-
-
I am Dave Jing Tian, an (to-be) Assistant Professor in the Department of Computer Science at Purdue University working on system security. My research involves embedded systems, operating systems, and trusted computing.
Shoot me:
root@davejingtian.org Categories
Lab
Tags
- ABNF
- agile
- AI/ML
- Alcatel-Lucent
- android
- arp
- asn1c
- assembly
- bash
- ber
- bison
- BNF
- C
- CentOS
- CIS122
- Coverity
- crypto
- csv
- cuda
- DCA
- ddclient
- debugfs
- DH
- Diffie-Hellman
- drig
- elixir
- fedora
- fedup
- flex
- fsck
- gcc
- gdb
- GFW
- git
- github
- gnome
- gprof
- gpu
- guitar
- gumstix
- helgrind
- intel
- itevad
- Java
- jmgsim
- JVM
- kenai
- kernel
- kill
- ksh
- kvm
- ld
- Linux
- list
- mate
- netbeans
- netlink
- netstat
- nvidia
- OS
- overo
- Python
- relay
- security
- selinux
- sgx
- socket
- ssh
- Ubuntu
- UO
- USB
- valgrind
- x86
- x86_64
- yocto
Blog Stats
- 138,902 hits
-
All blogs on this website are licensed under a Creative Commons Attribution 4.0 International License. -
-
-
Category Archives: Security
A PoC of DoS attack in Elixir Actor Model
The naive way of using the Actor model in Elixir is using “receive” in a loop, which is then “spawn”d as a Erlang process. Unfortunately, a potential DoS attack could happen if the pattern matching is not coded carefully with … Continue reading
Posted in Programming, Security, Static Code Analysis
Tagged actor, DoS, elixir, Erlang, OTP
Leave a comment
Understanding kcov – play with -fsanitize-coverage=trace-pc from the user space
kcov is a kernel feature used to support syzkaller[1]. To provide the code coverage information from the kernel itself, the GCC compiler was patched to instrument the kernel image[2]. The kernel itself was also patched to enable this feature where … Continue reading
SGX Bug SKL012 and CHIPSEC
Intel SGX CPU (staring from Skylake) has been there for while. The good news is that there is still no known exploitation against SGX self yet, though there are some exploitations in the enclave code and Intel SGX SDK. In … Continue reading
Making USB Great Again with USBFILTER – a USB layer firewall in the Linux kernel
Our paper “Making USB Great Again with USBFILTER” has been accepted by USENIX Security’16. This post provides a summary of usbfilter. For details, please read the damn paper or download the presentation video/slides from USENIX website. I will head to … Continue reading
Malware Reverse Engineering – Part II
While most tools for MRE are staightforward, some of them require time, patience, and skills to show the full power. For static analysis, this means IDA; for dynamic analysis, it is OllyDbg (and WinDbg for Windows kernel debugging). In this … Continue reading
Malware Reverse Engineering – Part I
I took a “Malware Reverse Engineering (MRE)” class last semeter and it was fun to me, partially because I was not a Windows person, though I am still not. What seems ridiculous to me is how trivial one can write … Continue reading
Posted in Security, Static Code Analysis
Tagged IDA, Inetsim, malware, MRE, PEiD, PEStudio, PEview, Ransomware, RegShot, Windows
Leave a comment
Defending Against Malicious USB Firmware with GoodUSB
Finally, 4 months after our paper was accepted by ACSAC’15, I could now write a blog talking about our work – GoodUSB, and release the code, due to some software patent bul*sh*t. (I sincerely think software patent should be abolished … Continue reading
