Finding Algorithmic Bits in a Binary Haystack
System for identifying potential instantiations of any algorithm within a binary executable program. Developed at Johns Hopkins University and presented to the National Security Agency.
Posts by Collection
portfolio
Enforcing Minimum Necessary Access through Integrated Audit and Access Control
Research system for enforcing minimum necessary access in healthcare IT through integration of audit logs and access control policies. Patented.
Managed Graphical Smart Grid Traffic Profiler
Real-time web-based dashboard for analyzing and securing smart grid network traffic. Subsequently patented and commercialized.
Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems
A hardware security add-on for IoT-class processors that builds control-flow profiles and enforces secure execution on embedded devices.
Firmware IQ
Commercial security analysis platform that scans firmware, containers, and virtual machine images for known vulnerabilities and cryptographic implementation flaws, with automated CVE cross-referencing against NIST’s National Vulnerability Database.
TechniComp Linux Workbench
Custom Linux distribution designed as an integrated workbench environment for technical computing, systems analysis, and engineering workflows.
LLM Inference Testbed for Performance and Agentic-Quality Analysis
Single-socket EPYC workstation running frontier-class 600B+ parameter language models locally, with 1TB RAM, 128GB VRAM across four AMD Radeon Pro V620 GPUs, and 200TB of integrated storage.
Beacon+: Applications of Secure Location Sensing in Healthcare
Secure indoor location-sensing system using tamper-resistant Bluetooth Low Energy beacons to provide unspoofable location for healthcare authentication and access control.
OpenBSD-based Next-Generation Firewall Design and Implementation
Design and deployment of high-performance network appliances including OpenBSD routers with custom DPI, PF and OPNSense firewalls, and purpose-built network security infrastructure.
Virtualization Infrastructure Design and Operation
Ongoing design and operation of virtualization environments across VMware ESXi and Proxmox, supporting development, security research, expert witness work, and AI inference workloads.
Cross-Architecture Distributed Hadoop Cluster on PowerPC
Built a Hadoop distributed computing cluster on PowerPC architecture for large-scale data processing and analysis.
Commercial Infusion Pump Vulnerability Assessment with RCE Exploitation
Discovered multiple vulnerabilities in a commercially deployed infusion pump system, including a remote code execution vulnerability. Developed a working exploit achieving arbitrary code execution on the device.
Automated Malware Analysis Virtualization Platform
Built an automated malware sample analysis platform using VMware CLI automation to test antivirus products. Results were used in nationally published product evaluations.
Board-Level Component Diagnostics, Repair, and Modification
Board-level diagnostics, component-level repair, firmware extraction, and hardware investigation across laptop and embedded system platforms.
Cryptographic DRM Reverse Engineering and Circumvention
Engaged to analyze and defeat the digital rights management protections on a mobile digital content distribution platform, cataloguing multiple independent methods of circumvention.
Dynamic Analysis Plugin for IDA Pro
IDA Pro plugin and emulator for observing how binary instruction snippets from malware samples modify their computing environment. Developed in collaboration with the NSA.
Design and Implementation of 100+ TB ZFS Storage Appliances
Designed and built multiple high-capacity ZFS-based storage servers from enterprise and consumer hardware for data archival, backup, and network-attached storage.
Coreboot-based Firmware Design
Replacing proprietary BIOS/UEFI with open-source Coreboot firmware on various platforms, including custom firmware builds and direct SPI flash chip programming.
publications
Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control
Published in Proc. ACM Conference on Bioinformatics, Computational Biology, and Biomedical Informatics Health Informatics Symposium (BCB-HIS), 2013
This paper presents a system for enforcing the minimum necessary access principle in healthcare settings by integrating large-scale audit log analysis with access control mechanisms. Using a Hadoop-based application for statistical analysis of electronic medical record audit logs, the system automatically produces human-readable reports and identifies access patterns that may indicate privacy violations. This technology was subsequently patented by Accenture.
Citation: P. Martin, A. Rubin, R. Bhatti. "Enforcing Minimum Necessary Access in Healthcare Through Integrated Audit and Access Control." Proc. ACM Conference on Bioinformatics, Computational Biology, and Biomedical Informatics Health Informatics Symposium (BCB-HIS), September 2013.
Download Paper
Classifying Network Protocol Implementation Versions: An OpenSSL Case Study
Published in Technical Report 13-01, Johns Hopkins University, 2013
This technical report presents techniques for fingerprinting and classifying specific versions of network protocol implementations by analyzing observable behavioral differences. The case study focuses on OpenSSL, demonstrating that implementation version information can be inferred from network traffic analysis.
Citation: P. Martin, M. Rushanan, S. Checkoway, M. Green, A. Rubin. "Classifying Network Protocol Implementation Versions: An OpenSSL Case Study." Technical Report 13-01, Johns Hopkins University, December 2013.
Download Paper
KBID: Kerberos Bracelet Identification (Short Paper)
Published in Financial Cryptography and Data Security (FC 16), Lecture Notes in Computer Science, vol. 9603, Springer, 2016
KBID is an authentication bracelet that receives a Kerberos ticket upon login to a modified computer terminal through low-energy electrical signals transmitted over the wearer’s skin. The bracelet enables password-free authentication at other terminals throughout a facility and immediately loses the cryptographic secret upon removal from the user.
Citation: J. Carrigan, P. Martin, M. Rushanan. "KBID: Kerberos Bracelet Identification (Short Paper)." Financial Cryptography and Data Security (FC 16), Lecture Notes in Computer Science, vol. 9603, Springer, 2016.
Download Paper
Applications of Secure Location Sensing in Healthcare
Published in Proc. ACM Conference on Bioinformatics, Computational Biology, and Health Informatics (BCB 16), 2016
This paper presents a secure indoor location tracking system using unspoofable Bluetooth Low Energy beacons for healthcare environments. The system enables automatic presentation of relevant patient medical records to physicians as they move through a facility, providing a secondary authentication mechanism that is transparent to the user while strengthening access controls.
Citation: P. Martin, M. Rushanan, T. Tantillo, C. Lehmann, A. Rubin. "Applications of Secure Location Sensing in Healthcare." Proc. ACM Conference on Bioinformatics, Computational Biology, and Health Informatics (BCB 16), 2016.
Download Paper
Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems
Published in Proc. ACM/IEEE International Conference on Internet-of-Things Design and Implementation (IoTDI 18), 2018
Sentinel is a hardware-based security system designed to be soldered directly to the CPU of IoT-class embedded devices. It monitors control-flow transitions to build runtime profiles of normal device behavior and enforces those profiles to detect anomalous execution, providing control-flow integrity for resource-constrained embedded systems.
Citation: P. Martin, D. Russel, M. Ben Salem, S. Checkoway, A. Rubin. "Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems." Proc. ACM/IEEE International Conference on Internet-of-Things Design and Implementation (IoTDI 18), 2018.
Download Paper
talks
teaching
Practical Cryptographic Systems (Course Assistant)
Course Assistant, Johns Hopkins University, Department of Computer Science, 2011
Course Assistant for Practical Cryptographic Systems.
Security and Privacy in Computing (Teaching Assistant)
Teaching Assistant, Johns Hopkins University, Department of Computer Science, 2014
Teaching Assistant for the Security and Privacy course (2012-2014). Received the Computer Science Department Outstanding Teaching Assistant Award in 2014.
Introduction to Hardware Hacking
Short course, Johns Hopkins University, Department of Computer Science, 2015
Co-instructor (with Dr. Michael Rushanan) for this short course, which received the highest student ratings in the Computer Science department during its session. Topics included modifying game consoles and device firmware, electronics repair, binary analysis and modification, network traffic analysis, and web-based vulnerability assessment and exploitation.
Security and Privacy in Computing (2023)
Graduate/Undergraduate course, Johns Hopkins University, Department of Computer Science, 2023
Lecturer. See the 2024 offering for course description.
Security and Privacy in Computing (2024)
Graduate/Undergraduate course, Johns Hopkins University, Department of Computer Science, 2024
Lecturer. Covers hardware and software security design, vulnerability assessment and reverse engineering, hardware and software-based attacks on computer components including RAM and CPUs, applied cryptography, computer architecture, networking, and component-level analysis. The course uses hardware and software emulation and virtualization techniques to present students with real-world environments for hands-on projects.
Intermediate Programming (2025)
Undergraduate course, Johns Hopkins University, Department of Computer Science, 2025
Lecturer. Covers C and C++ programming, developer tools, Linux environments, data structures, and software development practices.