Ali Khalaf
Cybersecurity Analyst & Automation Specialist bridging the divide between secure network design and ML threat intelligence.
01. Profiling
Executive Overview
I am a dedicated cybersecurity researcher specializing in the design of secure network topologies, compliance architectures, and machine learning infrastructure to identify and combat modern threat landscapes. My development strategies integrate secure system engineering with programmatic cloud scale.
This dashboard serves as a live, functional, single-pane portfolio engineered to showcase active systems deployments, threat detection code, and educational exploration of networking protocols. Every system listed represents a practical installation designed to satisfy enterprise challenges.
02. Calibration
Technical Capability Matrix
Security & Networks
- Enterprise VLANs / VPNs 90%
- Intrusion Prevention (IPS) 85%
- ISO27001 / NIST SP 800 80%
- Wireshark PCAP Analysis 85%
Code & ML Engineering
- Python (Scikit-Learn, OCI API) 92%
- XGBoost / Classification 88%
- Docker & Docker-Compose 85%
- Bash Shell Automation 80%
SysOps & Labs
- Headless Debian Server 90%
- Tailscale VPN Routing 88%
- Prometheus & Grafana 85%
- Pi-hole DNS Security 90%
03. Implementations
Core Technical Deployments
Oracle Cloud Sniper
Automated OCI ARM instance provisioner script engineered to handle resource constraints programmatically through RESTful orchestration APIs.
XGBoost Cyber Classifier
High-precision threat classifier evaluated on CICIDS datasets to capture malicious traffic with 99.9% detection score accuracy.
Secure Homelab Stack
Headless home environment routing network traffic through secure Pi-hole DNS filters, Tailscale exit tunnels, and containerized Docker clusters.
Network Boundary Research
Analytical investigation of ISP boundary restrictions, examining policy enforcement structures and secure reconnaissance methodology.
Enterprise Network Design
Complete network layout deployment planning incorporating isolated VLAN segments, perimeter security, and IPS boundaries.
Compliance Audit Framework
Automated governance tracking matrix parsing telemetry inputs against key framework thresholds for ISO27001 standard compliance.
Oracle Cloud Sniper
Programmatic resource allocation bypass for highly constrained free-tier ARM shapes.
The Problem: The Oracle Cloud Infrastructure (OCI) free-tier offers highly capable Ampere ARM Compute shapes, but availability is restricted because other accounts claim instances automatically inside resource pools.
The Solution: Built a programmatic automation engine in Python that regularly interrogates OCI APIs, executing backoff algorithms and handling continuous requests securely without resource exhaustion or key compromise.
System Architecture Spec
Provisioner Interface CLI
XGBoost Threat Classifier
Machine learning threat categorization utilizing high-dimensional network flow records.
Developed a low-latency network flow categorization model using XGBoost that operates over massive, raw network metrics arrays to flag suspicious transactions at speed.
Technical Execution: Trained and benchmarked on the benchmark CICIDS2017 intrusion dataset, engineering key traffic features (Packet size variance, Flow Inter-Arrival times) to isolate infiltration patterns without suffering statistical biases.
Interactive Classifier Predictor
Adjust parameters dynamicallySecure Homelab Stack
Private headless host and remote telemetry logging clusters.
A comprehensive local private network environment built over low-footprint headless host systems, optimizing RAM and storage allocations while locking access pathways.
Secure Perimeter: All DNS lookup requests are resolved securely through isolated Pi-hole Docker containers blocklisting active telemetry networks. System administration access pathways require multi-factor encrypted authentication routed strictly via a private Tailscale subnet.
Service Allocations
Grafana Telemetry (Live Simulation)
● connectedNetwork Boundary Research
Deep packet analysis of carrier-level network limits and policy enforcement strategies.
This project focuses on the academic study of network protocols, boundary conditions, and ISP limit structures. By tracing how network layers determine and tag cellular hotspot transactions, we isolate policy boundaries.
Scientific Methodology: Monitored routing headers using Wireshark, validating how specific header signatures (such as TTL manipulation or distinct user-agent signatures) communicate routing rules back to service centers.
Observed Protocols
Carrier Header Parser Logs
Enterprise Network Design
Isolated campus network design blueprint utilizing robust security models.
This blueprint specifies a segmented network design for modern business operations. It prioritizes perimeter security, traffic separation, and rapid packet delivery over multiple subnets.
Network Architecture Highlights:
- Logical separation using dedicated VLAN matrices.
- High availability design with redundant load balancers and core switches.
- Dedicated intrusion prevention zones for critical data vaults.
Zone Segmentation Mapper
Hover zone to verify policyHover over any network segment card to preview access control lists.
Compliance Audit Framework
Continuous governance and audit monitoring engine for regulatory frameworks.
A custom auditing utility built to programmatically parse configurations against key control standards, outputting immediate compliance ratings.
This system bridges technical deployment details with executive security reporting, ensuring critical security benchmarks (like password complexity, port exposures, and identity storage mechanisms) match target governance frameworks.
Interactive Compliance Tester
Toggle system configuration settings to dynamically evaluate the target readiness rating: