PROFILE // INVESTIGATOR-IN-TRAINING

About the Investigator

Cybersecurity student specializing in digital forensics and cybercrime investigation, with a foundation in electrical engineering and a methodical approach to evidence analysis.

Security+ Certified Academic / Simulated Work

View Case Files View Resume

FOCUS

Forensics fundamentals, network analysis, investigative documentation

APPROACH

Evidence first, hypothesis-driven analysis, clear limitations

ENVIRONMENT

Controlled labs, simulated datasets, redacted reporting

Professional Background

I’m building toward digital forensics and cybercrime investigation with a deliberate, systems-oriented foundation. I am currently pursuing a Bachelor of Science in Cybersecurity with a background in Electrical Engineering.

The portfolio is designed to show how I think: how evidence is preserved, how hypotheses are tested, how timelines are reconstructed, and how conclusions are documented with clear limitations. All casework and artifacts are conducted in academic or simulated environments.

Near-term work centers on network traffic interpretation, endpoint artifact awareness, and structured reporting habits that stand up in review. Over time, this expands into deeper incident response, malware triage concepts, and forensic methodology as coursework and practice mature.

Education

University of South Florida — B.S. Cybersecurity (Expected May 2028).

Certification

CompTIA Security+ (Earned Jan 2026) — baseline security principles, risk, core controls, and incident response concepts.

IDENTITY

Dontavious Ellis

Cybersecurity Student • Digital Forensics

Location Tampa, FL

Primary track Forensics / Investigation

Current mode Academic + Simulated

Contact Credentials

Presented for professional context. This site documents learning progression and controlled exercises.

Professional Development

A conservative snapshot of earned credentials and active development areas.

Certifications

CompTIA Security+

Earned Jan 2026

Foundational coverage of security concepts, risk, controls, common threats, and incident response lifecycle principles.

NOTE

Verification documentation can be provided upon request in an application or interview process.

Academic & Technical Projects

Network Intrusion Investigation (CASE-001) — Simulated DFIR Exercise

Jan 2026 – Feb 2026 • Windows 10 lab (VirtualBox) • Wireshark

Designed and executed a controlled Windows 10 lab to investigate recurring after-hours outbound HTTPS traffic.
Captured and analyzed 7,000+ frames (1,000+ packets) and reviewed 86 TCP conversations to identify baseline deviation.
Validated persistence via Windows Task Scheduler artifact (PowerShell logon execution) and correlated host artifacts with network evidence.
Applied NIST SP 800-61 incident response methodology to document workflow and remediation recommendations.

Published case report: View Case Files

Linux Infrastructure & Network Traffic Analysis Lab — Independent Project

Isolated virtual network • 3 Ubuntu VMs + 1 Kali • Nmap • iptables

Built an isolated virtual network to simulate red/blue scenarios and practice hardening and traffic visibility.
Captured and analyzed 500+ packets to identify cleartext credential transmission in unencrypted HTTP and FTP sessions.
Executed reconnaissance with Nmap (SYN scans, service enumeration, OS fingerprinting) across 10+ simulated endpoints.
Configured iptables rules to block suspicious traffic patterns and logged denied connections for post-incident analysis.

BullsAID (SCOPE Flagship Project) — Emergency Response Drone

Jun 2025 – Dec 2025 • Student engineering initiative

Conducted security review across 5 subsystems, identifying integrity risks and recommending cryptographic signing for telemetry streams.
Performed failure-mode analysis on the communications stack, identifying race conditions that could lead to data loss under packet loss.

BOUNDARY

Projects are presented as academic/student work and controlled practice. No live operational systems are involved.