities to improve their documentation skills. On the last day of the program, industry partners and mentors are invited to review the project presentations of the groups and gain their insight.

3. Cyber Security Research

Comprising of 10% of our program’s focus, the students are provided with an opportunity to research and submit a report based on their intricate analysis and understanding of concepts, tools and incidents. This broadens their perspective and helps them to extend the knowledge into their project research and presentation, acquainting them with the depth of understanding required. They will also be encouraged to write blog posts based on their research and analysis and gain knowledge of technical writing.

4. Cyber Security Activities & Networking

Another 10% of our program’s focus is on Networking and Activities. Guest speakers, who are cybersecurity industry experts, are invited to give a brief introduction of their domain, for the students to leverage the speaker’s expertise and knowledge. They also provide lectures on specific security topics to impart knowledge and provide them insight. The students are encouraged to leverage the communication medium, contributing to open source projects on GitHub related to cybersecurity. Competitions like Capture the Flag (CTF) and Hackathon are conducted involving teams to compete against each other. They are motivated to reach out to industry partners and connect with professionals.

5. Career Development

A new addition to this year Cyber Defenders program is focusing on the Career Development aspect. A dedicated 40 hours of training in partnership with YearUp! is provided to the students to hone their communication and etiquette, refine their resumes and cover letters and interactive lessons to elevate their public speaking skills. Business cards with the names of the students will be provided to them, to help network with the industry professionals. This track shall have 10% of the total emphasis of the program.

Through the Cyber Defenders Internship program, we strongly believe that our training, resources and aid will thoroughly benefit the Community College students to start their career in the field of Cybersecurity and provide them the boost needed to have a successful future.

What to help? Drop us a line….

Twofer — We are hiring & Announcing our summer program!

We are hiring a graduate student to work with us in San Jose, CA for the 2018 Cyber Defenders program from June 15 — Aug 15. If you are a Computer science student looking for summer internship send us your application:

Applications for our summer program are live!! Students who participate in our summer program as eligible to be paid. Following are two most important criteria:

  • You should be a community college student and resident of Santa Clara or Alameda county in San Francisco Bay Area
  • You should have an aptitude to learn and build a career in Cyber Security!

This is a great opportunity to build a career you always dreamt of. Please use this link to apply –

Mirror Health — Our Journey in creating deeper mental health insights

Our team was largely strangers before this weekend, but we were brought together by our shared passion for a topic that means a lot to each of us personally: mental health. Each and every one of us is affected by this topic — be it through the careers we choose, the people we love, or the experiences we live.

And though none of us knew what we wanted to build when we signed up for HackMentalHealth, all of us wanted to create something that could make a difference.

At the start of the hack, a few of us came together after hearing Jonathan’s pitch. Jonathan’s startup, reflect, came out of his own personal struggle of taking a long time to find the right therapist. As the conversation grew, others joined the team, excited to lend their skills.

Drawing from our own experiences, we originally focused on helping clients in therapy. After meeting with several HackMentalHealth mentors, including UCSF psychiatrist Dr. Steven Chan and healthcare technologist Swatee Surve, we realized a pivotal and oft-ignored opportunity to start the conversation occurs even before a mental health practitioner is involved — in the primary care setting. This was our a-ha moment. We instantly knew that building a product to serve this setting while minimizing disruption to the care team’s existing workflow would be key to making an impact.

One in five US adults lives with an adverse mental health condition, and 70% of conditions that present themselves in the primary care setting are mental health related. Unfortunately, context critical to mental health goes under-discussed as overburdened providers have just 15 minutes with each patient and thus often miss a critical opportunity to potentially diagnose and treat underlying mental health conditions.

Misattributed symptoms like fatigue, sleep disorders, chronic pain, chest pain, dizziness, and abdominal discomfort often lead to unnecessary and expensive testing to find a physical cause. Because mental health tends to evade conversation, symptoms often worsen for patients dealing with undiagnosed conditions and result in exacerbated comorbidities. This downward spiral costs the healthcare system over $500 billion annually.

We knew we needed to bring the conversation around mental health into the general practitioner setting if we wanted to truly make a impact.

Meet Mirror Health

Mirror Health is a platform for primary care teams to use their limited time to assess, counsel, and treat mental health issues more effectively.

Our product is a simple screening tool that patients can fill out in less than 2 minutes as they wait for their primary care appointment (the average wait time is over 19 minutes). The survey combines widely used and validated questions from the Patient Health Questionnaire (PHQ)-2 and Generalized Anxiety Disorder Scale (GADS)-2 depression and anxiety assessments, along with more open-ended questions around any significant life events or stressors (like loss of a job or relationship) they may be facing.

Recognizing that self disclosure is often a barrier to information, we used empathetic design to help patients feel more comfortable sharing. We also believe technology is an asset here, encouraging patients to share facts they might otherwise feel embarrassed to do so with medical staff..

By providing greater context around the patient and what they might be facing in their lives, we help clinicians see patients’ mental health more clearly.

Patient Screening Questions

An interactive avatar empathizes with the patient

Because a clinician’s time is limited, our platform presents this information to the primary care provider at the point of care in an intuitive and easy to read dashboard report, alerting the provider to pursue a more in-depth assessment, counseling, and referral to further treatment if needed.

It’s important for us to note that Mirror Health is not a diagnostic tool. It gathers and distills data to help flag potential issues to the primary care team — it enables mental health to enter the conversation.

A simple Mental Health Score for the Practitioner to review

Timeline view for the practitioner to understand patients in regards to life changing events

What’s next?

We accomplished a lot in the short period of time. But there’s much more to be done.

Are you a mental health practitioner or a primary care doctor? We would love to get your feedback on how we can make Mirror Health work for your practice. In addition to the self-reported data we currently leverage, we’re excited to explore biometric and behavioral data as predictors.

This includes practical ways of assimilating Mirror Health into existing workflows and systems, such as the electronic (and paper) health record systems that doctors’ offices use today.

A screening platform that works in existing workflow and addresses a need is just the beginning. Our broader future vision is to entirely redesign the waiting room experience to make patients feel safe and open to talking about their mental health in the most common healthcare setting. There is an endless future for Mirror Health — empathy robots, waiting room redesign, and an expansion of the type of targeted mental health conditions.

We hope our platform can help destigmatize mental health by integrating the conversation more seamlessly into physical healthcare settings. We talk about physical health with our doctors in annual checkups; why shouldn’t we discuss mental health too?

Thank you #HackMentalHealth!

We had an amazing time at HackMentalHealth! For most of us, this was our first hackathon, and we didn’t know each other before forming a team after the initial pitch session. Hackathons have a reputation for being sleepless Red Bull-fueled stress zones and this hackathon completely flipped the script. We started as strangers and became a team through a weekend of jokes and stimulating conversation. We enjoyed the collaborative spirit from neighboring teams and friendly competition while taking care of our minds and bodies through yoga workshops and nourishing food. Building a product that can help physicians provide better care to their patients has been immensely rewarding. We all left with more awareness, confidence, and willpower to change the world. Thank you #HackMentalHealth for starting the movement. You truly set the gold standard of how a hackathon ought to be.

Mirror Health Team & Mentors

Ideating Cyber Defenders Hackathon

Starting to Ideate a Cyber Defenders Hackathon

With Malwarebytes, San Jose Evergreen Community College, and several other educational & Cyber Security partners we are excited to start thinking about a cyber security hackathon targeting Feb 2018.

Following are main objectives for this hackathon targeted to students seeking internship and careers in Cyber Security with at least two years of computer science backgroud:

  • Skill Development : Learn concrete Cyber Security skills like application of machine learning for malware analysis with workshops as part of the two days of hackathon
  • Industry Experience: Complete a cyber security project with guidance and mentorship from participating industry experts. The projects will be judged by experts in cyber security
  • Employment Opportunity: Earn Internship opportunities by interacting with participating employers

Some other ideas we thought of for this hackathon are along the lines of capture the flag fun evening contests or a ethical hacking contest.The next item on list is to make a list of fun Cyber Security Challenges which will be great projects which fit in the hackathon format.

With this hackathon we are targeting students in Northern California (collegiate and community colleges). Would love your feedback on potential date of Feb 9 (Fri) — Feb 10 (Sat) at MalwareBytes Offices in San Jose, CA.

Update (Jan 12, 2018): We are shooting for March 2–3. Here is a *tentative draft* flyer for the event:

TechShop Inc. abruptly shuts down — what now?

On November 15th, the doors of 10 US Techshops abruptly shut down, leaving hundreds of entrepreneurs, small business and thousands of maker members stranded — just before the holidays.

This is the first time I have witnessed a business being closed down such ruthlessly and a limited thought given to the aftermath. When Google Health closed down, I witnessed a pretty good pass-off to other vendors. I wonder if Techshop could have been more graceful about their demise.

A number of group Techshop Orphans on Facebook, Hackers & Makers on Slack and numerous Twitter and Facebook threads have pop’ed up. The maker movement has suffered a blow but more so it’s clear that some of this might be pure mis-management than an obvious business model issue.

At least in SF Bay Area numerous institutions like Hacker Dojo in San Jose, Noise Bridge in SF, Ace Monster Toys in Berkeley and machine makers like Glowforge, Inventables, littlebits and formlabs are offering discounts. The community has put together a resource list for those looking for immediate tool library or assistance.

I’m interested in being part of the group which re-boots techshop in a new way. Some like minded folks have started a questionnaire on it as well. Feel free to leave a comment and share your thoughts as well.

Project Pensieve — Season Finale!

Editor’s Note: Cyber crimes against consumers are rampant and not much is done. Most corporation treat consumer data as a product. Consumer’s can’t trust organizations to be custodians of their data and governments are not of any help. Project Pensieve aims to give the control of data to consumers through use of blockchain technology. We are thrilled to present the final project update written by Nick Handy, Eric Tinoco, and Brandon Rawlin.


Welcome Back!
This week we will take a look back as our 8 week program comes to an end. This past thursday and friday we gave presentations of our final projects. This involved creating a five-minute presentation of our work as well as a research poster. In this blog we will summarize these for you and give a taste about what will come next for our project Pensieve.

Creating a Research Poster

Pensieve Poster

We created a research poster that contained a collection of all the work that we have done, and the work that we intend to do in the near future. In this poster board you will be able to get a glimpse of the following:

  • A brief summary of our work
  • The background of Pensieve and the blockchain
  • Our approach to storing information on the blockchain
  • Our Implementation
  • Our Results
  • Future additions to our project
  • Cited Resource List

For most of us, this was the first research poster we have done in the computer science field, and it was a great learning experience as we had to track our thought process throughout the entire project. Taking a step back — this project was an inspiration as new students in the Cyber Securityfield..

Bringing it all Together

The culmination of our project were presentations of our research on the final two days of the program. We planned out our presentation to be a bit more digestible than the poster board. In roughly five minutes our presentation had to explain the blockchain system, break down our project, and demonstrate the Pensieve prototype. The slides for the presentation can be found here.

Main Concepts of the Presentation

Our presentation used Yahoo as an example to support why decentralized applications are important. Yahoo’s breach in 2016 showed that entrusting data with companies has tremendous downsides when they are compromised. A decentralized system can be a safer place to store data then a centralized one. The most difficult part of our presentation was explaining the blockchain in around a minute and half. Once blockchain was explained, we moved onto the platform in which we were going to use, and that platform was Ethereum. With Ethereum, we created a decentralized app, and integrated it into a Chrome extension that we called Pensieve. We demonstrated how the UI of Pensieve looked like, and how we were going to implement the idea of using this Chrome extension to store data into the Ethereum blockchain. We then explained the steps on how the files stored in the blockchain are done. After the explanation we did a quick demonstration of Pensieve. The presentations, although nerve wrecking, was a great overall experience both professionally and personally.

Take Aways

After both presentations we opened up the floor for questions. Both days of our presentation we gained new insights about our project. For one, we need to focus a lot more on weak points in our extension. Transferring data from the extension to the smart contract on the blockchain must be done securely. The blockchain suits some type of data better than others. All of the questions pushed us harder to think about the problem we were attempting to solve with Pensieve. Now we can add these new issues to the tasks we’ll have to handle in our future work.

What have we Learned

We have progressed a great deal over this past month or so. We started with almost no knowledge of how the blockchain system worked. In the first week, we spent most of our time researching what a blockchain was. The concept was foreign in many ways and we had to go through explanation after explanation to get it down. We also did not originally account for how many parts were needed to create a simple decentralized application. Here are all of the pieces we needed to learn and incorporate to build our prototype:

  • Solidity Programming Language for Ethereum
  • Truffle Framework and Ethereumjs-testrpc to compile, deploy, and test contracts
  • Web3js to connect blockchain data with the front-end Chrome extension
  • HTML, CSS, JavaScript to build the Chrome extension
  • Reactjs which allowed automatic updating of our web app and provided a framework for page navigation

At times, navigating which of these elements we needed to focus on to build the prototype was daunting. Fortunately, we were able to get something working before the presentation. Although it was difficult to get these components to play nice, each of these components listed above gives us a good base to work off of to refine the prototype and incorporate future additions.

Special Thanks

This project would not be possible without the support of Vaibhav Bhandari and Lib13. Thank you to Greg Moore and Clinton Fernandez who were great mentors throughout the program and were there to provide a helping hand each day. Thank you Growth Sector, Evergreen Community College, San Jose City Community College and countless others. Finally, thank you for reading.

For those interested in development updates, stay tuned to our github.

Classifying Android Malware Applications with Machine Learning

A graph summarizing the results

Editor’s Note: It’s challenging to use machine learning. This article by Polina Khapikova, Akshatha Muralidhar, Muhammad Qureshi, and Willie Santos outlines their approach to use ML to classify Malware applications on Android.


This week, our group approached the final part of our research project: implementing the machine learning algorithms we worked on previously, to classify Android malware. In this post, we will discuss the steps we took and the challenges we came across to modify our existing program to work with Android files. We also implemented data visualization at the end, in order to get a more pictorial view of the results we obtained.

Methods and Challenges

First, we had to do some research about what apk files were. Similar to PE files, or .exe files for the Windows operating system, .apk is a file format used by the Android operating system to install and execute applications.

To build our dataset, we found clean apk files on sites like and For our malicious files we used the github repository

We identified several features of the files to use for the Machine Learning algorithms. Two features we considered using were the size of the file and its certificate. However, we later removed these features. The file size was evenly distributed between the malicious and non-malicious applications, so it did not help us with our classification. Likewise, we learned that Android requires a certificate for every application, so this also did not help the algorithms categorize the files.

Thus, the main features we used were the permissions that an application requests from the system. Android splits the app permissions into two categories — “normal” and “dangerous”. The normal category is made up of permissions that Android does not think pose a security risk — for example, whether or not the phone is connected to a wifi network. The dangerous category is made up of permissions that could pose a security risk, allowing the user’s privacy to be compromised, or their data to be accessed or modified. This category includes permissions such as using the phone’s camera, recording audio, or reading text messages. (The dangerous permissions are the one Android asks about when you download apps through the Play Store. For more information, you can go to this link:

We used a github repository called apk_parse, that itself relied on the popular Android malware repository Androguard, to extract features. However, most of the features we found were returned as strings, which was incompatible with the ML algorithms we are using. To avoid having to research and select new algorithms, we modified the majority of our features to be Binary: whether or not the specified permission is requested by the application. (The one exception to this is the file size, which was returned as an integer).

Another unexpected challenge that we faced was finding a solid source where we could download malicious apk files. The only site we were able to pull malicious files from was a github repository (mentioned earlier). As of right now, roughly 35% of our collected apk files are malicious and the rest are clean. We hope to find more malicious files but we will be working with the files that we have already collected up to this point.

Another problem was that we originally studied, and began writing in Python 3. However, the github repositories we found used Python 2, so we had to convert all of our code into Python 2 so the different files would be compatible.


We used the matplotlib Python library to make a bar graph (shown below) so we could visualize how the features correlated to the maliciousness of the application. From the bar graph we derived from our python code, we can infer that the percentage of non-malicious files that required permissions were lesser than the percentage of malicious files that required permissions. This data makes sense theoretically, because malicious APK files will want more of the user information to use for compromising their privacy than non-malicious APK files.

In order to dissect the permissions that the malicious and non-malicious APK files asked for, we created a table.


From the data in the table, we can notice that 93.75% of the malicious APK files want to read the user’s phone state. The read phone state permission, allows the app to read the user’s phone number and serial number. It can also detect when a call is active, and the number it is calling. You can see why this would be a good permission for malicious applications to gain access to your information.

Future Steps

Since our internship is coming to an end, we are trying to wrap up our project this week. However, we are looking into ways to extend this project if a later opportunity presents itself.

One way would be to experiment with using different features. For example, what providers, receivers, services, and activities the app uses.

Another direction would be to use a framework such as Kivy to turn our program into an Android application. This could then be installed on a phone and work as an antivirus. It would use the machine learning techniques to correctly scan the android system, detect and remove the malware.

Project Summary — Got Malware?

Poster — Got Malware?

Editor’s Note: This post links to the final presentation artifacts — poster and powerpoint presentation of team Got Malware. Overtime we will add presentation videos as well. This post is authored by Polina Khapikova.

Our group spent most of last week preparing for the presentation and poster session that marks the end of our internship. Here are the links to the presentation and the poster. In both of them, we discussed what made us want to research malware, and the unique challenges that Android malware detection faces. Then, we explained machine learning, how our software works, and the results of our experiments.

We are also working on a research paper, that we will hopefully be able to finish before the start of the fall semester.