Academic Work

Research

Graduate and undergraduate research in applied physics, systems engineering, and network architecture — forming the analytical foundation I bring to production infrastructure work.

KNU Kyiv National University

Electromagnetic Propagation and Wireless Signal Behavior in Urban Environments

Bachelor of Science · Applied Physics & Radiophysics · Kyiv, Ukraine

Download PDF (placeholder)

Abstract

This research examined electromagnetic wave propagation characteristics in mixed urban environments, with particular focus on the factors affecting wireless signal attenuation, reflection, and multipath interference at frequencies relevant to emerging broadband wireless access systems. The study combined theoretical analysis with empirical field measurements to develop a practical propagation model applicable to real-world network planning.

Research Summary

The study was motivated by the rapid expansion of wireless internet access in the Kyiv metropolitan area during the early 2000s — a period when wireless ISPs were deploying infrastructure with limited guidance from standardized propagation models designed for local conditions.

Measurements were collected across multiple urban microcell environments, capturing signal level variance as a function of distance, building density, and environmental conditions. The research applied Friis transmission equations and empirically derived path loss exponents to develop a simplified prediction model tuned to the physical geometry of Eastern European urban construction.

📡

Figure 1: Wireless propagation measurement grid — urban signal attenuation vs. distance across mixed building-density environments

Key Findings

  • Path loss exponent in dense urban configurations exceeded standard free-space models by 1.4–1.8×, highlighting the importance of locally calibrated models
  • Rooftop antenna placement reduced signal obstruction losses by 30–45% compared to mid-building mounting in residential block environments
  • Multipath interference at 2.4 GHz exhibited predictable seasonal variation correlated with foliage density, with summer attenuation increases of 4–7 dB in tree-lined corridors
  • Practical frequency planning guidelines developed from the data were applied directly to ISP deployment decisions, reducing site survey requirements
Connection to practice: This research directly informed the wireless ISP infrastructure I co-operated in the Kyiv suburbs — translating academic propagation modeling into real deployment decisions with measurable reliability improvements.

Relevance to Current Work

The analytical framework developed in this research — decomposing complex real-world behavior into measurable, modelable components — remains central to how I approach infrastructure engineering problems. Whether diagnosing unexplained packet loss, designing overlay network segmentation, or investigating cloud connectivity failures, the instinct to find the physical or logical root cause before tuning symptoms comes directly from this formative work in applied physics.

SFBU San Francisco Bay University

Enterprise Network Architecture for Hybrid Cloud Environments: Security, Observability, and Operational Resilience

Master of Science · Computer Systems Engineering · San Francisco Bay University

Download PDF (placeholder)

Executive Summary

This capstone project addressed the architectural and operational challenges of enterprise network design in environments where workloads span on-premises data centers, public cloud (AWS), and private cloud (Oracle Cloud Infrastructure). The research produced a reference architecture for hybrid cloud network connectivity prioritizing security, observability, and operational resilience — validated against realistic enterprise constraints including budget, staffing, and vendor compatibility.

The central finding is that most enterprise hybrid cloud networking failures are not technical failures — they are observability failures. Organizations cannot diagnose what they cannot see, and most hybrid network architectures create fundamental visibility gaps that accumulate into operational debt.

Problem Statement

Enterprise organizations increasingly operate workloads across multiple cloud providers and on-premises environments, but network architecture decisions are frequently made independently per environment rather than holistically. The result is fragmented connectivity, inconsistent security policy enforcement, and — critically — insufficient observability across the full traffic path.

This project examined how a mid-enterprise organization (1,500–3,000 users, 200–600 cloud workloads) should design hybrid network connectivity from first principles, with security and observability as first-class design requirements rather than post-deployment additions.

🏗️

Figure 1: Reference architecture — hybrid AWS/OCI network connectivity with centralized observability plane

Architecture

The proposed architecture organizes hybrid cloud networking into four functional planes:

  • Connectivity plane: Private interconnects between on-premises and cloud environments (AWS Direct Connect, OCI FastConnect), supplemented by encrypted overlay for cost-optimized secondary paths
  • Security plane: Centralized policy enforcement through a SASE/SSE platform providing Zero Trust access controls, consistent policy across all traffic paths regardless of origin or destination
  • Observability plane: Unified telemetry collection from VPC Flow Logs, IPFIX exports, DNS query logs, and application traces — normalized into a single operational data model
  • Operations plane: Automation-first change management with infrastructure-as-code, GitOps workflows, and automated compliance validation
🔀

Figure 2: Traffic flow matrix — on-premises to AWS, on-premises to OCI, and AWS-to-OCI paths with security control insertion points

Key Findings

  • Hybrid network security controls are most effective when enforced at the identity and session layer rather than the network perimeter layer — reflecting a fundamental shift in where trust decisions should occur
  • VPC Flow Logs alone are insufficient for operational observability; supplementing with DNS query logs and application-layer traces reduces mean time to diagnose connectivity issues by an estimated 60–70%
  • Infrastructure-as-code for network resources (Terraform) reduces configuration drift and enables meaningful audit trails for compliance requirements
  • Automation investment yields the highest return when focused on the most frequent operational tasks (access provisioning, configuration compliance validation, incident data collection) rather than rare complex tasks
  • Organizational friction — not technical limitations — is the primary barrier to hybrid network observability improvement in most enterprise environments

Lessons Learned

The most valuable outcome of this research was clarifying the relationship between architecture decisions and operational outcomes. Architectural choices that appear equivalent at design time often diverge significantly in operational practice — particularly around troubleshooting latency and incident response capability.

The research also reinforced that hybrid cloud networking is fundamentally a distributed systems problem, not a networking-in-isolation problem. The failure modes that matter most — cascading failures, split-brain conditions, asymmetric routing — require cross-domain visibility that most organizations have not invested in building.

Finally, the capstone process itself demonstrated the value of academic rigor for engineering practice: forcing structured literature review, explicit methodology, and documented assumptions surfaced gaps in my own operational mental models that I have since addressed in production environments.