Originally from Ottawa, Ontario, I made the move to Toronto where I completed a 2 year masters degree (M.A.Sc.) at the University of Toronto researching computer security and reliability under the supervision of Prof. David Lie in the Department of Electrical and Computer Engineering. I have also received a bachelor's degree from Carleton University in Computer Systems Engineering. I am currently a Software Engineer working in the San Francisco Bay Area.
My graduate school research was funded by the Natural Sciences and Engineering Research Council of Canada (NSERC), through a Masters Postgraduate Scholarship (PGSM).
I have focused my research in the area of computer security and reliability. More specifically, this includes computer architecture and communication, operating systems and distributed network processing in relation to detection, prevention and analysis of software failure. I'm working with the Computer Engineering Research Group and the Computer Systems Lab under the supervision of Professor David Lie.
Jesse Pool, Ian Sin Kwok Wong and David Lie. Relaxed Determinism: Making Redundant Execution on Multiprocessors Practical. In Proceedings of HotOS XI: 11th Workshop on Hot Topics in Operating Systems, May 2007, San Diego, CA. [slides]
Jesse Pool. Kernel Support for Deterministic Redundant Execution of Shared Memory Workloads on Multiprocessor Systems. M.A.Sc. Thesis, September 2007, University of Toronto
Security Reading Group - Discussing recent software and hardware security research
Systems Software Reading Group - Discussing both recent and classic systems software research
CSC2227: Topics in the Design and Implementation of Operating Systems (Instructor: Angela Demke Brown)
I've worked on a few interesting/relevant tools in the recent past that I though would be useful to others. Source code is (or will be) available for most of these. Feel free to send me an email with questions or comments.
Motivated by future processors that will contain an abundance of execution cores, we believe redundant execution will be a practical method for increasing system availability and resilience against intrusions. We are interested in studying real world applications and kernel level support for efficient redundant execution.
System Call Backtrace
While analyzing an Apache strace, a friend and I needed to determine the calling function of a system call. We extended strace to include an option, -ii, where it prints out a backtrace of the entire stack. (The patch only supports Linux on i386.) By using objdump -D on Apache (compiled without stripping symbols), we were able to unroll the stack to where the system call originated, and identify the function name. This download will let you patch strace 4.5.14. Note: We use the EBP register for unrolling the stack, so functions that are optimized to not use EBP will be skipped on the backtrace.
ExecView is a Windows application (and kernel driver combo) that monitors the operating system for executable images loaded into virtual memory by any process (using PsSetLoadImageNotifyRoutine). Every time a new image is loaded, it's logged to file and printed to the screen. Logged information includes the image name (file name), the size of the executable region, the base virtual address where the image is loaded and the identifier for the process that maps the image.
U of T WebMonkeys Project
The primary objective of this project was to create a scriptable extension to Mozilla's Firefox that can be remotely controlled over TCP/IP. This lets us automate many browsers from a remote machine, which is a nice research tool. The extension will be available for download in the near future. Using this "monkey" we've been studying the behavior of spyware. Update: We've been really slow in releasing this source due to lack of time to do cleanup and packaging. If you really need it, send me an email and I'll send you the messy, documentation-less source. [PDF]
The Network Operators Toolkit
This is a tool suite that can be used for monitoring and manipulating the local network. It provides basic tools like an ARP poisoner and a DNS spoofer to shape traffic redirection. In order to find machines on the LAN, a tool has been included that will quickly print out the IP and MAC addresses of all visible network nodes. The toolkit was a key component to my 4th year engineering project, the goal of which was to implement a man-in-the-middle attack on the SSH version 2 protcol.
You may have heard of a great little tool called tcpreplay. It's "a suite of tools to edit and replay captured network traffic," that's supported on systems exporting the POSIX interface. While working for a company a few years back, I hacked the basic replay functionality to work on the Windows platform. I sent the author that code, which can now be downloaded on Sourceforge. Keep in mind that it was hacked together in no time, just to get the basic functionality. Here's a local mirror that also includes a precompiled tcpreplay.exe for Win32.