News

As one aspect of educational outreach, I sometimes agree to mentor high school students in a security-related project. One of these turned out to require script deobfuscation to proceed with the project’s objective. Since dynamically unpacking an obfuscated script is a tall ask for a university-level student (let alone someone in high school), I spent some time doing just that and decided to write it up here.

Containers are heavily used in my Network Security class as well as in industry for cloud workloads. This document serves as an incomplete but hopefully helpful quickstart for Network Security students that need to create and run containers for class labs and assignments.

One of my first papers, Detecting Kernel-Level Rootkits Through Binary Analysis, was selected for the ACSAC Test of Time Award at this year’s conference! Thank you ACSAC!

PortSwigger Research, the research arm of the folks behind Burp, has named our USENIX 2020 paper on web cache deception their top web hacking technique of 2019! There was a number of very interesting new web attacks in contention this year, so we are very honored to have been selected. Thanks PortSwigger!

If you want to start a Ph.D. to solve open problems in security, I would love to talk to you! To get the ball rolling, here is some information about the group and what I look for in an applicant.

Since I frequently get questions from people just setting out on the path (or even some ways along the path) to becoming future cybersecurity experts, here is some quick advice on making the best of your all-too-brief undergraduate years.

VolgaCTF qualifiers were held last weekend, and this time around I sat in on 0xBU’s team. I managed to solve Transformer, a 400 point reverse engineering challenge, and so here is the requisite writeup.

This year’s edition of the iCTF took place last Friday, and Northeastern fielded a team this year that placed respectably. (At least, we beat BU – sorry Manuel!) I spent most of the day helping out with turing_award, so – as is tradition – here is a writeup on our solution.

If you happen to be at USENIX Security this month, consider dropping by the Friday panel on security competitions! Dave Levin, Sophia D’Antoine, and myself are going to be up on stage pontificating about the relative merits of Capture the Flag and teaching people to hack versus building, breaking, and fixing software. It’s sure to be an interesting time!

Amin will be presenting his latest work on fighting ransomware at USENIX Security this summer. The system he’ll be talking about is called UNVEIL, which enhances dynamic sandboxes to accurately recognize ransomware-like behavior.