Lin, Yu-han’s Resume

• E-mail: guesslin1986@gmail.com
• Github: https://github.com/guesslin
• Homepage: https://guesslin.github.io
• Linkedin: https://www.linkedin.com/in/yu-han-lin-2a87a49a
• Phone: +886-931-271-926

Guesslin(Lin, Yu-han)

• Programmer of Golang, Python, and C/C++
• Interested in writing some stuff to change my life
• Experienced in Go/C/Python/TypeScript
• Player of Mini Quad-Copter

Brief

• More than 6 years of focus on backend development and network/backend technologies.
• Expert in Go, Networking, Kubernetes and Linux system.
• Experienced in C/C++, TypeScript, gRPC with Protobuf, Microsoft Azure, Google Cloud Platform and Amazon Web Services.

Summary

Worked at Glasnostic (2016.11 ~ 2022.07), specialized in system development and programming, usually using Golang programming language, have experience in network software and micro-services architecture developing in Golang. Have experience in EKS/AKS/GKE/OCP multiple Kubernetes platform. Interested in writing some stuff to make my life different.

EXPERIENCE

GLASNOSTIC (2016.11 ~ 2022.07)

Head of Engineer, since 2021.09, Glasnostic Inc.

Lead the engineer teams in Taiwan, including frontend, backend and data-plane in total 10 engineers. My major responsibilities are leading backend and data-plane development and keep developing data-plane features. Deal with cross-team communication of needs between frontend and backend. Communicate with CEO/CTO for the business needs.

Data-plane develop

• Develop a new Domain-Specific Language Runtime for traffic matching into Data-plane.
• Develop a Webhook callback in Envoy-WASM for customized real-time alert.
• Develop a new user-space network packet interception with AF_XDP.
• Design a new network deploy pattern for supporting Azure Gateway Load Balancer.

Backend develop

• Maintain and operate production site on a managed Kubernetes cluster.
• Develop single sign-on in backend for new-user authentication.
• Introduce IAC to our production deployment with Kustomize.
• Migrate Cloud infrastructure from Microsoft Azure to Google Cloud Platform.

Data-Plane Team Lead, since 2018.11, Glasnostic Inc.

The Glasnostic were fast-growing, grow to 14 engineers in Taiwan. Started with new team organization, Data-plane, Backend and Frontent. Leading Data-plane team, handling with different customers’ environments and their requirements. Keep focus on our data-plane application performance and stability issue.

• Lead a team of 4 engineers to develop data-plane applications with a state-of-the-art tech stack including DPDK, eBPF, SDN and WASM.
• Develop DPI filters into Data-plane application for security checking.
• Develop multiple network interfaces packet capturing for multiple networks I/O.
• Introduce NFF-GO into Router as an user-space network packet collector.
• Introduce eBPF into Data-plane application as an user-space network packet collector for the performance and compatibility.
• Develop the networking deploy pattern for different network environments.
  • Support Openshift Container Platform.
  • Support Antrea with OpenvSwitch.
  • Support AWS Gateway LoadBalancer.
• Improve Data-plane application life-cycle control for different deployment scenarios.
• Deploy cross-region EKS cluster over Wavelength with a state-of-the-art 5G demo application.

Software Engineer, since 2016.11, Glasnostic Inc.

As Glasnostic is a small start-up during 2016, I had learned and experienced in multiple technical domains.

• Develop a Near-Realtime traffic monitoring and control data-plane application written in Golang(95%) and C(5%).
• Develop Microservices backends written in Go, using gRPC with protobuf for inter-service communication.
• Develop a customized API-Gateway written in Go, serving with request dispatching, user authentication, and highly customized security filters.
• Patch the hyper-v netvsc driver module for our data-plane customization.
• Develop a new nff-go device binding tool written in Go.
• Develop a user-facing dashboard in TypeScript and Angular.
• Develop a network traffic simulator written in TypeScript, which can generating traffic metrics based on given network model.
• Deploy and maintain Kubernetes cluster on Microsoft Azure for the production and staging site.
• Deploy testing Kubernetes clusters on AWS EC2 with Rancher-rke and EKS.
• Deploy testing Kubernetes clusters with Kube-admin on bare metal servers.

INSTITUTE OF INFORMATION INDUSTRY (2013.10 ~ 2016.11)

Security Engineer, Information & Communication Security Technology Center

My major responsibilities in ICST are handling incident-response and sending out suspicious invasion alerts.

• Introduce revision control into team development flow, introduce git work flow.
• Develop security tools, including automatic log parsing, Linux IR-tools, Windows PE tools, Virus Total API query, CuckooBox customized.
• Malware analysis, deploy snort and YARA rule base on malware signature.
• Incident response, experience on IR cases, forensic investigation.

SKILL

Programming Language

• Golang
• Shell script
• C/C++
• Python
• TypeScript (Node.js)

Revision Control

• Git

Linux System Administration

• GNU/Linux (Ubuntiu/Debian/Gentoo/CentOS)
• Docker
• DNS/Mail/HTTP

Security

• Incident Response
• Malware Analysis
• Network Flow Analysis
• Reverse Engineering
• System Log analysis
• Static Analysis tool develop

Network Management

• Kubernetes (AKS/EKS/GKE/OCP)
• OpenvSwitch
• Istio/Envoy with WASM
• L3 Switch/Router, OSPF/BGP
• Firewall, iptables
• NetFlow

Cloud Platform

• Azure
• Amazon AWS EC2
• Google Cloud Platform

PROJECTS

Golang

• mits : Mutual Information Term Segmentation
• mh4gquest : Monster Hunter 4G Quest random list generator
• chartit : Generate Chart from CSV file
• have_fun : Find fun between us in google map, Link
• BF interpreter : bf language interpreter implement in golang
• snake : Simple linux console snake game write in golang

Python

• Taiwan reservoir storage auto-crawler : Auto Crawler for Taiwan reservoir storage capacity
• Mock note : Python Mocking module notes
• CEC Data set check : Central election commission dataset checker
• CEC DataSet : Central election commission dataset from 1994 to 2016
• Glastopf : Web Application Honeypot

C/C++

• Formosa-BBS : Formosa BBS system

Security

• Linux IR_tools : Script for Forensic on Linux
• PE Tools : My own writing tools for PE files analysis

Write-Ups

• leetcode
• Over The Wire : Bandit

Misc

• Talks : My talks slides
• Package-tips : Tips for writing GO package, and how to write test code in GO
• dotfiles : My dot-files configurations

EDUCATION

• Master degree of information management, department of information management, 2013, National University of Kaohsiung, Kaohsiung. (08/2011 ~ 07/2013)
• Bachelor of engineering, department of computer science and engineering, 2011, National Sun Yat-sen University, Kaohsiung. (08/2005 ~ 07/2011)

LANGUAGES

• Chinese - Native
• English - Conversational, Good (listening, reading)
• Japanese - Basic in both reading and listening
• Deutsch - A1 level

CONFERENCE

Taiwan Academic Network Conference

• A Case Study of APT Attack in Taiwan Academic Network(2014)
  • Based on a real APT case in TANet, validating the attack mechanism of each stage in APT Killer Chain model. Analyze the hacker attack pattern in TANet and provide suggestions to defense APT attack in order to reduce the impact.

Master’s Thesis

• A Study of Detecting Malicious Website Code Based on Text Mining Techniques(2013)
  • This research proposes a malicious website detecting mechanism based on mutual information text segmentation and text mining technique takes no manpower and wasted time on constructing website program parser and digging out feature of different attacking code for different vulnerabilities.

International Conference on Business and Information

• BotNet C&C Control Behavior Analysis Using HoneyPot and Reverse Hacking Techniques(2013)
  • Using reverse engineering techniques to modify the BotNet client to reverse hacking into the BotNet Command and Control Server to monitor the BotNet control behavior data, therefore, we found botnet attacks have highly cooperate behavior and control of botnet shifting behaviors.