Talks & Publications

Be Kind, Please Rewind: Adventures in creating a macOS record/replay debugger

REcon 2023

SoK: Enabling Security Analyses of Embedded Systems via Rehosting

Andrew Fasano, Tiemoko Ballo, Marius Muench, Tim Leek, Alexander Oleinik, Brendan Dolan-Gavitt, Manuel Egele, Aurélien Francillon, Long Lu, Nick Gregory, Davide Balzarotti, William Robertson

ACM ASIACCS 2021

Paper

Uncommon Sense: Detecting Exploits with Novel Hardware Performance Counters and ML Magic

Co-Presenter: Harini Kannan

Black Hat USA 2020

Slides

Capsule8 Webinar

The Black Hat talk was reworked and also presented as a Capsule8 webinar.

Webinar (registration required)
Cache-miss Ratio Based Spectre Detector

Using Linux Tracing for Security

Co-Presenter: Brandon Edwards

CSAW C2 2019

Slides
ptrace-less strace demo - A simple strace-esque tool using kprobes
conntrace demo - A uprobe-based connection tracker, that hooks getaddrinfo(3) and connect(2) to provide show hostname-aware connection information