My Profile Picture

Hello! I am Wai Tuck, a second year PhD student at the School of Computing and Information Systems at Singapore Management University. My interests are wide, but primarily lies in game theory, mechanism design, machine learning and its intersection with cybersecurity. I am lucky to be advised by Professor Arunesh Sinha, who is an expert in this area.

I graduated with top honours with a Bachelor of Science in Information Systems (with a second major in Applied Statistics) at Singapore Management University. I was fortunate to be part of the SMU-CMU Fast-Track program, and graduated with a Master of Science in Information Security from the Information Networking Institute at Carnegie Mellon University.

My undergraduate research was the implementation of a tool to analyze syntactic dependencies of software to measure change effort required for a proposed change in a given codebase. I performed empirical analysis to see if the heuristic holds for a number of large open source Java programs. The tool was later used to teach students design patterns in software engineering. I was fortunate to have Professor Kevin Steppe as my advisor for the project, who encouraged me to take it up and guided me through every step of the process in the research.

My graduate research at CMU looked at studying and using dynamic taint analysis to find bugs in node.js, in particular to find code injection vulnerabilities in packages in the NPM ecosystem. I was advised by Professor Limin Jia, and had the guidance and help from a PhD student, Darion Cassel, that made the research project a success.

In my free time, I play CTFs. I currently play with CTF.SG, a team I co-founded with a couple of amazing friends. We won our first DEFCON Black Badge in 2018 at the Red Alert ICS CTF in DEFCON 26. I previously played with the Plaid Parliament of Pwning back I was in Carnegie Mellon University.

I also do martial arts, and am a fan of Bruce Lee, hence the title of the blog :)

I hold a number of professional certificates that I did for fun (some were graciously sponsored by the SG:D Scholarship), listed below:

You may find a copy of my CV here. You may also contact me at me(at)waituck(dot)sg.

As always, hack on!