Author Archives: daveti

About daveti

Interested in kernel hacking, compilers, machine learning and guitars.

Linux kernel I/O Stack Diagram

Posted on August 5, 2015 by daveti

Found this figure online. The title of this diagram may be biased as it is not the complete I/O stack but a concentration on block devices with a focus on SCSI layer. Some important missing stuffs, in my opinion, include … Continue reading →

Posted in OS, Programming | Tagged kernel, Linux, SCSI | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Posted on July 19, 2015 by daveti

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading →

Posted in OS, Security | Tagged kernel, Linux, lpm, lsm, paper, provenance, provmon, security, usenix | Leave a comment

Python Levenshtein distance – Choose Python package wisely

Posted on May 2, 2015 by daveti

Brad and I were working on some text similarity computation. One of the most popular string distance functions is the Levenshtein distance, which is also called the edit distance. We use Python for its brevity and widely-library support (OK, I … Continue reading →

Posted in Programming | Tagged distance, editdistance, levenshtein, Python | Leave a comment

More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations

Posted on April 12, 2015 by daveti

Our paper, as titled, has been accepted by DIMVA 2015 – Milano, Italy. While the final paper will not be released until July, we will have a brief summary of what we have done in this post. Another focus here … Continue reading →

Posted in Security | Tagged CSRF, OAD, OAuth, Python, security, Selenium | 1 Comment

Human Learning – some thoughts about Machine Learning and its applications

Posted on March 10, 2015 by daveti

I have attended a security conference recently. To my surprise, a great portion of accepted papers use some kind of Machine Learning techniques to achieve certain security targets. While I am NOT going to criticize any of the papers, this … Continue reading →

Posted in AI/ML | Tagged Linux, Machine Learning | Leave a comment

arpsec – Securing ARP from the Ground Up

Posted on February 26, 2015 by daveti

Our paper “Securing ARP from the Ground Up” has been accepted as a short paper by CODASPY15, which will be in San Antonio, TX from March 2nd to 4th. In this post, we will talk about our solution to ARP … Continue reading →

Posted in Network, OS, Security | Tagged arp, arpsec, CODASPY, DDoS, DoS, Linux, MitM, netlink, Prolog, relay, S-ARP, security, TARP, TPM | 2 Comments

Retrieve PID from the packet in Unix domain socket – a complete use case for recvmsg()/sendmsg()

Posted on February 17, 2015 by daveti

The original question was how to retrieve the PID of the packet (sender) in the Unix domain socket. As titled, the answer is recvmsg()/sendmsg(). However, the most useful information I could find online is Michael’s man7.org. People keep talking about … Continue reading →

Posted in OS, Programming | Tagged C, cmsg, Linux, recvmsg, sendmsg, socket, tlpi | 1 Comment

Bash Hacking – bash2, add setting CPU affinity support to the Bash

Posted on January 29, 2015 by daveti

This post is NOT initially designed for how to hack Bash. But it does tell the truth that hacking Bash is not that hard, by adding a useful feature to Bash itself – setting CPU affinity support. Have fun and … Continue reading →

Posted in OS, Programming | Tagged affinity, bash, bash2, CPU, Linux, shell, taskset | 4 Comments

Kernel Hacking – use crypto API in the IRQ context

Posted on January 17, 2015 by daveti

After my first post about Linux kernel crypto API, I keep playing with kernel crypto API for DSA and RSA implementations (will talk about these in my future posts). The truth is crypto API is NOT designed for IRQ context. … Continue reading →

Posted in OS, Security | Tagged crypto, IRQ, kernel, Linux, MPI | 1 Comment

Fedora 21 Workstation – some post installation issues after fedup from 20

Posted on December 22, 2014 by daveti

Believe or not, Fedora’s release upgrade is always troublesome, partially because of the package management imposed, which is initially designed to ease the update for binaries. After the painful experience from Fedora 19 to 20, I have just gone thru … Continue reading →

Posted in Linux Distro | Tagged fedora, fedup, gdm, Linux, mesa, nouveau, now, nvidia, selinux, xorg | 1 Comment