imchris.org

Sam, Shuo and I have had our paper accepted at the 2008 Symposium on Security and Privacy (Oakland) conference this spring. Here’s the PDF.

It was also written up in the news! “Secure web browsing with the OP web browser”, was featured in an article on eWeek in an article titled “Is There Room for a Security Browser?” By Ryan Naraine and the. The eWeek article was also Slashdotted (slashdot).

I’m going to Microsoft Research for the summer after I present at the IEEE Symposium on Security and Privacy. I’ll be out in Redmond, WA at the end of May through August. I’m going to be doing some pretty interesting research this summer (and some implementation). Once my slides are done for Oakland they will be up here.

This fall is a little bit different than most semesters – no class. I decided that I could fill my time easily enough with research that I didn’t need any busy work from courses. I’m currently working on web related security research, including client security, finding web exploits, and figuring out what to do with all of the amazing malware online. Once we have finished some of the work we are doing I’ll have links to source and papers online.

I’ve also been forced to participate in TCIP. I won’t put up here what I think of that project, but lets just say that I’m not all that happy about it.

This semester produced a couple interesting things. First, a project which tries to detect malware (particularly rootkits) and runs outside the OS, in a virtual machine. Second, another paper written by me, this time on botnets and command and control networks which use peer-to-peer protocols (open source and custom). I’m also finally done with all my course work at school.

Summer plans include a little bit of vacation time, DEFCON, and research here at school.

Summer 2006 was a good summer, definitely a good time, good job, and fun place. I worked in Berkeley, CA and lived right down the street from ICIR where I worked. Berkeley pretty much had everything I wanted and if its wasn’t downtown Berkeley, then its just a short subway (BART) ride to get there. There was a lot of things going on, and lots of crazy people wandering around (like me) at all times of the day.

As for my job, I worked with Vern Paxson on creating anonymization policy for application layer protocols. In my first couple weeks, I ported anonymizers for DNS and HTTP. After I did that I was familiar with the Bro IDS code and BINPAC, and was able to implement a parser for the SMB/CIFS protocol (as well as Netbios, MS Browse, and some RPC/named pipe functionality). The end result is a detailed parser for CIFS that can also rewrite packets in an anonymized form. This is the protocol that does most of the things in Network Neighborhood and allows users to mount network drives and do network file system operations. Its a complicated protocol, with many things going on that make it hard to parse (an anonymize).