Sergey's modest homepage

Sergey Bratus

I am a Research Assistant Professor at the Computer Science Department at Dartmouth College. I am interested in all aspects of Unix security, in particular in Linux kernel security, detection and reverse engineering of malware (primarly kernel mode, Linux and Windows), and wireless networking. I am also interested in visualizations of computer security-related information.

My other interests are in applications of Natural Language Processing for better indexing, search and navigation of natural language documents.

Projects

Baffle -- active 802.11 behavioral fingerprinting.
Kerf -- data organization and machine learning techniques for smarter log and packet capture browsing, analysis and sharing.
LZfuzz -- a simple fuzzer for plain text proprietary protocols, such as those still found in SCADA systems.
Windsock -- networks monitoring sensors based on streaming estimation of information-theoretic measures.
While working on Kerf, I developed several tools as side projects. A tool for visualizing and browsing Linux Snare and Solaris BSM system call traces is described here (and is freely available upon request).

In May 2009 I provided an expert witness report for the Franklin Pierce Law Center's legal team defending Mavis Roy in UMG Recordings et al. v. Roy civil action lawsuit.

Teaching

This Winter '10 I am teaching CS 108, "Advanced Operating Systems", based on OpenSolaris, with some Linux kernel and general hacking thrown in. The course directory is updated as we go along; for last year's materials see CS 108 Winter '09.

In Spring 05 I taught CS 38, Computer Security and Privacy. The class materials are here: [CS38 '05 local copy].

My collection of security-related articles, tutorials and tools is here.

Hacking

Being much indebted to the hacker community for many things I learned from its amazingly rich sources, I tried to describe some trends in the hacker learning experience (the so-called "hacker curriculum") that distinguish it from the typical experiences of traditionally trained developers and CS students. We use some (implicit) principles of this "hidden curriculum" and related experiences in our teaching of Computer Security at Dartmouth.

You can now take part in a community discussion of hacker curricilum at www.hackercurriculum.org.

Publications:

What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum [DOI], [PDF]
I hope to use these observations a basis for larger work on the "hacker curriculum" and a bibliography of influential hacker work. You are welcome to send me comments on the [rough draft].
Hacker Curriculum: How Hackers Learn Networking
Hacker Curriculum: How We Can Use It in Teaching

Some of my "random" patches to standard tools (Etherape, dsniff, fragrouter, tcpflow, tcpreplay, etc., see README).

Personal

I received my undergraduate education at the Moscow Institute of Physics and Technology (aka Moscow Phystech), and my Ph.D. at Northeastern University (1999). Before coming to Dartmouth I worked at BBN Technologies on statistical learning methods in Natural Language Processing (NLP) for information extraction from natural English text, "text understanding", and similar topics.

My old homepage is at http://www.ccs.neu.edu/home/sbratus/.

My GPG public key.

Local Dartmouth wikis: [SELinux]

Please support the Free Software Foundation, the people who brought us the GPL and are fighting to protect our freedom to write and change software.

Don't care to have your research squashed by an unscrupulous vendor's bogus copyright claims or have all of your Internet traffic mined and monitored for undisclosed purposes? Please support the Electronic Frontier Foundation.

	Please support the Free Software Foundation, the people who brought us the GPL and are fighting to protect our freedom to write and change software.
	Don't care to have your research squashed by an unscrupulous vendor's bogus copyright claims or have all of your Internet traffic mined and monitored for undisclosed purposes? Please support the Electronic Frontier Foundation.