Published Works

Password Authentication Attacks at Scale

Whilst there is much literature on password authentication attacks, there has been little study of real online brute force attacks. This paper provides analysis of the most prolific attackers and provides analysis of distributed brute force attackers using unsupervised learning technique for clusterization. Compromised credential checking has recently emerged as an approach to improve password security by deterring users from using re-using breached passwords. Analysing an implementation on a la

Mastering PHP Design Patterns

Back in 2010, MailChimp published a post on their blog, entitled Ewww, You Use PHP? In this blog post, they described the horror when they explained their choice of PHP to developers who consider the phrase good PHP programmer an oxymoron. In their rebuttal they argued that their PHP wasn't your grandfathers PHP and that they use a sophisticated framework. I tend to judge the quality of PHP on the basis of, not only how it functions, but how secure it is and how it is architected. This book focu