Meredith L. Patterson

Learn More
We present an approach to improving the security of complex, composed systems based on formal language theory, and show how this approach leads to advances in input validation, security modeling, attack surface reduction, and ultimately, software design and programming methodology. We cite examples based on real-world security flaws in common protocols(More)
It’s been nearly thirty years from Ken Thompson’s “Reflections on Trusting Trust” and its famous verdict that “You can’t trust code that you did not totally create yourself.” If there is one practical lesson that the Internet taught us since then, it is that one cannot even trust one’s own code so long as that code meets arbitrary inputs from the Internet.(More)
OBJECTIVE To determine practices related to the use of pulse oximetry in monitoring infants of < 1500 gm birth weight on supplemental oxygen. STUDY DESIGN A mailing list of all neonatal intensive care units with accredited Neonatal-Perinatal Fellowship programs was prepared. A questionnaire was prepared and mailed to collect information on the following:(More)
BACKGROUND In this study we examine the variability among unstandardized cockroach allergen extracts. METHODS We obtained 24 aqueous and glycerinated cockroach allergen extracts from nine manufacturers. We used previously characterized cockroach extracts, E2-Cg and E2-Ca, as references. The modified ninhydrin assay was used to determine protein(More)
Jon Postel's Robustness Principle- "Be conservative in what you do, and liberal in what you accept from others"- played a fundamental role in how Internet protocols were designed and implemented. Its influence went far beyond direct application by Internet Engineering Task Force (IETF) designers, as generations of programmers learned from examples of the(More)
Input-handling bugs share two common patterns: insufficient recognition, where input-checking logic is unfit to validate a program’s assumptions about inputs, and parser differentials, wherein two or more components of a system fail to interpret input equivalently. We argue that these patterns are artifacts of avoidable weaknesses in the development process(More)
Information-theoretic private information retrieval (PIR) protocols, such as those described by Chor et al. [5], provide a mechanism by which users can retrieve information from a database distributed across multiple servers in such a way that neither the servers nor an outside observer can determine the contents of the data being retrieved. More recent PIR(More)
  • S E R G E Y B R A T U S, H L P A T T E R S O N, A N D A N N A S H U B I N A, Meredith L Patterson
  • 2015
Sergey Bratus is a Research Associate Professor of computer science at Dartmouth College. He sees state-ofthe-art hacking as a distinct research and engineering discipline that, although not yet recognized as such, harbors deep insights into the nature of computing. He has a PhD in mathematics from Northeastern University and worked at BBN Technologies on(More)
Big data is changing the landscape of security tools for network monitoring, security information and event management, and forensics; however, in the eternal arms race of attack and defense, security researchers must keep exploring novel ways to mitigate and contain sophisticated attackers.