Derrick McKee

Mitigating undisclosed zero-day hacks with something like my HAKC system makes me smile, and I welcome any opportunity to prove our work in more and more systems.

Tell us broadly about your work at the Laboratory. What kinds of problems are you researching or developing technology to address?

I mainly work on securing commodity operating system kernels, which typically run at the highest privilege level possible on a computer. Because of that high privilege, a bug in the kernel code can lead to catastrophic failures of security features intended to protect users. The system I developed as a student researcher at Lincoln Laboratory before becoming a full-time technical staff member is called Hardware-Assisted Kernel Compartmentalization, or HAKC, and seeks to impose zero trust on low-level software in the kernel to reduce that amount of damage a bug in the kernel can cause.

What inspired you to pursue your area of research?

Computer security research can be broadly separated into offensive and defensive work. HAKC is a defensive technique, and that’s where I like to be. There is an asymmetry between offense and defense, because attackers need to only be right once, while defenders need to be correct all the time. Because defenders need to be right all the time, doing defensive research is a much more intellectually interesting area for me.

What is a goal you would like to accomplish in your lifetime?

Traveling a full Silk Road route from Turkey to China is a long-term goal of mine. The length, the geography, and political issues make this challenging, but I believe it is possible with enough planning.

What motivates you from day to day?

Honestly, the thought of ruining the well-laid plans of APT (advanced persistent threat) crews around the world is a pretty good motivator for me. Mitigating undisclosed zero-day hacks with something like my HAKC system makes me smile, and I welcome any opportunity to prove our work in more and more systems.