Uddhav P. Gautam, PhD@VT
Systems Security Researcher and Platform Engineer
PhD@VT in Computer Engineering, advised by Haining Wang and Randy Marchany; founder of RGR Innovate LLC. This is the official website for both my academic work and the software and engineering work published through the LLC.
I work on Linux kernel instrumentation, eBPF observability, and Android and IoT security, with 15+ years of mobile and platform engineering experience.
Computer Security
System and platform security work across Android, Linux, IoT, and defensive instrumentation.
eBPF and Linux Kernel
Kernel tracing, observability, benchmarking, and overhead-aware instrumentation using eBPF.
Embedded and IoT Security
Systems work: measurement and engineering.
Bluetooth Low Energy Security
Systems work: measurement and engineering.
System Performance
Performance analysis, bottleneck discovery, and runtime tuning guided by measurement.
Network Security
Security analysis for networking paths, protocols, and connected devices.
Projects
Active work
eBPF tracing overhead analysis
Kernel observability work on reducing tracing overhead and improving measurement quality under real workloads.
Published and ongoingKernel protobuf firewall prototypes
Application-layer firewall and protobuf parsing work in the Linux kernel using custom kfunc support and TC-based enforcement.
PrototypeResearch-to-product engineering
RGR Innovate LLC: software built around research ideas, with focus on reliability, usability, and security.
Applied systemsUpdates
Recent
Paper published: Eliminating eBPF Tracing Overhead on Untraced Processes
Paper published: HELOT: Hunting Evil Life in Operational Technology
Writing
Technical articles
September 05, 2025
Software Design & Quality
Software Design and Quality Software Design and Quality Assignments Software Quality Attributes Robert Glass does not include all of the quality attributes that are in...
Read articleFebruary 12, 2025
PID Reuse Can Cause Supervisor Confusion
The power of pidfd PID Reuse Can Cause Supervisor Confusion In a traditional PID-based system, the supervisor tracks processes by their PID, leading to potential race ...
Read articleFebruary 09, 2025
List All Tracepoints of Your System
List all tracepoints of your system From inside qemu, start a python based webserver, go to qemu, make qemu-run root@q:/linux-dev-env# python3 -m http.server 52223 --d...
Read article