https://www.hyperbolicity.com/tags/cyber/ Recent content in Cyber on Hyperbolicity Hugo -- gohugo.io en-US CC-BY-SA-NC Sun, 15 Apr 2018 01:01:00 -0500 https://www.hyperbolicity.com/journal/x86instructions/ Sun, 15 Apr 2018 01:01:00 -0500 https://www.hyperbolicity.com/journal/x86instructions/ When reading the report of an exploit by a security firm, one invariably finds x86 assembly code. I would stumble on xbegin mayEnd cmp mutex, 0 jz weAreDone xabort $0xff and not be sure what it did. Long ago I had programmed other chips in assembly, so I felt a day or two would give me some idea of the assembly language for the Intel chips. https://www.hyperbolicity.com/journal/days-not-minutes/ Mon, 04 Dec 2017 23:37:39 -0500 https://www.hyperbolicity.com/journal/days-not-minutes/ To find something anomalous one needs to be able to describe what is common. At PermissionBit we do that by recording every interaction between the CPU and the hardware (every system call). That gives us enough data to identify hacking, malware, and misuse. https://www.hyperbolicity.com/journal/activities/ Tue, 14 Nov 2017 19:13:42 -0500 https://www.hyperbolicity.com/journal/activities/ Over four years ago one of our clients from IPS came to us with a cyber security problem. We were asked to take their task not as a symptom to alleviate, but as a reflection of a deeper problem to solve. https://www.hyperbolicity.com/journal/tera-paper/ Mon, 06 Nov 2017 09:38:00 -0500 https://www.hyperbolicity.com/journal/tera-paper/ On Tuesday the paper Computer activity learning from system call time series that Curt and I wrote was posted to the Arxiv. It explains how we used machine learning to create a minute-by-minute description of what is happening on a computer. https://www.hyperbolicity.com/journal/malware-detector-impossible/ Mon, 23 May 2016 17:44:27 -0500 https://www.hyperbolicity.com/journal/malware-detector-impossible/ It is impossible to write a general purpose malware detector. Not hard, not difficult, impossible. The argument for the impossibility relies on building an odd program. We may not write such a program in practice, but it does arise as a combination of things we do write — things like Perl-like regular expressions and input parsers — and carefully crafted inputs. https://www.hyperbolicity.com/journal/given-a-wall/ Wed, 06 Apr 2016 15:38:00 -0500 https://www.hyperbolicity.com/journal/given-a-wall/ Walls guard. Walls constrain. They defy us to break them. And so it has been since the dawn of agriculture. We see defensive walls protecting ancient cities from China through sub-Saharan Africa. Their widespread prevalence is a testment of their desirability.