![[Title Bar]](/images/header.gif)
My interests are pretty diverse. I'm often looking for new, fun,
cool projects. Here are a list of my publications.
That said, I tend to enjoy "problem solving" in many areas. The lower-level systems areas tend to be more appealing, since the connection is pretty direct. I'm less interested in software plumbing, in other words just connecting other people's half-assed, buggy libraries together and wonder why it only works sometimes. I'm not against using libraries and high-level languages—I feel no need to recreate everything from scratch—it's just that the many layers of abstraction tend to diminish the sense of accomplishment for me.
As a postdoc at Cornell and the Xerox Design Research Institute, I worked in the area of Heterogeneous Databases. As a side project with colleagues from grad school, I worked on Multicast Protocols and simulations. The four of us also wrote a textbook on Mobile and Pervasive Computing, published by McGraw-Hill.
At ATC-NY (formerly Odyssey Research Associates), I worked on numerous projects, serving as PI on many. A main focus area was Computer Security, which had a strong focus on Digital Forensics. The digital forensics area included live forensics, peer-to-peer forensics, network forensics, memory forensics, VM and cloud forensics, and more. Other security areas include intrusion detection, marked data/honeypots/honeynets, automated attack and damage assessment, red teaming, and stegonography tool detection. Other broad areas include networking, such as distributed routing protocols, wireless real-time protocols, ultrawideband (UWB) routing, wireless intrusion detection and physical location, red teaming and penetration testing. User interface design (web and other) worked into the projects and products I helped create, as well. I've created and taught several courses, including Live Forensics and Peer-to-Peer Forensics. I've also co-taught a USENIX Security course on Reverse Engineering.
At GrammaTech, I worked on machine-learning for intrusion detection, and automated security assessment based on analysis of high-level system designs, as well as some web based data presentation.
I was the Director of Engineering at Cayuga Networks, a local start-up that created a network device ("applicance") that would detect attacks on web servers in large networks (universities, healthcare, and financial). I wore many hats there. I was the sys-admin and set up the servers and clients and kept them running. I was in charge of the testing group. I supervised the programmers. I helped create the development schedules. I installed demo systems to potential customers and was a technical point of contact for them. I wrote incident reports when we discovered vulnerabilities and attacks to their systems.
I have a lot of hands-on experience with systems, including email and web servers, and have built many software tools. I have also co-authored a textbook on The Fundamentals of Mobile and Pervasive Computing (ISBN: 0071412379) with Golden Richard, Loren Schwiebert, and Sandeep Gupta (more details on the book here). I'm on the board of directors of the Digital Forensic Research Workshop (DFRWS) and have been associated with it since its inception and helped organize it since 2005.
I also did some analyses of ATM networks (but that was a while ago, back when ATMs were a soon-to-be big thing).
I also wrote a web page "crawler" which would grab all the pages from a site, build a graph of them, and then present a tree representation of them, when you specify which node is the root. This was in the later '90s.
I also worked on designing protocols for UltraWide Band radios (kind of 802.15, but not exactly), for vehicle communication that had specific real-time constraints.
I've done some Red Team work, testing the security of a software system, and penetration testing on a web and mail interface of a large company's system, as well as vulnerability analysis of the whole information protection infrastructure (from physical to online).
In general, security and trust issues interest me, and I often find myself applying the same principles in the real world (or deciding to break the rules and trust someone, despite the lack of credentials).
I have gotten a bit cynical and paranoid about security. Mostly because it doesn't really exist, and people would rather have a sense of security and stick with convenience than have real security. And in many cases, it probably is the right choice. Just saying "don't do that" over and over gets tiring. Also, it's kind of an impossible problem too. That said, there are many ways to make security better, so there is some hope.
I have worked on a few different IDSs. When I started at Odyssey Research Associates, I worked on the tail end of a project involving using n-grams to detect abnormal behavior based on system calls.
I was the PI on a project involving creating marked data during a system scan and using that to correlate between the actors from the reconnaissance and exploit phases of an attack. This involved setting up test networks at a half-dozen sites using "dark networks" (unallocated IP space).
Recently, I worked on using machine learning techniques to detect malicious behaviors on a machine given sets of traces (lists of system calls).
I've worked on several digital forensics projects. One of the first was in the area of Live Forensics, helping to create the Mobile Forensic Platform (MFP)/Online Digital Forensics Suite (Online DFS), which did live forensics in the early 2000s back when the common practice was to simply pull the plug on a machine. I also worked in peer-to-peer forensics, helping create P2P Marshal, a tool that automated identification of P2P clients on a machine or disk image. This tool was widely used by law enforcement in the US and abroad. I worked in the area of memory forensics visualation, and detection of registry artifacts of steganography tools after they have been installed, used, and uninstalled on a computer.
I used to think the web was cool. I'm not so sure anymore. There area lot of neat things it can do, but I'm not sure it's the end-all and be-all of user-interfaces or ways to interact. And so many sites simply don't work. But that's more of a rant, so I'll leave it at that (years ago I thought I might write and post rants on various things, then decided no one would care or read it and complaining about things wouldn't make me any happier either, and thus abandoned that idea).
I've designed a number of sites and built user interfaces. Back in the day, I helped create EHFC.net for the East Hill Flying Club, and MyCause.com. I've made notfrank.com, and the site where it resided before that (streetcar.cc), and before that web pages at Xerox DRI, Cornell CS, and Ohio State CIS back in the early '90s (including having one of—but certainly not the—first cameras on the web).
I'm conversant in HTML, XHTML, CSS, HTTP, PHP, Perl, Python, and a small bit of Javascript/JQuery. Personally, I use NoScript and Cookie Monster to restrict the user of scripting and cookies on web pages I use, which means most of them don't work.
