Hi, I'm

Proma Roy

Graduate Research Assistant & Cybersecurity Student

I focus on secure systems, applied cryptography, network security, and privacy-preserving technology. My work connects software security, kernel-level detection, and human-centered security research to build systems that are safer, more transparent, and more resilient.

Portrait of Proma Roy

About Me

Based in New York City, my academic and professional journey is driven by a strong interest in how secure technology can protect people, systems, and data. My work bridges cybersecurity research, secure backend engineering, applied cryptography, and interdisciplinary problem-solving.

Currently, I work as a Graduate Research Assistant at RF CUNY, contributing to an NSF-funded research initiative focused on privacy-preserving digital safety platforms intended to support individuals at risk of intimate partner violence.

At CCNY, my recent project work includes cross-platform telemetry evasion detection on Windows 11 and Ubuntu, RSA secure-channel tooling with AI-assisted security analysis, Rust-based secure systems, and network security demonstrations.

Before transitioning into cybersecurity research, I gained industry experience in healthcare credential verification, documentation systems, data analytics, survey processing, and telehealth support workflows.

Education

The City College of New York (CCNY)

Exp. June 2026

M.S. in Cybersecurity

United International University

Dec 2019

B.S. in Computer Science & Engineering

Experience

Graduate Research Assistant

Mar 2026 – Present

Research Foundation of CUNY (RF CUNY) • New York, NY

Project: Preventing Intimate Partner Violence Using Digital Technology: A Transdisciplinary Approach.

Contributing to an NSF-funded research initiative focused on privacy-preserving digital safety technologies. Responsibilities include supporting the software development lifecycle, backend analytics workflows, research prototyping, system testing, documentation, interdisciplinary collaboration, and beta testing preparation.

Associate Vendor Coordinator

Mar 2022 – Feb 2025

Radiant Data Systems • Dhaka, Bangladesh

Managed healthcare credential verification and facility databases, maintaining consecutive 100% audit accuracy. Coordinated documentation workflows with external vendors and ensured strict compliance and record accuracy.

Data Artist

Nov 2021 – Mar 2022

Adiva Catalyst Solution & Graphics • Dhaka, Bangladesh

Conducted survey analytics, data verification, and generated analytical reports using SPSS and Excel. Supported quality assurance workflows and assisted with technical troubleshooting.

Junior Data Analyst

Jun 2020 – Jun 2021

a2i • Dhaka, Bangladesh

Supported COVID-19 Telehealth & Telemedicine Center operations. Managed data collection, documentation workflows, and maintained CRM systems to ensure data quality and operational consistency.

Research & Applied Work

Privacy-Preserving Digital Safety Platform

RF CUNY / John Jay College of Criminal Justice | NSF PFI-RP

Supporting an interdisciplinary project focused on privacy-preserving digital technology for individuals at risk of intimate partner violence. Work includes development support, research prototyping, backend data workflows, documentation, integration testing, and beta testing preparation.

Structural Silence: When AI Infrastructure Fails Speakers of Underrepresented Languages

SSRN Electronic Journal Preprint (2026) | Co-authored with Avijit Roy

This research examines structural barriers affecting underrepresented languages in AI systems, using Bengali as a case study. Topics include web presence disparity, multilingual training token imbalance, tokenization overhead, connectivity exclusion, and offline-first AI infrastructure.

DOI: 10.2139/ssrn.6522858 →

Structural Silence — Poster Presented at ILA 2026

69th Annual Conference of the International Linguistic Association | New York, NY

Conference poster presentation highlighting structural barriers that limit participation of underrepresented languages in AI systems. The poster focuses on Bengali as a case study and discusses web representation gaps, dataset inequality, tokenization overhead, and offline-first infrastructure as an equity-centered design direction.

Interactive Poster → DOI: 10.5281/zenodo.19991979 →

Featured Projects

Windows 11 Ubuntu Kernel Telemetry

OS Telemetry Evasion and Kernel-Resident Detection

CSC I0420 — Secure Operating Systems | CCNY | Spring 2026

Built a cross-platform case study testing whether ETW blind spots on Windows and Linux auditd suppression can be detected through independent kernel-level telemetry. The project compared ETW/auditd streams against kernel callbacks and eBPF tracepoints, flagging divergence as ghost-process or blind-spot evidence.

  • MITRE ATT&CK: T1562.006
  • Detected a 1.13% ETW gap and identified ghost processes
  • Measured a Linux blind spot of approximately 90 seconds
  • Validated 12/12 Windows tests
Python RSA AI Sentinel

RSA Encryption Toolkit with AI Sentinel

Network Security I (I7000) — Project 13 | CCNY | Spring 2026

Implemented an RSA-based secure-channel toolkit with key generation, encryption, decryption, digital signatures, hybrid encryption, MITM and downgrade demonstrations, logging, and an AI command center powered by local Ollama inference.

  • AI Sentinel maps natural-language requests to security modules
  • Supports IDS log triage and forensic session review
  • Provides post-execution analysis with MITRE ATT&CK alignment
Rust Security Audit

Security Audit of Rust-Based E-Voting System

Secure Systems Engineering | CCNY | Nov 2025 – Dec 2025

Conducted a comprehensive security audit of a Rust-based electronic voting platform. Applied STRIDE threat modeling, OWASP Top 10 mapping, CWE mapping, static analysis, and runtime fault injection to identify vulnerabilities across authentication, access control, cryptography, privacy, availability, and build integrity.

View Source →
Rust Cryptography

Threshold ElGamal Encryption

Secure Systems Engineering | CCNY | Oct 2025 – Dec 2025

Implemented a threshold cryptography system in Rust where no single party holds the full private key. The project demonstrates a 3-of-5 Threshold ElGamal scheme with distributed key generation, threshold decryption, and zero-knowledge proofs.

View Source →
Rust Systems Engineering

Smart Thermostat — Secure CLI HVAC Prototype

Secure Systems Engineering | CCNY | Sep 2025 – Oct 2025

Built a secure, role-based smart thermostat CLI with HVAC simulation. Implemented Argon2id password hashing, RBAC, session management, hardened SQLite storage, appended security logs, and a tamper-evident integrity check verified at startup.

View Source →
Python NLP

Bangla Sentiment Analysis

Undergraduate Thesis | United International University

An NLP-based sentiment analysis research and implementation project for Bengali text processing. Included dataset preparation, algorithm development, Python implementation, and NLP experimentation under the supervision of Professor Dr. Mohammad Nurul Huda.

Skills & Certifications

Technical Skills

Cybersecurity & Engineering

Secure Systems Secure Operating Systems Threat Modeling STRIDE OWASP Top 10 MITRE ATT&CK Detection Engineering Network Security Endpoint & Cloud Security

Systems, Telemetry & Cryptography

Windows ETW Linux auditd eBPF / bpftrace Kernel-Level Telemetry RSA Digital Signatures Hybrid Encryption Threshold Cryptography

Programming & Data

Python Rust C++ SQL / SQLite SPSS Data Analytics Ollama

Tools & Workflows

Git & GitHub Linux Technical Documentation Software Testing IDS Log Triage SIEM JSON Alerts

Certifications

Palo Alto Networks

  • Understanding Security Operations: Foundational — June 2025
  • Cloud Security Fundamentals — June 2025
  • Endpoint Security — June 2025
  • Cybersecurity Fundamentals — May 2025
  • Network Security Fundamentals — May 2025

Duolingo English Test

  • English Proficiency Certificate — Issued January 2025, expires January 2027

Languages

  • Bengali — Native / Bilingual
  • English — Full Professional
  • Hindi — Limited Working

Let's Connect

I'm open to discussing academic and applied security research, secure software development projects, network security, or interdisciplinary collaborations.