I thought of writing a new post about my experience at my grad school, IIIT Hyderabad, where I spent 3 years of my life. An experience that has been such a memorable one, that I said to myself, “Sure, it deserves a post !”. So here I present the gist of the memorable time spent during my pursuit of “higher studies”.
The story begins in year 2006, when I was one of the “lucky” fellows who got admission into one of most prestigious institutes of the country. Like everyone else there, I too was proud to be a part of the IIIT family. There were some noticeable differences between IIIT and the institute where I completed my bachelor. Apart from the faculty an infrastructure, the degree of participation of students in day-to-day activities clearly stood out, whether it was managing network and systems, conducting classes and tutorials, or anything else. There was a movie club that used to project movies on weekend (sometimes even the latest ones 
). Also, there was the famous DC++ P2P network that was used to share software, movies (and pretty much everything 
) easily within the campus. Upon joining the institute, I was allotted the last room of the wing located diagonally opposite to the stairs on the top floor of the old boys hostel (the farthest building in the campus), which made it the farthest room (from the main building) in the entire campus.
Chapter 1: The Course of Courses
After an orientation session on the first day, classes began the following day. My first class was of “Mathematical Foundations of Information Security” (used to be called as MF) course. The course was then taught by Dr. Srinathan, whom I didn’t knew until the class. While in the class, I was actually shocked to see him using linux 
, since I thought he was a maths prof (looking at the name of the course) and you don’t expect a maths prof using linux (unless he’s a geek ). Little did I know back then, that he was one of the czars of theoretical computer science (TCS) and distributed computing. The class covered some concepts in TCS. The class went on, with most of the things passing over my head. I had studied TCS back in B.Tech, but didn’t understand it well even then. By the end of the class, my disbelief had been removed when we got an assignment to write a virus (yeah.. no sh*t). The “interesting” classes continued, with many students dozing off in their seats (no, I wasn’t one of them 
). After some time, I became used to it. With only 6 classes per week (and a couple of tutorials), I used to spend most of my time in the MS Lab (which was the place allocated to the new MS students until they joined a research center). By this time, I had become a regular visitor to the coffee shop (also known as “Jersey”) and also to Paradise (Secunderabad), which I used to visit almost every week for lunch . Days went on, things were getting really scary as all the courses that I took (MF, Cryptography and Network communications) required a decent background in maths, which unfortunately I didn’t possess. To make the matter worse, the courses had relative grading, which means your grade was determined not only by how much you score, but also how well you compare to others in that course. Even then, I slogged and managed to get at least a B- in each course I took. I even got an A- in MF, though this can be attributed to the term paper in which I did well (well, at least I think so ). Although I had always been poor in making friends, I had made a few by the end of the first semester. Also, by this time I had become an avid movie watcher (thanks to the unlimited supply of movies on DC++) . Any movie with a decent action/thrill would be in my “to be watched” list, a list that, I believe, was growing in size quite rapidly.
At the end of the first semester, we were required to chose a thesis adviser. Since I had always been interested in security (no, not the theoretical one 
), I decided to chose Dr. Bruhadeshwar, who too was interested in network security, which is what I read on the faculty website. Upon meeting him for the first time, he gave me a glimpse on what problems can be worked on, such as spam. I decided to go ahead and chose him as my adviser as I was interested in the problems he described (and of course no other prof used to work on practical security issues at that time). Another reason for working with him was that I had freedom to select my thesis problem. Many profs do not allow students to select a problem for their thesis and instead “give them” a problem to work on.
The second semester came as a little relief, since I had chosen courses which pursued my research interests more appropriately. These were Research in Information Security (RIS), Information Security: Audit & Assurance (ISAA). But with great reliefs, come great problems. I had to chose Topics in Information Security (TIS) course as well, since my adviser had “recommended” it. It was an “advanced version” of the nightmarish MF course that I took in the first sem (If MF was nightmarish, I really don’t have words to describe TIS 
). The other two courses RIS and ISAA were actually interesting (and were being taught by my adviser). RIS covered a large number of topics in security research (it even included a term paper) while ISAA had some topics focusing on practical security issues, and some management crap. ISAA albeit being an interesting course, classes in ISAA were a joke, with almost every other class being canceled (perhaps my adviser was more interested in watching cricket matches at home ). This was the time when I met Sai. Little did I know back then, that our destinies were going to be tied together 
. The sem went on, while I was trying to read different topics in order to chose a thesis topic. For the term paper, my adviser suggested me to work on “Automatic Signature Generation”. Although it was quite an interesting problem, I had already made my mind to work on “DDoS attack in P2P networks” to which he promptly agreed. “Automatic Signature Generation” later went on to become Sai’s term paper . This was the time when we moved to our newly built research center called CSTAR (Center for Security, Theory & Algorithmic Research) from MS lab. CSTAR was, in fact, the successor of ACT (Algorithms and Complexity Theory research center). The name CSTAR, I believe, was a misnomer. The lab itself was so insecure that anyone with a little knowledge of a sniffer and a few other tools could grab “a lot of stuff”. I myself working on a network auditing project in ISAA, learnt that the research and student webmail was reading “everything” in plaintext 
(although now it has been fixed). On one occasion, I even managed to pick up password of our cryptography prof Dr. Venkaiah (ironically, he never made use of cryptography while using email) who was the de facto Head of Department (although he always denied that, I still wonder why ). But all this was done as a part of the project, and I never misused any information gathered (you see I am one of those ethical ones ). Not only that, any script kiddie who knew how to compile and run an exploit could actually pwn the server itself . The only reason I believe somebody didn’t do it was that it was a too easy target . There was little motivation for someone to break into a server which almost no one used (at that time). The two courses RIS and ISAA were going fine, while my understanding of TIS still su***d. There was no term paper either this time to save my a** (as in case of MF in the first sem). However, lecture notes came to my rescue this time. It was announced that lecture notes can be prepared by MS and PhD students and they can skip one midterm. The announcement came as a lifesaver to me (and of course to some other students ), and I managed to get an A- in TIS (I still have no idea how it happened). The sem had come to an end, and so were all my courses as I was done with all the credit requirement. By this time, Sai had joined as MS student under my adviser. I was finally able to visit my home (after 10 months) for the first time since I joined.
Chapter 2: A Taste of Research
Second sem was now over. The courses were done with. Now came the hard part. I had to get started with research, once I had decided my thesis problem. This is what summer vacations were meant for (then it wouldn’t be correct to call them vacations ). I started looking at the “Automatic Signature Generation” problem, which Sai was already working on as it was his term paper. To gain a better understanding, I started working on the prerequisites first, starting with x86 assembly and then moving on to software attacks (buffer overflows, format string and the like), which later went on to become my thesis problem. I actually found these more interesting and started gaining a better grip of the attacks. I would read any research paper that I could find on this topic. The problem had been there for about two decades now and there were 100+ papers available as a solution of buffer overflows alone. My adviser was away to Bangalore for some work at that time. The day used to be the slogging time, while I used night for recreation sometimes by watching a movie (or by playing a game on my laptop). After all I believed, all work and no play indeed makes Jack a dull boy . By this time, I had moved on from Age of Empires II (AoE-II) to Rise of Nations (RoN) on my laptop. Also, by this time, I had moved from top floor of Old Boys Hostel to ground floor of New Boys hostel.
Then came the third sem. Although I was done with the courses, I had taken up Pattern Recognition (PR). I thought it would help me with my research. Also, my adviser had “recommended” it (yeah.. again). I didn’t realize it then I would have to repent later. By this time, Vinayak (who was earlier in M.Tech CSIS (Computer Science & Information Security)) too joined the bandwagon under my adviser as MS student. I was even working as teaching assistant for System & Network Security (SNS) course now, which was taken by M.Tech CSIS students and a few others. I used to conduct classes, tutorials and even labs (I believe that includes pretty much everything ). Also, I was now trying to “refine” FormatShield, a “solution” to detect format string attacks, which was later to be submitted to a conference. PR classes continued, while I used to sit like a moron in the class 
. I believe, I lacked not just the motivation, but also the background and interest required for a course like PR. SNS course was getting really interesting, as most of the stuff we covered was related to what we were working on. My adviser still continued to make excuses for skipping classes (or canceling, or postponing and then canceling ) while we took most of the SNS course (yes, he actually acknowledged it verbally later ). The reason he used to give (that he’s stuck in traffic) had become a cliché. I had now started implementing FormatShield, which was to be sent to ACNS (or Usenix Security as my adviser saw fit). The exams were approaching, while I continued to ignore PR. Me and Sai decided to work together on the PR project. The project involved implementation of a “not so popular” research paper on malware detection. It took us just a few days to implement the project. The sem ended and I got a C in PR 
(my only C ever). By this time, my movies “watched” list had grown considerably and “to be watched” list had narrowed a little. I had become a fan of Spaghetti Western movies, Ennio Morricone’s whistling music themes, Clint Eastwood’s acting and roles (especially Dirty Harry series and The man with a no name trilogy), and, of course, action and gore in Quentin Tarantino’s movies . Many thanks to Azli for suggesting some really “good” (read it “bloody” ) movies.
-
-
Fourth sem had now begun. My gaming venue had changed from my hostel room to the lab , where I (and of course a few others ) used to play Counter Strike (CS). Also, I had started testing and evaluating my implementation of FormatShield. My adviser had decided to submit it to ACISP (perhaps because of a much lower acceptance rate of Usenix Security). About a month was left for submission when my adviser simply disappeared one day. No mails from him and no response at his cellphone either. One could hear different stories from different people about his sudden disappearance. Other profs simply dismissed such “rumours”. In any case, I decided to prepare my paper for ACISP. I was even working with Sai on an extension of our PR project on malware detection, which we decided to submit together (that too to ACISP). My adviser was not aware of this submission at that time. It was still about a week to the submission deadline, when I submitted a preliminary version of my paper (FormatShield). I spent the rest of the week working on the second paper and revising my first paper. It was last day of submission, when we came to know that the deadline has been extended by about 2 weeks. My adviser was back the next day. He came to know about the submission of the second paper from Dr. Srinathan, and was too eager to modify and submit the paper . This was our first submission, and we didn’t knew about the perils of submitting a paper with our adviser . The days went by, and he had not made much changes (apart from changing the language). The paper had swollen from 4 pages initially to 12 pages (because 12 was the limit), by inserting a lot of “explanations” (read it “crap”). The abstract itself was taking 1 page. One can say that the paper had literally “gone pregnant” . The new deadline was now approaching. It was the penultimate day of submission, when my adviser gave a call to me while I was in the lab. We (me and Sai) rushed to his office, where he wanted to discuss something about the paper. He had decided to put some more results in the paper . It was like an A-bomb had been dropped on us. After all, anyone would think WTH was he busy with for the past two weeks 
. Just a day was left for submission and he wanted us to carry out some more tests. It took us some time to perform those tests and get the results, after which he wanted more results (and graphs too). It continued till the next day, i.e. the last day of submission. That was the height of BS we witnessed. The paper was then modified for the remaining time. It was then submitted (finally) and we took a sigh of relief. By this time, another student Romanch (also in M.Tech CSIS) had joined under my adviser as MS student. The caravan had begun to grow .
After the submission, came the time to take a break. The gaming had now returned in lab (now even during the day time ). Some people gave it the name of “gaming zone”. Some others got pi**ed off with it, and even complained to Dr. Srinathan. But nothing happened. After about a month, I was back continuing my work (of course along with gaming ). After some time, the paper notification was out. Both of my papers had got accepted at ACISP. We (me and Sai) called our adviser to tell him the good news. He was quite excited to hear it. He congratulated us and told us that we can go and present our papers. By this time, I had started watching classic movies. I had become a fan of War movies (especially those based on WW2), Prohibition era gangster movies and Hitchcock’ian style mysteries and thrillers.
Chapter 3: A Tour of the East
Fourth sem had now ended. Friends in M.Tech were leaving. That made us a little nostalgic remembering all the time we had spent with them, especially with M.Tech CSIS which had become a part of the research center. On one hand, we were a little sad as many of our close friends were leaving, on the other hand, we were glad they had entered into the next phase of life. After a few days, we had started making preparations for the ACISP presentation. First for getting our paper registered and then for the travel. We would remind our adviser to get the papers registered (otherwise they would not be published) several times a week, to which he would politely reply “I will take care of it”, which was his another cliché. Even other people in the lab were getting frustrated for a lack of logistics in the lab. The lab was similar to a government office. With things moving really slow (if at all they did ), it was natural for anyone to get pi**ed off. In a meeting with the profs, several matters were discussed, including logistics and stipend among other things. Some of these matters (such as cleaning of lab) got sorted out, others (such as stipend) persist till date. Also, I had now been “officially” made the sysadmin of the research center. After days of reminding, our adviser finally got the papers registered. The hard part was getting the financial support. After fighting with bureaucratic red tape in the research center for about 2 months, we finally convinced them to prepare an application for the grant.
The day had finally come. My adviser called me about a couple of hours before leaving to give a lecture on “what to do” and of course “what not to do” in Australia. Azli was leaving the same day with us. On reaching the airport and spending a some time together, we bid adieu to our dear friend. Our flight was through Singapore, with stop of about 8 hours, which we spent on the city tour. We reached Sydney next day morning. We took a train to reach Sydney Central from where we took a bus to reach Wollongong. Wollongong was located about 80 km south of Sydney, and was famous for its beautiful beaches. ACISP was organized by the University of Wollongong. We took a “short” nap on reaching hotel in Wollongong as we were tired of the journey. It was about 5 pm in the evening when we woke up, and it was already dark . We went on for a short walk of the place, and even managed to locate a food joint serving Indian food . The place was very low on population, and the roads used to be lonely. One could barely see any traffic on the road, with a car or a bus going by once in every few minutes. After a recce of the place, we had dinner at the recently discovered food joint, and came back to prepare a little for the conference next day.
-
-
We woke up early next day. Sai had woke up ever earlier and couldn’t resist capturing the scenic view of the sunrise and the pacific from the balcony 
. It was indeed a splendid view. We had our breakfast and went to the university for the conference. The conference began with keynote by Xavier Boyen. The conference went on, while we tried to “digest” what was being presented. Most of the papers were on cryptography, and were indeed “encrypted” for us to understand . Sai’s presentation had been moved from the third day to the first day as the other guys (also Indian) were not present. The presentation went on well and we returned back to the hotel. Getting bored on the conference that day, we decided to skip it the next day and check out the place . Since cycling was one of best ways to roam around the city, we planned for an cycling expedition covering a number of spots along the pacific coastline. We spent the next day cycling along the coastline, covering the Flagstaff Hill, Port Kembla, and The ShellHarbour, among others. We spent the next day at the conference, as it was my presentation. The presentation went on well, and after the presentation we left for Sydney. We spent the next day in Sydney roaming around the city, covering Opera House, Harbour Bridge, Chinese Gardens and Chinatown among others. We returned the next day via Singapore. Perhaps it was one the great times we had during our stay at IIIT, and was indeed worth the effort we had put.
Chapter 4: The Final Countdown
The fifth sem had now begun. I had now begun to work for the next paper. We (me and Sai) were now teaching assistants for SNS course. I used to spend most of the day time working along with some sysadmin stuff. The meeting held earlier with the faculty discussed about deploying NFS in the research center. I used to enjoy administering the systems and network, and I would always end up learning something I didn’t know. NFS and NIS was deployed in the labs which was soon replaced with NFS and LDAP/SSL, with latter being more secure. But I guess, the people in lab were not ready for it. For several reasons, they still wanted machines as they were earlier, with all privileges. Then came the time to impose a restriction on printouts. After many failed attempts, I was able to implement a quota for the printer. I had now started writing my thesis. After about two months of preparation and typing, came out the first draft of the thesis. The gaming continued during the night. RoN and CS had come out as the most played games, with a couple of BS games as runners up. I used to work on the implementation part during the day, while the night was spent in gaming (sometimes in watching a movie) . Time went by and the deadline for submission was approaching. My adviser had decided to send the paper to ASIACCS. After researching, learning and writing code for next few months, the implementation was now complete and I had now started evaluating it. It was then submitted to ASIACCS. I had now submitted my thesis for preliminary review to my adviser, who kept it with him for about two months for “reading”. My guess is that it was not even opened . Such a sheer waste of time and effort ! After about two months, it was then submitted to the academic office for review.
-
-
After some time, the paper notification was out. My paper had not been accepted. It was then decided to send the paper to ACISP (yeah.. again ). The paper was pulled upside down and inside out. Almost everything except the core technique described in the paper was changed, even the title . Scores of results were added and the paper was sent to ACISP. The reviews were now over and public presentation was soon announced. I was waiting for the D-day (thesis defense), which was after the public presentation. The public presentation was more of a mockery, as only labmates and a few others showed up . After a textual spat over emails for the next couple of days with my adviser, came the D-day. The thesis defense went on for about an hour and a half. I guess it was not just my defense, but my adviser’s as well, with him answering several questions on my behalf . Finally, I had now completed requirements for earning a master of science .
The experience would indeed remain a memorable one. Thanks to all the folks at CSTAR/IIIT especially Alpha Centauri aka $@i, Leech, Christ, Zero, Hunk, Amu, Ramu kaka, SirRat, Dark Knight, Maverick, Napster, Deedee, Dexter and all those losers who couldn’t afford to have a gaming handle .
Adios
John Rambo aka T3rM1n470R aka Al Capone
