http://secdocs.lonerunners.net Latest security documents RSS feed for author Sergey Bratus en-us <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/6-hacking">hacking</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/104-chaos-communication-congress-27th-27c3-2010">Chaos Communication Congress 27th (27C3) 2010</a> <br/><b>Abstract</b>: Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. At some point I realized that I was learning more about what really matters in computer science from hacker conventions, Phrack, Uninformed, and other hacker sources than from any academic source. Moreover, it wasn't just about exploits and vulnerabilities, it was about how systems were really designed, as opposed to how developers thought and students were taught they were. Then I realized that the reason for vulnerabilities that kept on giving were quite deeply theoretical and involved, e.g., theory of computation and information theory. Very little of this was quoted or understood in the academic publications. Sat, 12 May 2012 06:31:29 +0200 http://secdocs.lonerunners.net/documents/details/5338-hackers-and-computer-science http://secdocs.lonerunners.net/documents/details/5338-hackers-and-computer-science <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/6-hacking">hacking</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/104-chaos-communication-congress-27th-27c3-2010">Chaos Communication Congress 27th (27C3) 2010</a> <br/><b>Abstract</b>: Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. At some point I realized that I was learning more about what really matters in computer science from hacker conventions, Phrack, Uninformed, and other hacker sources than from any academic source. Moreover, it wasn't just about exploits and vulnerabilities, it was about how systems were really designed, as opposed to how developers thought and students were taught they were. Then I realized that the reason for vulnerabilities that kept on giving were quite deeply theoretical and involved, e.g., theory of computation and information theory. Very little of this was quoted or understood in the academic publications. Sat, 12 May 2012 06:31:29 +0200 http://secdocs.lonerunners.net/documents/details/5339-hackers-and-computer-science http://secdocs.lonerunners.net/documents/details/5339-hackers-and-computer-science <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/6-hacking">hacking</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/104-chaos-communication-congress-27th-27c3-2010">Chaos Communication Congress 27th (27C3) 2010</a> <br/><b>Abstract</b>: Although most academics and industry practitioners regard "hacking" as mostly ad-hoc, a loose collection of useful tricks essentially random in nature, I will argue that hacking has in fact become a "distinct research and engineering discipline" with deep underlying engineering ideas and insights. Although not yet formally defined as such, it are these ideas and insights that drive the great contributions that hacking has been making to our understanding of computing, including the challenges of handling complexity, composition, and security in complex systems. I will argue that hacking uncovers and helps to understand (and teach) fundamental issues that go to the heart of Computer Science as we know it, and will try to formulate several such fundamental principles which I have learned from hacker research. At some point I realized that I was learning more about what really matters in computer science from hacker conventions, Phrack, Uninformed, and other hacker sources than from any academic source. Moreover, it wasn't just about exploits and vulnerabilities, it was about how systems were really designed, as opposed to how developers thought and students were taught they were. Then I realized that the reason for vulnerabilities that kept on giving were quite deeply theoretical and involved, e.g., theory of computation and information theory. Very little of this was quoted or understood in the academic publications. Fri, 11 May 2012 06:28:44 +0200 http://secdocs.lonerunners.net/documents/details/5337-hackers-and-computer-science http://secdocs.lonerunners.net/documents/details/5337-hackers-and-computer-science <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/198-greg-conti">Greg Conti</a> <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/49-reverse-engineering">reverse engineering</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/71-black-hat-usa-2010">Black Hat USA 2010</a> <br/><b>Abstract</b>: When analyzing large binary objects such as process memory dumps, proprietary data files, container file formats, and network flow payloads, security researchers are limited by the tiny textual window a hex editor and common command line utilities typically provide. To the uninitiated, these objects may appear to be homogeneous, but -- as reverse engineers know -- in reality they consist of many diverse parts: text, images, compressed data, encrypted regions, audio samples, data structures, and much more. Some of these parts are instantly recognizable to a seasoned reverser, and the nature of others (e.g., compressed data) may be guessed when suitably depicted. Yet, visual classification remains arcane and unaided by convenient tools that would both present objects at a glance and help segment them. The authors of this talk attempt to remedy this. The authors have laboriously gathered, cataloged, and studied forms of binary structure and will present a (concise) "visual dictionaries" of the binary structures you find in the wild and in the lab. You will see and understand the constituent parts found within binary objects, essential knowledge for the reverser, forensic analyst, and security researcher. You will be far better prepared to dissect proprietary data files, conduct memory forensics and deeply analyze any large binary object you may encounter. Wed, 07 Sep 2011 19:24:01 +0200 http://secdocs.lonerunners.net/documents/details/3976-voyage-of-the-reverser-a-visual-study-of-binary-species http://secdocs.lonerunners.net/documents/details/3976-voyage-of-the-reverser-a-visual-study-of-binary-species <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/198-greg-conti">Greg Conti</a> <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/49-reverse-engineering">reverse engineering</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/71-black-hat-usa-2010">Black Hat USA 2010</a> <br/><b>Abstract</b>: When analyzing large binary objects such as process memory dumps, proprietary data files, container file formats, and network flow payloads, security researchers are limited by the tiny textual window a hex editor and common command line utilities typically provide. To the uninitiated, these objects may appear to be homogeneous, but -- as reverse engineers know -- in reality they consist of many diverse parts: text, images, compressed data, encrypted regions, audio samples, data structures, and much more. Some of these parts are instantly recognizable to a seasoned reverser, and the nature of others (e.g., compressed data) may be guessed when suitably depicted. Yet, visual classification remains arcane and unaided by convenient tools that would both present objects at a glance and help segment them. The authors of this talk attempt to remedy this. The authors have laboriously gathered, cataloged, and studied forms of binary structure and will present a (concise) "visual dictionaries" of the binary structures you find in the wild and in the lab. You will see and understand the constituent parts found within binary objects, essential knowledge for the reverser, forensic analyst, and security researcher. You will be far better prepared to dissect proprietary data files, conduct memory forensics and deeply analyze any large binary object you may encounter. Wed, 07 Sep 2011 19:23:48 +0200 http://secdocs.lonerunners.net/documents/details/3975-voyage-of-the-reverser-a-visual-study-of-binary-species http://secdocs.lonerunners.net/documents/details/3975-voyage-of-the-reverser-a-visual-study-of-binary-species <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/199-wifi">WiFi</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/42-black-hat-usa-2008">Black Hat USA 2008</a> <br/> Mon, 28 Jun 2010 12:58:00 +0200 http://secdocs.lonerunners.net/documents/details/2599-active-80211-fingerpinting-a-secret-handshake-to-know-your-aps http://secdocs.lonerunners.net/documents/details/2599-active-80211-fingerpinting-a-secret-handshake-to-know-your-aps <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/199-wifi">WiFi</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/42-black-hat-usa-2008">Black Hat USA 2008</a> <br/> Mon, 28 Jun 2010 12:58:00 +0200 http://secdocs.lonerunners.net/documents/details/2600-active-80211-fingerpinting-a-secret-handshake-to-know-your-aps http://secdocs.lonerunners.net/documents/details/2600-active-80211-fingerpinting-a-secret-handshake-to-know-your-aps <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/142-logging">logging</a> <a href="http://secdocs.lonerunners.net/tags/details/257-log-analysis">log analysis</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Sun, 29 Nov 2009 06:08:31 +0100 http://secdocs.lonerunners.net/documents/details/1614-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing http://secdocs.lonerunners.net/documents/details/1614-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/142-logging">logging</a> <a href="http://secdocs.lonerunners.net/tags/details/257-log-analysis">log analysis</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Sun, 31 May 2009 13:33:00 +0200 http://secdocs.lonerunners.net/documents/details/951-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing http://secdocs.lonerunners.net/documents/details/951-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/142-logging">logging</a> <a href="http://secdocs.lonerunners.net/tags/details/257-log-analysis">log analysis</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Sun, 31 May 2009 12:59:00 +0200 http://secdocs.lonerunners.net/documents/details/950-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing http://secdocs.lonerunners.net/documents/details/950-entropy-based-data-organization-tricks-for-log-and-packet-capture-browsing <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/279-sergey-bratus">Sergey Bratus</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/257-log-analysis">log analysis</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/23-troopers-2008">Troopers 2008</a> <br/> Sat, 25 Apr 2009 21:50:00 +0200 http://secdocs.lonerunners.net/documents/details/783-organizing-and-analyzing-logdata-with-entropy http://secdocs.lonerunners.net/documents/details/783-organizing-and-analyzing-logdata-with-entropy