As a fun change of pace, I decided to write up a beginner's guide to hacking save states for video games. In this tutorial, we're going to take a look at Fire Emblem 7 for the Game Boy Advance (GBA). Specifically, we're going to hack the health bar of the …

My coauthors and I will be presenting an extended abstract in the 25th Conference on Knowledge Discovery and Data Mining (KDD'19) in August. Below is a preview: Title: MLsploit: A Framework for Interactive Experimentation with Adversarial Machine Learning Research Authors: Nilaksh Das, Siwei Li, Chanil Jeon, Jinho Jung, Shang-Tse Chen …

My coauthors and I will be presenting a paper in the 22nd Information Security Conference (ISC'19) in September. Below is a preview: Project Page Title: Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces. Authors: Carter Yagemann (Georgia Tech), Salmin Sultana (Intel Labs), Li Chen (Intel Labs), Wenke …

My coauthors and I will be presenting an extended abstract in the workshop on Explainable AI at CVPR 2019 in June. Below is a preview: Title: To believe or not to believe: Validating explanation fidelity for dynamic malware analysis. Authors: Li Chen (Intel Labs), Carter Yagemann (Georgia Tech), Evan Downing …

Last year I wrote a blog post about using the analytics publicly released by the USA government to gleam some information about H&R Block's mobile apps. If you haven't read it, I recommend doing so because in this post I'm going to give an update for the 2019 tax …

Awhile ago I was notified that the documentation on Android's Intent Firewall that I wrote while I was a student at Syracuse University is no longer available. Surprisingly, despite how old the document is, I still get requests for it. Thus, I've taken the time to make a copy of …

In an upcoming paper I plan to present some preliminary work in applying machine learning to program control flows to detect anomalies. Specifically, my coauthors and I demonstrate how to use this to analyze document malware with promising accuracy. In previous posts, I've detailed the threat malicious documents pose to …

A framework I helped develop called MLsploit will be demoed at Black Hat Asia 2019. You can read more about it here.

Lately I've been spending a lot of time with document malware and exploring techniques for detection. Malicious documents pose interesting challenges and have become the typical first vector for adversaries to achieve a foothold. Despite this, document malware seems largely overlooked by academics compared to their executable counterparts. In short …

Georgia Tech has acknowledged me for a past vulnerability I disclosed to them.