Carter Yagemann

Carter Yagemann

Assistant Professor of Computer Science and Engineering at The Ohio State University, specializing in systems and software security, including vulnerability discovery, exploit prevention, fault injection, cyber-physical systems, and financial market security.

Articles

H&R Block App Analytics for 2019

Last year I wrote a blog post about using the analytics publicly released by the USA government to gleam some information about H&R Block's mobile apps. If you haven't read it, I recommend doing so because in this post I'm going to give an update for the 2019 tax …

Android Intent Firewall Documentation

Awhile ago I was notified that the documentation on Android's Intent Firewall that I wrote while I was a student at Syracuse University is no longer available. Surprisingly, despite how old the document is, I still get requests for it. Thus, I've taken the time to make a copy of …

Malware Has a Color

In an upcoming paper I plan to present some preliminary work in applying machine learning to program control flows to detect anomalies. Specifically, my coauthors and I demonstrate how to use this to analyze document malware with promising accuracy. In previous posts, I've detailed the threat malicious documents pose to …

Three Kinds of Document Malware and Designing Frameworks to Detect Them

Lately I've been spending a lot of time with document malware and exploring techniques for detection. Malicious documents pose interesting challenges and have become the typical first vector for adversaries to achieve a foothold. Despite this, document malware seems largely overlooked by academics compared to their executable counterparts. In short …

The Unfortunate Economics of Defense in Depth

A mantra we hear all the time in security is the notion of defense in depth. It's applied in numerous areas from protecting computer systems to safeguarding airports. Anyone who receives formal training in security will likely encounter the term at least once in their coursework. It's a milestone we …

Paper Accepted to ACM CCS 2018

A paper I co-authored has been accepted to the 25th ACM Conference on Computer and Communications Security (CCS'18) being held in Toronto, Canada from October 15, 2018 to October 19, 2018. Title: Enforcing Unique Code Target Property for Control-Flow Integrity Authors: Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak Ho …

Weird Things Are Afoot In The Honeypot

Here's something you don't see every day. The logs from my SSH honeypot show someone brute-forcing the password for root and then executing: ls /data/data/com.android.providers.telephony/databases This is a strange directory to look for because it's where Android devices store the SQLite databases for SMS …

EFF and EFAIL: An Example of Hype Culture Gone Awry

I usually try to keep my blog posts technical and free of politics, but I can't hide my frustration over EFF's response to today's release of the EFAIL vulnerability. If you haven't heard by now, EFAIL is the name of a vulnerability having to do with how email clients like …