My coauthors and I will be presenting an extended abstract in the 25th Conference on Knowledge Discovery and Data Mining (KDD'19) in August. Below is a preview: Title: MLsploit: A Framework for Interactive Experimentation with Adversarial Machine Learning Research Authors: Nilaksh Das, Siwei Li, Chanil Jeon, Jinho Jung, Shang-Tse Chen …

My coauthors and I will be presenting a paper in the 22nd Information Security Conference (ISC'19) in September. Below is a preview: Project Page Title: Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces. Authors: Carter Yagemann (Georgia Tech), Salmin Sultana (Intel Labs), Li Chen (Intel Labs), Wenke …

My coauthors and I will be presenting an extended abstract in the workshop on Explainable AI at CVPR 2019 in June. Below is a preview: Title: To believe or not to believe: Validating explanation fidelity for dynamic malware analysis. Authors: Li Chen (Intel Labs), Carter Yagemann (Georgia Tech), Evan Downing …

Last year I wrote a blog post about using the analytics publicly released by the USA government to gleam some information about H&R Block's mobile apps. If you haven't read it, I recommend doing so because in this post I'm going to give an update for the 2019 tax …

Awhile ago I was notified that the documentation on Android's Intent Firewall that I wrote while I was a student at Syracuse University is no longer available. Surprisingly, despite how old the document is, I still get requests for it. Thus, I've taken the time to make a copy of …

In an upcoming paper I plan to present some preliminary work in applying machine learning to program control flows to detect anomalies. Specifically, my coauthors and I demonstrate how to use this to analyze document malware with promising accuracy. In previous posts, I've detailed the threat malicious documents pose to …

A framework I helped develop called MLsploit will be demoed at Black Hat Asia 2019. You can read more about it here.

Lately I've been spending a lot of time with document malware and exploring techniques for detection. Malicious documents pose interesting challenges and have become the typical first vector for adversaries to achieve a foothold. Despite this, document malware seems largely overlooked by academics compared to their executable counterparts. In short …

Georgia Tech has acknowledged me for a past vulnerability I disclosed to them.

A mantra we hear all the time in security is the notion of defense in depth. It's applied in numerous areas from protecting computer systems to safeguarding airports. Anyone who receives formal training in security will likely encounter the term at least once in their coursework. It's a milestone we …