-
-
I am Dave (Jing) Tian, an Associate Professor in the Department of Computer Science at Purdue University working on system security. My research involves embedded systems, operating systems, trusted and confidential computing, and hardware security. All opinions are my own.
Shoot me:
root@davejingtian.org Categories
Tags
- ABNF
- agile
- AI/ML
- Alcatel-Lucent
- android
- arp
- asn1c
- assembly
- bash
- ber
- bison
- BNF
- build
- C
- CentOS
- CIS122
- Coverity
- crypto
- csv
- cuda
- DCA
- ddclient
- debugfs
- DH
- Diffie-Hellman
- drd
- drig
- elixir
- fedora
- fedup
- flex
- fsck
- gcc
- gdb
- GFW
- git
- github
- gnome
- gprof
- gpu
- guitar
- gumstix
- helgrind
- intel
- itevad
- Java
- jmgsim
- JVM
- kenai
- kernel
- kill
- ksh
- kvm
- ld
- Linux
- list
- netbeans
- netlink
- nvidia
- OS
- overo
- Python
- relay
- security
- selinux
- sgx
- socket
- ssh
- Ubuntu
- UO
- USB
- valgrind
- x86
- x86_64
- yocto
Blog Stats
- 276,018 hits
-
All blogs on this website are licensed under a Creative Commons Attribution 4.0 International License. -
-
-
Author Archives: daveti
A PoC of DoS attack in Elixir Actor Model
The naive way of using the Actor model in Elixir is using “receive” in a loop, which is then “spawn”d as a Erlang process. Unfortunately, a potential DoS attack could happen if the pattern matching is not coded carefully with … Continue reading
Posted in Programming, Security, Static Code Analysis
Tagged actor, DoS, elixir, Erlang, OTP
Leave a comment
A pitfall of GenServer programming in Elixir
OTP as a programming platform/framework, empowers not only Erlang, but also Elixir. This post looks into a pitfall when programming GenServer in Elixir, and provides a potential solution. All callbacks in the GenServer behavior have a limited and pre-defined possible … Continue reading
Posted in Programming, Static Code Analysis
Tagged dialyxir, dialyzer, elixir, GenServer, OTP
Leave a comment
Pitfalls in negative indexing in C
Negative indexing in C, such as a[-1], is legit, although rarely used. There are reasons (pitfalls) why negative indexing is not recommended. This post discusses these pitfalls when using negative indexing (for fun). 1. Negative indexing within the bound In … Continue reading
USB gadget functionalities in Android
I started working on Android stuffs this summer. While I mainly work on the USB layer within the Linux kernel, I do sometimes need to look into the Android framework, to see if I could achieve my goal from the … Continue reading
Understanding kcov – play with -fsanitize-coverage=trace-pc from the user space
kcov is a kernel feature used to support syzkaller[1]. To provide the code coverage information from the kernel itself, the GCC compiler was patched to instrument the kernel image[2]. The kernel itself was also patched to enable this feature where … Continue reading
SGX Bug SKL012 and CHIPSEC
Intel SGX CPU (staring from Skylake) has been there for while. The good news is that there is still no known exploitation against SGX self yet, though there are some exploitations in the enclave code and Intel SGX SDK. In … Continue reading
getdelays – get delay accounting information from the kernel
Top may be the most common tool in use whenever a preformance issue is hit. It is simple, quick and dumb. Besides the heavy metal stuffs like perf and gprof, another really useful and simple tool is getdelays, which provides … Continue reading
Posted in OS, Programming
Tagged getdelays, kernel, Linux, netlink, Performance, taskstats
Leave a comment
Making USB Great Again with USBFILTER – a USB layer firewall in the Linux kernel
Our paper “Making USB Great Again with USBFILTER” has been accepted by USENIX Security’16. This post provides a summary of usbfilter. For details, please read the damn paper or download the presentation video/slides from USENIX website. I will head to … Continue reading
Fedora Upgrade from 21 to 24
After almost 5 hours of upgrading, my server has been successfully upgraded from Fedora 21 to Fedora 24, which uses the latest stable kernel 4.6. There is a online post demonstrating how to upgrade from Fedora 21 to 23 using … Continue reading
Malware Reverse Engineering – Part II
While most tools for MRE are staightforward, some of them require time, patience, and skills to show the full power. For static analysis, this means IDA; for dynamic analysis, it is OllyDbg (and WinDbg for Windows kernel debugging). In this … Continue reading
davejingtian.org 