Backdoors: A Technical Definition
A proposed technical definition for backdoors
Backdoors, A Technical Definition
Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices
Published in the International Journal of Digital Forensics and Incident Response. http://www.sciencedirect.com/science/article/pii/S1742287614000036
The Dark Art of iOS Application Hacking
My talk on hacking and securing iOS application at Black Hat 2012.
Pirates vs. Ninjas: Mobile Forensics World 2010
My presentation from MFW 10 about the merging of the hacker and forensic community subcultures.
Bayesian Noise Reduction: Progressive Noise Logic for Statistical Language Analysis
“Detecting Statistical Anomalies in Lexical Reasoning Machines”
An algorithm to eliminate “noise” from a text sample in the setting of statistical filtering.
Data Center Threats and Vulnerabilities
Could terrorists use Data Centers to target critical American infrastructure? Here, we examine the vulnerablities in today’s data center facilities that would allow a large-scale, distributed terrorist attack on American soil.
Approaches to Phishing Identification Using Match and Probabilistic Digital Fingerprinting Technique
This paper establishes some requirements for phishing identification and explains various approaches to detection by looking for copying of web site layout and structure through source code (and optionally image) fingerprinting. This enables us to perform a number of exact-match comparisons to genuine websites or to other known attacks. Lastly, we also explore techniques to correlate different attacks to a single likely source.
Reasoning-Based Adaptive Language Parsing
Language classification typically employs a parser using a static set of parsing rules. This presents a problem for learning machines needing to parse different languages, many with different structural rules. Hand-written rules can also provide less-than-optimal parsing even for languages they were designed for, as subcomponents of words can sometimes be more useful. This paper introduces a technique to adaptievely reprogram a language parser to generate the most useful possible data, without any prior knowledge of a language or lexicon.
iPhone: Stealing Personal Information and Corporate Secrets
The PowerPoint slides for a Gartner presentation I gave about design flaws in the iPhone’s security architecture, and how to code around most of them.