Papers
Here are a few examples of work I have done. Much of it is very outdated, but I plan on adding more soon. I have made a commitment to myself to do some research outside of work in an effort to keep my skills sharp and to contribute to the security community as a whole.
SANS Papers:
- May 2000: SANS Intrusion Analyst Paper (Honors) Analysis of IDS alarms, new signatures to detect previously unknown attacks, and new signatures for well-known attack tools.
- June 2001: SANS System and Network Auditing: Hardening of an IRIX system. This paper is thorough, but certainly didn’t break any new ground. It was an excuse to familiarize myself with an operating system I hadn’t used before (and ironically haven’t used since!)
- March 2002: SANS Incident Handling Paper: Bait and switch Honeypots. Demonstrates the use of IDS to trigger a redirection of an attacker away from a webserver to a honeypot, allows the attacker to gain access, and provides an in-depth analysis of the attack.