Jack Henschel's Publications

Intel PT Hooking (Bachelor thesis)

Title:Intel PT Hooking
Abstract:In this work, we implement a hooking technique based on Intel Processor Trace hardware unit. The original idea was implemented by CyberArk Labs on Microsoft Windows, we tried to build a functionally equivalent port for Linux-based operating systems. However, it does not fulfill the same use-case, since we had to recourse to using invasive techniques for registering the interrupt handler. Additionally, we present a novel technique for tracing system and library calls with Intel PT. This technique is not yet fully reliable, as individual calls may be lost, but we outline how to overcome this technical impediment.
Organization:FAU, IT Security Infrastructures Lab
Author:Jack Henschel
License:CC BY 4.0

Linux Tracing Frameworks

Title:Tracing Frameworks
Abstract:Tracing Frameworks provide a direct interface to inspect, test, debug and measure running applications (so called “online code”). This can be valuable while developing a program (e.g. for performance analysis or error checking), but also when troubleshooting issues after deployment in the field. Some frameworks don’t require modification of application source code at all, others depend on entry points (“markers”) or loading additional libraries. This paper demonstrates the usage of SystemTap and evaluates two other tracing frameworks (Frida and LTTng) at the end.
Organization:Nokia Solutions and Networks GmbH & Co. KG
Date:March 2017
Author:Jack Henschel
License:CC BY 4.0

Intel Processor Trace (intel_pt)

Title:Intel Processor Tracing
Abstract:Intel Processor Trace (PT) is a new feature of Intel processors which provides machine instruction-level tracing. This can aid in low-level debugging and performance analysis of programs and even state recovery of crashed applications. This papers documents the underlying design concept of Intel PT, the requirements on the Linux platform as well as some of its performance measurement use-cases.
Organization:Nokia Solutions and Networks GmbH & Co. KG
Date:August 2017
License:CC BY 4.0

Quantitative Aspects of Blockchain: Proof Of Work

Title:Quantitative Aspects of the Blockchain: Proof Of Work, its Energy Demand and Alternative Consensus Mechanism
Abstract:Bitcoin is the most popular and well-known cryptocurrency to date. It is built upon a technology called blockchain and utilizes a distributed consensus mechanism. This Proof Of Work consensus algorithm is very energy intensive and reports of Bitcoin’s growing energy usage are all over the news. In this paper we review the underlying blockchain technology, quantitative figures of the Bitcoin and Ethereum network and how they compare to each other. We also investigate the concepts of some alternative consensus mechanisms. Finally, we conclude that while the energy usage of Proof Of Work is very large and ever increasing, it opens up possibilities for new and previously unheard of applications. Furthermore, the elegance of Proof Of Work lies within its simplicity. In the future, however, other consensus algorithms might prevail, since Proof Of Work is only the first major iteration for the blockchain technology.
Organization:University of Erlangen, Department of Computer Science
Date:February 2018
License:CC BY 4.0
Download:Henschel_BlockchainPOW_2018.pdf (Presentation Slides)

PC-Netzteil Umbau

Title:PC-Netzteil als Labor-Stromversorgung
Abstract:Auch bei uns stapeln sich ältere und inzwischen zu leistungsschwache PC-Netzteile im Keller. Statt sie der Entsorgung zuzuführen, empfehlen wir einen Umbau zum Labor-Netzteil - denn so etwas braucht man immer mal.
Journal:c’t Hacks / Make, Volume 5, Pages 82-97
Download:heise archive (free)