Tag Archives: security

Defending Against Malicious USB Firmware with GoodUSB

Finally, 4 months after our paper was accepted by ACSAC’15, I could now write a blog talking about our work – GoodUSB, and release the code, due to some software patent bul*sh*t. (I sincerely think software patent should be abolished … Continue reading

Posted in OS, Security | Tagged , , , , , , , | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading

Posted in OS, Security | Tagged , , , , , , , , | Leave a comment

More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations

Our paper, as titled, has been accepted by DIMVA 2015 – Milano, Italy. While the final paper will not be released until July, we will have a brief summary of what we have done in this post. Another focus here … Continue reading

Posted in Security | Tagged , , , , , | 1 Comment

arpsec – Securing ARP from the Ground Up

Our paper “Securing ARP from the Ground Up” has been accepted as a short paper by CODASPY15, which will be in San Antonio, TX from March 2nd to 4th. In this post, we will talk about our solution to ARP … Continue reading

Posted in Network, OS, Security | Tagged , , , , , , , , , , , , , | 2 Comments

fsl – Fedora Security Lab

fsl (Fedora Security Lab) is a customized Fedora OS for security hack/test based Fedora 19. Like the famous BackTrace Linux, fsl has integrated a butch of security tools. To take the advantage of fsl, either security liveCD or all the … Continue reading

Posted in Dave's Tools, OS, Security | Tagged , , , , , | Leave a comment

shellcode 1 – comments for the doc “The Basics of Shellcoding”

Recently been doing some stuffs on Shellcode. After a while wandering in the net, I found the doc “The Basics of Shellcoding” by Angelo Rosiello may be the very concise introduction to start with shellcoding, especially for the newbie like … Continue reading

Posted in Security | Tagged , , , , , | Leave a comment