Castro Yoga is a lecturer currently serving at the Jaramogi Oginga Odinga University of Science and Technology (JOOUST). With a strong foundation in information technology and security, Castro has developed a significant academic and professional portfolio over the years.

Early Life and Education
Born in Nairobi, Kenya, Castro pursued his higher education with a keen focus on information technology. He holds a PhD in Information Technology Security & Audit from JOOUST, with his thesis titled "Network Architecture Defense: Holistic Security Pattern-Based Model" . Prior to this, he earned an MSc in Information Technology Security & Audit from JOOUST , and a Bachelor's degree in Information Technology from Makerere University.

Research and Projects
Castro has been actively involved in numerous research projects, notably serving as the Transect Leader for the JOOUST/VLIR-UOS project aimed at strengthening ICT infrastructure for enhanced research, teaching, and learning since April 2023. He also held positions such as Administrative & Research Data Manager for the GLUK-FUNZO Kenya project and Data Manager for the Kenya Service Availability and Readiness Assessment and Mapping (SARAM) project.

Publications and Contributions
He has contributed to the academic field through various publications, including articles on security measures in information systems and a book on provisioning virtual IT labs using open-source solutions. His recent works include studies on hybrid machine learning approaches for attack classification and holistic security pattern models for network architecture.

Professional Memberships and Workshops
Castro is a member of several professional bodies, including the Internet Society (ISOC) and the Linux Professional Association of Kenya. He has attended numerous workshops and conferences, contributing papers and participating in discussions on ICT and cybersecurity.

Academic Supervision
He has supervised multiple PhD, MSc, and BSc projects, guiding students in topics ranging from cyber-attack detection models to web security enhancements and digital forensic investigations.

Administrative Roles
In addition to his academic roles, Castro has held several administrative positions at JOOUST, including In-charge of Firewall at the Directorate of ICT  and previously Departmental Exam Officer in the Department of Computer Science and Software Engineering.

Research Interests

In my lab, we focus on the practical applications of AI in defensive cybersecurity, with several key areas of interest where students can make significant contributions:

1. AI-Enhanced Threat Detection Systems:
   We aim to develop and evaluate AI models that improve the accuracy and speed of detecting various cyber threats such as malware, phishing, and insider threats. Students will work on implementing machine learning algorithms (e.g., deep learning, ensemble methods) to analyze network traffic, system logs, and user behavior for anomaly detection and classification. Performance comparisons with traditional methods will also be a key aspect of this research.

2. AI for Automated Incident Response:
   Our goal is to design AI-driven systems that can autonomously respond to detected threats in real-time, minimizing the need for manual intervention. Students will create and test AI-based playbooks that can perform actions like isolating infected systems, blocking malicious IP addresses, or deploying patches based on predefined rules and machine learning insights.

3. Predictive Cyber Threat Intelligence:
   We seek to develop predictive models to forecast potential cyber threats based on historical data and emerging trends. Students will utilize AI techniques such as time series analysis and natural language processing to analyze threat intelligence feeds, security reports, and other data sources to anticipate future attack vectors and enhance defenses.

4. AI-Driven Vulnerability Management:
   This research focuses on enhancing vulnerability assessment and management processes using AI to prioritize and address vulnerabilities more effectively. Students will work on implementing machine learning models that predict the likelihood of exploitation based on factors like vulnerability characteristics, threat actor behavior, and system configurations.

5. Behavioral Analytics for Insider Threat Detection:
   Our lab is exploring AI systems that can identify potential insider threats by analyzing user behavior patterns and detecting deviations from normal activity. Students will apply machine learning techniques to build behavioral baselines for users and identify anomalous actions that could signal malicious or unintentional insider threats.

6. AI-Based Phishing Detection and Prevention:
   We aim to create AI tools to identify and mitigate phishing attempts across various platforms such as email, messaging services, and social media. Students will use natural language processing and image recognition to detect phishing content, analyze email metadata, and implement real-time alerts or filters.

7. AI for Security Configuration Management:
   This research focuses on automating security configuration management using AI to ensure systems remain compliant with security policies and best practices. Students will develop AI systems to continuously analyze system configurations, detect deviations from security policies, and recommend or implement corrective actions.

8. Explainable AI in Cybersecurity:
   We are interested in enhancing the transparency of AI systems in cybersecurity by creating models that not only detect and respond to threats but also provide understandable explanations for their decisions. Students will research methods to improve the interpretability of AI-driven alerts and recommendations for security analysts.

9. AI for Secure Software Development:
   Our lab explores how AI can be applied to enhance the security of software development processes, including code analysis and vulnerability detection. Students will develop AI-powered tools for static and dynamic code analysis, identify security flaws, and recommend fixes during the software development lifecycle.

10. Adaptive AI for Evolving Threat Landscapes:
    We aim to create AI systems that adapt to evolving cybersecurity threats by continuously learning and updating their models based on new threat data. Students will implement adaptive learning techniques that allow AI models to incorporate new data and threats dynamically, improving their effectiveness over time.

I am open to supervising students who are interested in these areas and look forward to collaborating on innovative solutions to advance the field of defensive cybersecurity.