Rob King
Erlang Enthusiast in DVLabs
TippingPoint DVLabs
Rob is a senior researcher with TippingPoint's DVLabs organization, where he specializes in Unix and network security, encryption, encoding, and various esoterica.
Rob has over ten years' experience in the security field and has presented at numerous conferences and authored several papers, on topics ranging from computational linguistics to statistical analysis to good Snort deployment strategies. He has been invited in a private capacity to lecture and instruct at a variety of governmental and private organizations.
Outside of work, he holds an unhealthy fascination for ancient and obscure computer science history, complex board games, and other suitably geeky pursuits. He currently lives in Austin with his wife Betsy and several quadrupeds of various species.
Rob has over ten years' experience in the security field and has presented at numerous conferences and authored several papers, on topics ranging from computational linguistics to statistical analysis to good Snort deployment strategies. He has been invited in a private capacity to lecture and instruct at a variety of governmental and private organizations.
Outside of work, he holds an unhealthy fascination for ancient and obscure computer science history, complex board games, and other suitably geeky pursuits. He currently lives in Austin with his wife Betsy and several quadrupeds of various species.
Rob King is Giving the Following Talks
SCREAM: Static Analysis of Regular Expressions for Analysis and Modifications
This paper illustrates an interesting application of Erlang; specifically, one dealing with analysis of encoded data in a static context. The root problem is one of analysis of data streams. In many cases, devices may wish to monitor streams of data for interesting patterns, but such analysis engines may be limited in the complexity of operations supported for such analysis. A practical example of this is a common one: a network intrusion detection system may wish to analyze email messages without having to store and forward each message. Many email systems encode binary data using the Base64 transform, a bitwise encoding scheme. For performance reasons, it is sometimes desirable to not first decode the message before analyzing its contents. This paper presents a tool, b64re, that analyzes a regular expression and transforms it such that it will now match its input when said input has been encoded using Base64. Several features of Erlang/OTP are illustrated, including parsing, the ease with which bitwise data can be manipulated, using multiple distributed processes to speed calculation, and the use of Erlang as a language in contexts other than distributed, soft real-time applications.
