Backdoors: A Technical Definition

A proposed technical definition for backdoors
Backdoors, A Technical Definition

Identifying Back Doors, Attack Points, and Surveillance Mechanisms in iOS Devices

Published in the International Journal of Digital Forensics and Incident Response.

The Dark Art of iOS Application Hacking

My talk on hacking and securing iOS application at Black Hat 2012.

Pirates vs. Ninjas: Mobile Forensics World 2010

My presentation from MFW 10 about the merging of the hacker and forensic community subcultures.

Bayesian Noise Reduction: Progressive Noise Logic for Statistical Language Analysis

“Detecting Statistical Anomalies in Lexical Reasoning Machines”
An algorithm to eliminate “noise” from a text sample in the setting of statistical filtering.

Data Center Threats and Vulnerabilities

Could terrorists use Data Centers to target critical American infrastructure? Here, we examine the vulnerablities in today’s data center facilities that would allow a large-scale, distributed terrorist attack on American soil.

Approaches to Phishing Identification Using Match and Probabilistic Digital Fingerprinting Technique

This paper establishes some requirements for phishing identification and explains various approaches to detection by looking for copying of web site layout and structure through source code (and optionally image) fingerprinting. This enables us to perform a number of exact-match comparisons to genuine websites or to other known attacks. Lastly, we also explore techniques to correlate different attacks to a single likely source.

Reasoning-Based Adaptive Language Parsing

Language classification typically employs a parser using a static set of parsing rules. This presents a problem for learning machines needing to parse different languages, many with different structural rules. Hand-written rules can also provide less-than-optimal parsing even for languages they were designed for, as subcomponents of words can sometimes be more useful. This paper introduces a technique to adaptievely reprogram a language parser to generate the most useful possible data, without any prior knowledge of a language or lexicon.

iPhone: Stealing Personal Information and Corporate Secrets

The PowerPoint slides for a Gartner presentation I gave about design flaws in the iPhone’s security architecture, and how to code around most of them.


Leave a Reply