News

  • [10/26/2019] OSUSEC won BSidesPDX CTF!
  • [10/17/2019] OSUSEC and one of my courses at OSU is featured in NSA.gov Newsletter!
  • [10/13/2019] OSUSEC placed 25th at HIT CON CTF 2019 Qualifier!
  • [10/09/2019] Our RDP fuzzing work, RDPFuzzing, is accepted and will be presented at Black Hat Europe 2019!
  • [09/25/2019] BlueMaster is accepted and will be presented at Black Hat Europe 2019!
  • [08/11/2019] r00timentary placed 8th at the DEF CON 27 CTF!
  • [08/08/2019] soFrida is presented at DEF CON 27 Demo Labs!
  • [06/14/2019] I am one of the recipients of the 2018–2019 EECS Innovative Teaching Award!
  • [05/22/2019] Our discovery of authenticaion bypass vulnerability in Android Smart Lock has received $3,133.70 bug bounty from Google!
  • [04/12/2019] Our discovery of an information leak vulnerability in Microsoft Remote Desktop Client has received $10,000 bug bounty from HackerOne!
  • [03/24/2019] OSUSEC won the 3rd place award at PRCCDC!
  • [03/10/2019] OSUSEC placed at 7th at UT CTF!
  • [02/23/2019] OSUSEC got the 3rd place at MITRE STEM CTF!
  • [02/01/2019] OSUSEC is featured in Corvallis Gazette-Times. Go Beavs!
  • [01/06/2019] Oregon State University won the NSA Codebreaker Challenge!
  • [01/02/2019] POSUP is published in PoPETS ‘19!
  • [01/01/2019] Happy new year! My story is covered in the Momentum Magazine!

Recent Publications

More Publications

. BlueMaster: Bypassing and Fixing Bluetooth-based Proximity Authentication (to appear). BlackHat Europe, 2019.

. Fuzzing and Exploiting Virtual Channels in Microsoft Remote Desktop Protocol for Fun and Profit (to appear). BlackHat Europe, 2019.

. Making Code Re-randomization Practical with MARDU. arXiv, 2019.

. soFrida - Dynamic Analysis Tool for Mobile Apps with Cloud Backend. DEF CON 27 Demo Labs, 2019.

. MultiK: A Framework for Orchestrating Multiple Specialized Kernels. arXiv, 2019.

PDF Project

Teaching

I have been teaching the following courses at Oregon State University (course evaluation score attached, max 6.0):

You can visit my Ratemyprofessor Profile.

Advising

I am fortunate to advise the following great students at Oregon State University:

  • Ping-Jui Liao (PhD, Fall 2018 – present)
  • Jinhong Choi (PhD, Spring 2019 – present)
  • Hadi Rahal-Arabi (MS, Winter 2019 – present)
  • Cody Holliday (MS, Fall 2018 – present)
  • Phillip Mestas III (MS, AMP, Spring 2019 – present)
  • Andrew Quach (MS, AMP, Summer 2019 – present)
  • Zander Nead-Work (BS, RELU, Summer 2019 – present)
  • Khuong Luu (BS, Honors College, Spring 2019 – present)
  • Lyell Read (BS, Honors College, Summer 2019 – present)

Experience

 
 
 
 
 
October 2017 – Present
Corvallis, Oregon

Assistant Professor

Oregon State University

Teaches hacking (attacks), cybersecurity (defenses), opearting systems (foundations), and many more day-to-day living skills for cyber ninjas.
 
 
 
 
 
January 2013 – December 2014
Atlanta, GA

Chief Engineer

Security Axioms

Worked at a research spin-off company during my Ph.D. study.
 
 
 
 
 
August 2010 – August 2017
Atlanta, GA

Graduate Research Assistant

Georgia Institute of Technology

Peeeeee-ache-Dee!

Recent & Upcoming Talks

Projects

Tags

Contact