Research
Applied cryptography, secure systems, and privacy-preserving infrastructure.
Security Research · Applied Cryptography · Detection Engineering
Hi, I'm Joshua Berkoh
PhD Candidate · Security Researcher · Detection Engineer
~/philosophy
$ cat /etc/philosophy.conf
"Each problem that I solved became a rule which served afterwards to solve other problems."
Practice
Threat detection engineering, security tooling, and telemetry-driven validation.
Direction
Bridging academic rigor with operationally useful security outcomes.
About
Researcher first, builder always
My work sits at the intersection of rigorous security research and practical implementation.
I am a PhD candidate in Information Technology at the University of Cincinnati, with an anticipated graduation in August 2028. My research focuses on applied cryptography, secure systems, and the design of privacy-preserving infrastructure especially within anonymous communication networks like I2P. At the core of my work is a commitment to developing secured search solutions but also practical, scalable, and impactful in real-world security settings.
My academic foundation was shaped through both master's and doctoral studies at the University of Cincinnati, where I earned my MS in Information Technology in August 2024. I have a multi-phase research roadmap to bridge the gap between cryptographic theory and practice. It starts with the foundational number theory and provable security required for academic rigor and extends through practical implementation to ensure the results are industry ready.
Read More
Professionally, I've built experience across academia, industry, and high-stakes security environments. As a Security Engineer Intern at Intuit Inc., I contributed to internal security tooling and infrastructure hardening within a large-scale cloud environment. As an Adjunct Instructor at the University of Cincinnati, I redesigned and delivered undergraduate curricula in IT fundamentals, introducing hands-on labs that emphasized secure coding and systems thinking, training nearly 50 students in each cohort.
Previously, I served as a Security Operations Analyst at Virtual Infosec Africa, where I monitored critical financial infrastructure, helping the Banking system achieve > 60% detection rate and significantly reduce incident response times. I continue to sharpen my offensive and defensive skills by actively participating in Capture The Flag competitions and bug bounty programs, with acknowledgments from platforms like HackerOne and MetaCTF and hackinghub.
I'm equally passionate about community and mentorship. As a lead mentor with OWASP Cincinnati, an ISC² examination developer, and an AWS Community Builder, I contribute to open-source documentation, support peer learning, and guide aspiring security professionals. Currently, I'm also building tooling for cryptographic protocol analysis, integrating Python and Rust for practical implementations of secure systems.
Long term, I aim to advance the state of applied cryptography by bridging academic research and industry deployment pioneering systems that are both provably secure and operationally robust.
Writing
Recent work and technical notes
A mix of research reflections, study notes, and engineering write-ups grounded in security practice.
Building a Malware Reversing Lab on Proxmox
A walkthrough of the full architecture for a dual-purpose home lab: a Windows-based reversing environment for static and dynamic malware analysis, running alongside a detection engineering stack on the same...
Week 4 - Modern Encryption Primitives Beyond the Basics
Building on probability and secrecy, this week I explore advanced cryptographic primitives: Format-Preserving Encryption, Fully Homomorphic Encryption, Searchable Encryption, and Tweakable Encryption. I also examine how weak ciphers and wrong...
Week 3 - Probability, Perfect Secrecy, and the One-Time Pad
My third week dives into probability, conditional distributions, and formal definitions of secrecy. I work through shift cipher examples, Bayes’ Theorem, and the rigorous proof that the One-Time Pad achieves...
Projects
Public repositories and ongoing builds
Selected work that reflects my current engineering interests and experimentation.
Selected public repositories I actively build and maintain.
joshberk/joshberk.github.io
This is my Personal Website
joshberk/Agentic-Threat-Intel-Feed
This is my agentic threat intelligence feed project.
joshberk/PVE-Resource-monitor
A Python-based telemetry tool for Proxmox Virtual Environments running on Supermicro hardware. This script provides daily resource utilization reports and real-time hardware power consumption stats via Slack.
joshberk/DetectSim
A gamified "Cyber Range" where you learn to write high-fidelity detection rules, hunt threats, and avoid false positives.
Capabilities
Technical focus areas
Core languages, security domains, and systems skills that shape my research and engineering work.
Programming Languages
Python
HTML & CSS
JavaScript
SQL
Rust
Cybersecurity & Cryptography
Applied Cryptography
Security Analysis
Vulnerability Assessment
Incident Response
Secure Systems Design
Tools & Frameworks
Git & Version Control
Linux / Unix
AWS
Docker
Research & Academic Writing
Publications
Research in progress
Current academic work and emerging directions in secure systems and privacy-preserving infrastructure.
A Behavioural Graph Temporal Neural Network Framework Under Review
Contact
Open to research and security collaboration
If your work sits near applied cryptography, secure systems, or detection engineering, let’s talk.
Ready to collaborate on cryptography research or cybersecurity projects? Let's connect.
- LinkedIn: Joshua Berkoh
- GitHub: @joshberk