- M.S., Computer Science, Georgia Institute of Technology, Atlanta, GA, 2021
- B.S., Computer Science with Honors, United States Military Academy, West Point, NY, 2017
GPA: 3.41, GPA in Major: 3.64, Class Rank: 223 out of 1006
2022 - Present: Bogart Associates of Northern Virginia (formerly Blue Star Cyber)
2017 - 2022: U.S. Army Cyber
Lead Unix vulnerability researcher and project lead; supervised and mentored ten junior researchers. Developed harnesses to run and fuzz cross-architecture user-level Linux applications without source code. Documented and reported vulnerabilities and proofs of concept. Created a continuous deployment pipeline to receive immediate customer feedback on vulnerabilities. Interfaced with customers to drive research requirements in an agile manner. Managed developer infrastructure, including on-premises GitLab, Ghidra server, and Mayhem.
S. Deaton, "What Makefile? Detecting Compiler Information Without Source Using The Code Property Graph," IEEE Trust, Privacy and Security in Intelligent Systems, and Applications. In Press.
S. Deaton, D. Brownfield, L. Kosta, Z. Zhu, and S. J. Matthews,
“Real-time Regex Matching with Apache Spark™,” in 2017 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1-6, Sept 2017. 10.1109/HPEC.2017.8091063.
D. Brownfield, S. Deaton, L. Kosta, Z. Zhu, and S. J. Matthews,
“Leveraging Apache Spark™ for Real-Time Regex Matching on Bro Log Data.” Consortium for Computing Science in Colleges - Northeastern Region (CCSC NE'17), Undergraduate Research Competition, Best Poster, Albany NY (Also won 4th place at HPC Day in Dartmouth MA in May 2017), April 2017. [poster]
S. Deaton, S. Hutchison, and S. J. Matthews,
“Using Machine Learning to Predict the Popularity of Reddit Comments,” in HPC Insights Magazine, 2017. (Invited).
- Game Boy Architecture and Development (2020)
- Drinking for Science: Using Machine Learning to Make the Perfect Cocktail (2018)
- Real Time Regex Matching with Apache Spark™ (2017)
Open Source Contributions
No, I don't just go around fixing typos. However, I try to leave things better than I found them. The same philosophy extends to software.
- rust-fuzz book
- karateclub (the machine learning kind!)
- Binary Ninja API
- Git Large File System (LFS)
- Corellium API
- Google syzkaller
Conferences Attended and Invited
- Recon 2022
- ShmooCon: 2022, 2020, 2018, 2017, 2015, and 2014.
- AvengerCon: 2019 and 2018 (invited).
- IEEE High Performance Extreme Computing (HPEC): 2017 (invited).
- DefCon: 2016.
- BlackHat: 2016.
- SAE Battle Cyber Auto-Challenge: 2016.
- JailbreakCon: 2013.
- Introduction to Ghidra and Software Engineering (2022).
- iOS Attack and Defend (2022).
Program Analysis For Vulnerability Research with Sophia D'Antoine and Jordan Wiens
Vulnerability Discovery and Exploitation with Jeremy Blackthorne
My experience in life. 📈