WORLD CLASS SPECIALISTS AND RESEARCHERS

The collective vision, passion and hard work of the Red Balloon Security research team has made universally compatible security for embedded systems a reality.

LEADERS IN RESEARCH

Members of the Red Balloon Security team have led major DoD funded research activities.

PIADC Facility

Commercializing tech for deployment

U.S. Government funded Red Balloon research to bring advanced on-device security with real-time detection to production-network building controllers.

NYANSAT

Three-part satellite hacking workshop

Research for NyanSat resulted in a workshop for the Department of the Air Force and U.S. Defense Digital Service

HSBC&L

Everyday ATM security

Persistent bypass of Nautilus Hyosung's ATM security measures.

THRANGRYCAT

Defeating Cisco’s secure boot

Red Balloon discovered a vulnerability which allows an attacker to persistently bypass Cisco’s proprietary secure boot mechanism and lock out future updates.

A MONITOR DARKLY

Is your monitor displaying the truth?

Reversing and exploiting ubiquitous on-screen display controllers in modern monitors.

BADFET

Defeating secure boot

Defeating modern secure boot using second-order pulsed electromagnetic fault injection.

ACADEMIC BREAKTHROUGHS

The team at Red Balloon have published seminal research papers in the fields of embedded security and established themselves as thought leaders in academic communities.

From prey to hunter: transforming legacy embedded devices into exploitation sensor grids.

Cui, Ang, Jatin Kataria, and Salvatore J. Stofo. In Proceedings of the 27th Annual Computer Security Applications Conference, pp. 393-402. ACM, 2011.

BADFET: defeating modern secure boot using second-order pulsed electromagnetic fault injection.

Cui, Ang, and Rick Housley. In 11th USENIX Workshop on Offensive Technologies (WOOT 17). USENIX Association, vol. 180. 2017.

Utilizing electromagnetic emanations for out-of-band detection of unknown attack code in a programmable logic controller.

Boggs, Nathaniel, Jimmy C. Chau, and Ang Cui. Cyber Sensing 2018. Vol. 10630. International Society for Optics and Photonics, 2018.

Copyright 2018 Society of Photo-Optical Instrumentation Engineers. One print or electronic copy may be made for personal use only. Systematic reproduction and distribution, duplication of any material in this paper for a fee or for commercial purposes, or modification of the content of the paper are prohibited.

Automotive Exploitation Sandbox: A Hands-on Educational Introduction to Embedded Device Exploitation.

Boggs, Nathaniel; Cui, Ang; Kataria, Jatin; Laulheret, Philippe. escar USA: Embedded Security in Cars. 2018.

Symbiotes and defensive mutualism: Moving target defense.

Cui, Ang, and Salvatore J. Stolfo. In Moving target defense, pp. 99-108. Springer, New York, NY, 2011.

Concurrency Attacks.

Yang, Junfeng, Ang Cui, Salvatore J. Stolfo, and Simha Sethumadhavan. HotPar 12 (2012): 15.

PROTECT YOUR SYSTEMS AGAINST EXPLOITATION