This page documents anything that I’ve done that matured into a presentation or publication. If you have questions, comments, ideas, etc. concerning any of these, please reach out over LinkedIn - I would love to chat and learn from you!

Presentations

“Turning Domain Data into Domain Intelligence”

Authors: Partridge, Chris.
Presented: April 14, 2018 to Security B-Sides Rochester 2018 Hacker Conference.

A talk on the earlier rendition of Threatwork (then-titled ‘dnstrace,’ now a cooperative project under Machines Never Sleep, LLC), and some of the interesting challenges of getting DNS data at scale. This talk also went over some fun statistics, unexpected misconfigurations, and early results (positive, but not amazing). You can see me sweat in front of peers for the first time here.

Publications

“From Bear to Vault: Designing a New Protocol to Extend the APT Communications Toolset”

Authors: Partridge, Chris; Hendee, Nicholas.
Accepted: December 12-14, 2018 to the 2018 International Conference on Computational Science and Computational Intelligence, in the Symposium on Cyber Warfare, Cyber Defense, and Cyber Security.
Published: January 2, 2020 in IEEE Xplore®, ISBN 978-1-7281-1360-9.

Investigating what contemporary APTs do for covert communication, we prototype a novel system combining the more potent ideas from a number of adversaries, which allows for highly flexible data exfiltration and C2 … if you’re willing to write some wrappers. Our paper is available from the American CSE proceedings portal, and I’ve republished it in higher quality here because information should be free. Not to avoid capitalizaing on clout though, this work was indexed in and published by IEEE Xplore, and is additionally available here if you are an IEEE member.