Dylan Victor Knoff is president of the Mason Competitive Cyber (MCC) club, a computer science major, and the kind of self-motivated hacker you might see rummaging through Goodwill bins, in his free time looking for a $4 router that he can use to bolster his resume.
“I’ll pull it apart and take the firmware off the chip. It's good fun, responsibly and ethically doing stuff to it, of course, and then reporting vulnerabilities,” he said.
The George Mason University junior likes to examine routers because they are more likely than other devices to have detectable problems. Once he finds a vulnerability, per industry practice, he reports it to the vendor and then MITRE, the nonprofit that that catalogs firmware and software problems. Getting a mention on their common vulnerabilities and exposures listing looks good professionally for young cyber sleuths.
This ambition to make the cyber world a better, safer place is a theme in Knoff’s life. First, he started a Capture the Flag (CTF) team during high school, and then he attended a university cyber club while still a teen. When the Orlando native and first-gen college student could have chosen the local University of Central Florida, instead he left home for George Mason, recognizing the university’s prowess in the field and the benefit of being close to potential employers in the Washington, D.C., metropolitan region. Knowing that breaking into cybersecurity is no Mickey Mouse endeavor, shortly after arriving in Fairfax he networked with the Battelle intern coordinator and subsequently landed a paid, full-time co-op with the STEM giant.
Knoff is on the U.S. Cyber Team and in October competed at the International Cybersecurity Challenge in Santiago, Chile. He said, “We competed against other countries’ teams in a two-day CTF, where one day was attack-and-defend, and the second day was on vulnerability assessment and exploit development.”
Knoff’s research focus is reverse engineering and vulnerability research. “I'll find something wrong with a specific device or framework and I'll find a ‘zero day,’ which is a vulnerability that is unknown to the vendor, and then I'll disclose it to them,” he said, indicating the standard industry practice.
For next year’s DistrictCon, a hacker conference in Washington, D.C., in February, Knoff and two members of MCC participated in the Junkyard Contest, where participants find vulnerabilities in devices; they discovered a stunning eight zero days on one router.
Knoff is giving a separate talk at the conference, on return-oriented programming, a way that hackers can get into a system by reusing code that already exists in a program. “I made this tool that utilizes computer emulation to analyze and visualize the memory side effects of elements that make up a return-oriented attack. Using data aggregation, these elements are then sorted based on their exploitation effects and made easily searchable to an operator.” He made the tool open source, available to anyone on GitHub, and is releasing an updated version the day of the talk.
On rare days when he’s not at a keyboard, Knoff enjoys getting outside, especially for a hike. “I love going to Shenandoah with my friends, doing Old Rag and White Oak,” he said, referencing two of the more popular—and challenging—Shenandoah National Park trails.
Currently he’s entertaining offers for two new co-ops, with the hopes of potentially spinning one of those into full-time employment. And whether scaling digital peaks or the rugged trails of Shenandoah, Knoff will find himself climbing…toward discovery and solutions in a safer cyber world.