Sergey's modest homepage

Sergey Bratus

I am a Research Assistant Professor at the Computer Science Department at Dartmouth College. I am interested in all aspects of Unix security, in particular in Linux kernel security, detection and reverse engineering of malware (primarly kernel mode, Linux and Windows), and wireless networking. I am also interested in visualizations of computer security-related information.

My other interests are in applications of Natural Language Processing for better indexing, search and navigation of natural language documents.

Projects

Baffle -- active 802.11 behavioral fingerprinting.
Kerf -- data organization and machine learning techniques for smarter log and packet capture browsing, analysis and sharing.
LZfuzz -- a simple fuzzer for plain text proprietary protocols, such as those still found in SCADA systems.
Windsock -- networks monitoring sensors based on streaming estimation of information-theoretic measures.
While working on Kerf, I developed several tools as side projects. A tool for visualizing and browsing Linux Snare and Solaris BSM system call traces is described here (and is freely available upon request).

Teaching

In Spring 05 I taught CS 38, Computer Security and Privacy. The class materials are here: [CS38 '05 local copy]. If you are a Dartmouth student interested in these topics, and would like to do a security related project, I'll be glad to hear from you.

My collection of security-related articles, tutorials and tools is here.

Recently I published several articles in which I tried to describe some trends in the hacker learning experience (the so-called "hacker curriculum") that distinguish it from the typical experiences of traditionally trained developers and CS students:

What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum [DOI], [PDF]
I hope to use these observations a basis for larger work on the "hacker curriculum" and a bibliography of influential hacker work. You are welcome to send me comments on the [rough draft].
Hacker Curriculum: How Hackers Learn Networking
Hacker Curriculum: How We Can Use It in Teaching

Some of my "random" patches to standard tools (Etherape, dsniff, fragrouter, tcpflow, tcpreplay, etc., see README).

I received my undergraduate education at the Moscow Institute of Physics and Technology (aka Moscow Phystech), and my Ph.D. at Northeastern University (1999). Before coming to Dartmouth I worked at BBN Technologies on statistical learning for text understanding and similar topics.

My old homepage is at http://www.ccs.neu.edu/home/sbratus/. Look there for my resume and other personal information.

My GPG public key.

Local Dartmouth wikis: [SELinux]

Please support the Free Software Foundation, the people who brought us the GPL and are fighting to protect our freedom to write and change software.

Don't care to have your research squashed by an unscrupulous vendor's bogus copyright claims or have all of your Internet traffic mined and monitored for undisclosed purposes? Please support the Electronic Frontier Foundation.

	Please support the Free Software Foundation, the people who brought us the GPL and are fighting to protect our freedom to write and change software.
	Don't care to have your research squashed by an unscrupulous vendor's bogus copyright claims or have all of your Internet traffic mined and monitored for undisclosed purposes? Please support the Electronic Frontier Foundation.