Skip to main content

Jordan Jueckstock Interview

This fall, Dr. Jordan Jueckstock returned from a four-year leave of absence to resume teaching full-time in the Department of Computer Science. He will be teaching several courses in the new Cybersecurity major. We sat down with him recently to find out a bit about his background in cybersecurity and his Ph.D. research.

You’ve had an interest in cybersecurity for a while now. What got you interested in that area of computer science?

My wife! (chuckle) Cybersecurity has always interested me; it has a kind of mystique associated with it. But my wife played a key role in getting me directly involved in cybersecurity research.

I finished my undergrad at BJU and started grad school at Clemson. At the time, I was dating Jessica. She was interested in grad school, and was recruited by a professor at University of Tulsa. The professor was associated with a federal program that recruited students into the cybersecurity field. Since I was very interested in Jessica, both of us ended up at the University of Tulsa.

Tell us a bit about your work in Oklahoma.

The grad program there was a feeder program for the intelligence community. It was a professional program designed to prepare students for jobs in federal intelligence agencies. I ended up doing research there for the U.S. Secret Service.

The Secret Service, in addition to protecting the president, also has a second job of investigating wire fraud. They do forensic analysis on communications as part of that work. The University of Tulsa had a U.S. Secret Service cell phone forensic facility, hidden away in the top floor of a nondescript building on campus. You went up the back staircase to an unmarked door, leading to a lab where there were two secret service agents. As students, we weren’t involved in the actual legal investigations, but if the agents came across new technology they hadn’t seen before, they would acquire it and let the students attempt to reverse engineer it to break it. That lab had amazing equipment to read all kinds of stuff.

I worked on reverse engineering a proprietary full disk encryption system. I figured out enough that we could brute force keys for it. I also assisted another student’s Ph.D. research involving reverse engineering for a proprietary smartphone platform. He did a complete teardown from the physical hardware all the way up, and also reverse engineered the software. I spent a year reverse engineering assembly-level code; we ended up with a tool chain that would take OS images from the smartphone, decompile them, and output the source code.

Tell us about your work at NSA.

I worked at the NSA for two and a half years after finishing the program at Oklahoma. My job title was “Capabilities Development Specialist.” I developed classified software tools for certain classes of intelligence gathering cyberoperations directed at foreign nations and international terrorism. I worked on a small team. I had good leadership, enjoyed the work, and learned a lot.

On your leave of absence from BJU to get a Ph.D., you worked in a research group at NCSU. Tell us a bit about the kind of research that group did.

I worked in the WSPR lab. That lab had a number of interesting research projects. For example, a telefony lab there got a range of unused numbers from a local telco, and set up a bank of answering machines to analyze spam call campaigns. My advisor had a background in web browser security. He worked on analyzing browser extensions to see which ones were doing undesirable things like injecting ads on pages such as

What research did you do for your Ph.D. work?

I worked on improving instrumentation in the research browser that my advisor had designed for his work in web browser security. Operating systems like Windows and Linux have deep instrumentation tools, so you can get a detailed sense of what is flowing through the system for performance tuning and security analysis. Browsers are, in effect, operating systems, and have traditionally not had good instrumentation beyond developer tools. We were looking at ways to instrument the browser in a way that is maintainable. I added a small instrumentation layer to Google’s V8 Javascript engine that monitors the calls from the JavaScript layer down to the browser’s native code. My instrumentation layer is simple enough that it is possible to adapt it to new releases of V8 with modest effort.

My research focused on broad background threats and shady tracking practices. We wanted to see if by monitoring the JavaScript calls down to the browser if we could detect emerging threat trends. So, we would crawl thousands of web pages with our instrumented browser, run the JavaScript on those pages, use the instrumentation layer to collect log data to find out what that JavaScript was doing, and analyze the log data. We were able to get some useful results that confirmed other researchers’ findings.