703-543-9662 • info@invincealabs.com    

Blog Posts by Robert Gove

SELinux and SE for Android can be a crucial part of securing a system, but the size and complexity of SELinux security policies make them challenging for security policy administrators to develop and maintain security policies. For example, the sesearch utility shows 94,420 allow rules in the 20141203 version of the Tresys reference policy. To address these challenges, we built V3SPA, an open source tool for visually analyzing and diffing the allow rules in SELinux and SE for Android security policies.

Today I’m announcing the release of V3SPA v2.1.1. V3SPA can import uncompiled SELinux security policies, or binary policies that can be read by SETools v4, including many SE for Android policy binaries. This post gives an introduction on how to use V3SPA, and I describe some of my research on V3SPA published this year at VizSec.

Invincea Labs’s research engineers published two papers in this year’s proceedings of Visualization for Cyber Security (VizSec). The papers describe research that the authors and their teammates performed on DARPA’s Cyber Genome program for performing malware analysis at scale.

Robert Gove
Robert Gove
  • robert.gove@invincealabs.com
Robert's background is in computer science, HCI, and information visualization. He is interested in designing UIs and visualizations to answer deep analytical questions, and how to use machine learning and statistics to enhance analysts' capabilities. He holds a Master of Science in Computer Science from the University of Maryland, and two Bachelor of Science degrees in Computer Science and Applied Math from UNC Greensboro.