Hello, I'm Alfred Manville (22 Years Old) and a 1st class Masters Graduate in MSci Computer Science with Cyber Security (Hons) from City St George's, University of London. I'm a also a free and open-source developer who enjoys networking my laptops together, writes network software to communicate between them and then tries to break said software; which is shown in my dissertation project. This project does need improving, though, I have written a successor library in Go under the 1f349 banner with a PQC extender, though, this only implements a packet based handshake and not the full VPN stack. Speaking of 1f349 I jointly run this with a group of people (Which runs our infrastructure). I also have a Youtube Channel which is partially in the process of being resumed from a hiatus.

On the programming side, I know Visual Basic .net, C# .net, C, Java, Go, JavaScript, C++, Python, Bash, Haskell, Processing and Microsoft Smallbasic (I have also dabbled in Batch and PHP). I am currently in the progress of writing infrastructure software in Go, in the past, I wrote a command console in VB .net for my own pluggable libraries (I created a CMD emulator to get past the school disabling interactive CMD) and some network communication applications (Including a peer-to-peer VOIP client using NAudio as the audio library and my own network wrapper library, however, it is in need of bug-fixing at the moment). The final major current project is completing my mesh networking project that fixes and extends my dissertation project.

My github username is Captain-ALM and has half my public programming projects, the other half is located at: https://gitcove.com/alfred

On the cracking / hacking side, I've participated in, the SANS run, UK Cyber Team CTF competition getting into the finals (And my team [20] came 10th)! I've also used virtual machines a lot (Mainly infrastructure testing but I did at one point try creating and breaking into a test windows domain network I had setup). I've also used VMs to pull perform a PXE boot off a network and analyse the partially deployed image (And this is why the deployment servers should be switched off when unneeded, especially since PXE auto-domain-join would store its credentials in the image). I also played around with accessing the RDP servers when I was in secondary school (Turns out remote apps is just a glorified application auto-launcher with window size detection). Here is Operation Control (Stylised: op_ctrl) used for same-computer exploiting by wrapping target applications run by other users (Such as via RDP Remote Apps) and then starting a master server to send arbitrary .net DLLs to execute on the target slaved client.

I also bake bread (Mostly learnt from my grandma). I also play video-games (Check my Youtube Channel or my GOG Profile) and am an expert at using lower-end hardware.

I used to do Karate (Kyokushin Brown Belt) and I wish I could still fit my bike.

And I do a bit of stargazing.

This project was supposed to provide a multi-platform (Android, Windows and Linux) VPN (Layer 3) using as devices as physical relay nodes creating a mesh (Multiple transport types for different forms of wireless and infrastructure networking would be supported) but, this was too ambitious and due to so many quirks (Permissions, background operations, etc.) with the Android platform (The first targeted) took a lot longer, The project uses a 'tun' adapter (Requiring a 3rd party library - wintun - on windows) for the VPN interface and should auto-configure the IP address based on the hashes of the public keys for the node. The keys are post-quantum ML-KEM (768) for key-sharing and ML-DSA (44) for authenticating packets (Unfortunately the key material is not cross comaptible between the two, unlike the original plan of using elliptic curve cryptography, which also causes a large increase in message size and the requirements to send separately and fragment signature packets). Two supported transports were planned - Bluetooth RFcomm, providing a serial-like stream connection, and Wi-Fi Direct proving a way to Wi-Fi link two devices and use UDP over the link. Unfortunately the Wi-Fi Direct connection was replaced with Wi-Fi infrastructure in the build created for submission due to being out of time (This mode scans for a well known port across the subnet of the connected network). The packets should have the type, TTL, data hash, destination (If unicast), source node IDs and the data. The nodes must maintain a routing graph; the IP addresses are based on the SHA256 Node ID where the first 3 bytes are used with 10.x.x.x and the last 6 bytes are used in fd0a:...

This is designed for people without running (Or overloaded) infrastructure networking (Either Wi-Fi or Cellular) to use for communication with standard applications; the specification also supports internet routing through a node, connected to the internet, that can act as a gateway. Onion routing of packets can also be supported.

The RFC like document, for the protocol, was planned first with diagrams for how nodes connect to each other depending on which transport is used. Research was also performed into the available APIs, with SDK 26 minimum on Android and Java 17, being targeted. The library was written in Java 8 and imported into the Android App, written after, in Java 17 using an SDK 35 target. The app used the Android Rooms database API to implement storage and generic recycler view model code was plugged in, to manage each of the tables. The App consists of a main activity and an editor/viewer activity. The VPN is processed in a foreground service. Testing was only done in the library (On packet streaming) and was lackluster.

In the time, a library full of bugs was produced alongside an App with support for changing settings, authorising permissions, creating a VPN adapter, using the BouncyCastle PQC APIs and ChaCha20, peering request management, peer management and topology viewing. Handshaking was fixed the day after the build submission.

In conclusion, this project did not go to plan with lots of set-backs, both due to the large nature of the project and heavy amounts of stress (Due to some personal issues and issues with the other University module I was doing). The mitigation operations stated in my Project Definition Document failed to take into account how bad things can go (Networking is notoriously difficult with buffer manipulation issues and was not helped with the lack of testing - I was supposed to implement a Go version of the library for the desktop platforms which would include unit testing, thats structurally easier in Go, but did not have enough time). This project is being continued and will eventually end up under the 1f349 banner (Though I want to streamline the protocol for embedded device support).

See also: ALM Mesh Net Proto ALM Mesh Net Android

This project used the official Road Safety Data (2023) from the Department of Transport (HM Government UK) and was done in a pair. The motivation behind it was to see if certain features of the data correlate and if so, could features be predicted given a set of features.

We asked the following questions:

1. What is the most likely vehicle age / engine size / vehicle type in a certain area; useful for resource allocation of emergency services?
2. What is the severity of an accident given the area, the light levels and weather conditions?
3. Is a driver’s age an important factor in determining the likelihood of a collision?
4. Are there any pedestrian demographics that are more at risk of being hit by a vehicle?

I wrote the data set loading and cleaning code with the ability to perform delayed loading, after providing features to be removed and the cleaning code / data types for each feature. The data types include continuous data such as car engine size and categorical data (Which needed to be enumerated into integers to be used as features). The data guide was programmatically processed to match a feature lable to an integer and the null / invalid values can also be detected and filtered out based on the labels that represented these. This data, fromm a public body, is verified to be as accurate as possible, and more credible than sourcing it from a 3rd party; although with large data sets, there were many rows with inconsistent and missing data.

Question Methodology and Results in order:

Since this data was locations based features, a K-Nearest Neighbour was used with distance weights; without enough data points however, regression fails. This was used relative to categorical data EG: Weather conditions but distance is meaningless in this situation. Automatic tuning of the distance weights via threading concurrency was used to attempt to find the best model. Support Vector Machines (SVMs) are better though could lead to misclassifications due to over-fitting (Through over-representation). K-Fold was used to shuffle the data for the SVNs, though this had little effect with the issues. The SVM, via a confusion matrix, showed classic overfitting and would need down-sampling for the results to be more accurate (Cars over-represented). The KNN showed a map of vehicle ages but was a lot more varied than the real data.

K-Nearest-Neighbour and a Sample Vector Regressor were used for both vehicle_age and engine_capacity_cc to predict the severity features. These were plotted in a confusion matrix and on graphs utilizing similar methods to the previous question. The SVR shows overfitting for slight accidents whereas the KNN classifier shows much better visualisation though slight severity was rather high and could have done with downsampling.

Demographic data used random forests providing the most accurate results - more basic models such as perceptrons had too low of an accuracy. Adjusting weights on the perceptrons, such as model training time and balanced class weight and decreasing learning weight to avoid overshooting helped somewhat but kept only a 30% accuracy. Other features were also tested with the driver age being found the most important feature. A scatter plot was created for inferencing, however, the mean of some combinations were impossible to calculate due to them being uncommon.

K-Nearest Neighbours / an SVM (Discrete) was used to introduce other demographic metrics (Similar the the previous question); sensible test sizes and balanced weights were used to downsample minor accidents to help determine risks without over-fitting. Random forests, again, provided the most accurate results, with casualty age being the most important feature and the confusion matrix from the SVM shows over-prediction issues.

See Also: Findings Presentation

This project was designed to operate as a Kahoot clone although the front-end never got completed by the other member of the pair (This was written in React).

This was created in a pair as part of the Cloud Computing module at City, University of London. It was built for use using google cloud and therefore uses many Google Cloud Platform Technologies which are listed and shown off in the video.

The communication protocol uses JSON packets passed either through a WebSocket connection or a REST based protocol that polls the server for data while sending the queued packets. The REST connection is used as a fallback system where WebSockets do not work; in addition, a REST connection is made to the master server to first work out which app server has the least load, once found, this is sent back to the client where the client will then attempt a WebSocket connection and, on failure, a REST session is created (A key is returned which is then used as a parameter in subsequent communications). In the event there is no more capacity, a service unavailable error is sent and a new VM will be spun up, in the case that any are left. The source code for this library can be found at https://github.com/Captain-ALM/gc-c-com and the master server source code can be found at https://github.com/Captain-ALM/gc-c-master-srv.

The main game loop was supposed to allow user generated quizzes once logged in along-side allowing for public quizzes that could be used and copied by other users. Only logged in users could start games where any user - both logged in or not - could join and answer questions within a set amount of time, with the person answering the fastest getting more points than people who answer later. The system would also have a leaderboard shown at the end of each question; it was also designed to recover from crashes and resume from the last question executed. The source code for the app server can be found at https://github.com/Captain-ALM/gc-c-app-srv where all this functionality does exist in the backend; the database source code can be found at https://github.com/Captain-ALM/gc-c-db.

Here, I star in an interview for City, University of London's Promotional Marketing Campaign. Join City!

Find the video here: https://www.youtube.com/watch?v=tOccImgskec

Find the general School of Science and Technology video here: https://www.youtube.com/watch?v=pkTCf4CWFSY

This group project was creating a Ticket Sales system for the fictional company AirVia LTD, for this the group had to both design the implementation and then write the code for it. Unfortunately, the project was not finished to a state where all the required features were added in and while all of the backend functionality except for the reports existed, the GUIs to view and control those backends was not available. Examples of this include: Sales, Transactions, Discounts and Reports where no GUIs were created or finished for any of these components. The design of the program was followed with a lot of adaptations (Rather than not being followed at all) and it architecturally made sense with the use of facade implementations; The use of facade allowed for other people to code against an interface while waiting for a controller to be finished which extended the interface.

The database system was handled via an abstraction layer I designed and wrote myself which supports 'locking' a record for keeping consistency when multiple instances of the program are running. This system uses an auxiliary table that has only the primary key column, a record is locked if it does not exist in the auxiliary table (Cannot delete) and is not locked if it does (Cannot insert); This allows for atomic locking and unlocking of the record. The implementation requires the record locked for safe access (Loading, Storing). The abstraction layer makes use of two base classes, one for a single record and one for a table; with tha table one allowing the creation and deletion of the extending table via a schema and name being provided (As seen in the source code). I also developed a backup system for the database that supports any table with the specifically supported data types used in the tables defined in the schema - removing the need to use third-party programs like SQLDump.

In the end, the following features were implemented: Login, Help / Error / Status Bar, Account System + GUI, Blank Types + GUI, Blanks + GUI, Customers + GUI, Discounts, Flexible Discounts, Sales, Transactions, Refunds, Dashboard + Notifications, Database Interfacing + Backup and Rates + GUI.

Find the source code here: https://github.com/karansambee/IN2018-Team-Project/tree/master

After learning python for my portfolio development option, I wanted to showcase what I knew in python. I usually make a network application in each of the new programming languages that I learn. For the repo showing me learning python please go to: https://gitcove.com/alfred/LearningPy

This project is a message based network communicator written in python and has a module for networking. The project allows the sending of text messages and files over a network. It also comes with a nice twist, in that if you select the pickle protocol, you can inject code into another client by sending a specially crafted message!

Find the source code here: https://github.com/Captain-ALM/CALMPyNetworker

This project is what's outputting this page at the moment! The backend is written in Go and there is both custom front-end Javascript and CSS! The pages support theming and the entries can be sorted through Javascript or on the backend through GET parameters.

This project is under the BSD-3-Clause License, so if reusing, you must scrub references to me, the yml file this is written in is under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Find the source code here: https://gitcove.com/alfred/cityuni-webserver

My first major project at City (A Java Game), concluding 2.2 Months of programming. This game uses the University provided game library (Which is just JBox2D extended).

Looking back on this, I wish I started earlier (Like January) that way I could have implemented all the features I wanted. This project allows for levels to be designed within the program and allows them to be edited as XML outside the program.

The code is extensible and it is relatively straight forward to implement new features. There are a few bugs that can crop up (Such as sticking to surfaces due to ground body updates) but I already know ways to fix them. This project relies on part of a GUI library I built in it and I had to modify the CityGame library by extending it. The audio and assets were also created by me, although they're a bit amateurish as I'm a computer scientist not an artist!

This game is designed to be a story based game... The tutorial level at the beginning of the game is the dream in which the main character dreams of being a ninja, this allows for the player to learn the controls and basic mechanics of the game. The next level is the training level in which the ninja trains within a monastery. The final level allows the ninja to "complete" the game while exploring a set of caves.

The game contains a mechanism system allowing for the unlocking of portals (Doors) for the character to progress within and between levels. The character contains a set of different stamina types, core stamina which if depleted causes a death, leg stamina which is a multiplier for doing any action that uses legs and arm stamina which is a multiplier for doing any action that uses arms. The game contains a weapon system of throwing stars, swords and throwable liquids.

Here is the repo: Awaiting core conversion, in order to be made public

The original video is available here: resources/stream/vid2.mp4

I may have not done any programming for this (Even though I know C#) but I helped write a good chunk of the background story (I also helped with the level design although it turns out 48 hours is hard to get polished stuff done in, so some stuff had to be axed).

Read about and get the game files from: https://globalgamejam.org/2022/games/shadow-work-8

Download the windows executable from: https://cdn.captainalm.com/download/game/dist/ShadowWorkExecutable.zip

The Design Document is available here: https://cdn.captainalm.com/download/game/design/Shadow-WIP-Story-Info.pdf

My first programming task at City, concluding the 2 week 2021 Programming Bootcamp, although I have only spent 3 days programming this and was a tad bit too ambitious. (I could have started earlier though)

This Processing project show that I can use arrays, loops, mouse and keyboard interaction and geometric transforms. The project contains a GUI library that I made to create the menu system for what could have been the Ninjaformer game.

Unfortunately, while the code for loading tile, sprite and level information exists (JSON, sprite sheet support); I ran out of time before the submission to actually even start on the game. But you can play around with the main code and build your own GUIs too so...

Here is the repo: https://github.com/Captain-ALM/Ninjaformer-Processing

The original video is available here: resources/stream/vid1.mp4