Jack Koziol Heap Overflow Presentation Plagiarism

Thu Nov 24 03:09:06 CST 2011

Jack Koziol of the InfoSec Institute (infosecinstitute.com) gave a presentation at ChicagoCon 2008 titled "Understanding Heap Overflow Exploits". A PDF of the slide deck can be found on ChicagoCon.com or EthicalHacker.net.

The Plagiarism

The following table details Koziol's slides that were taken from other sources, making up 76% of the material (100% if you ignore non-content slides). Given the single source used, it is clear that Koziol willfully infringed copyright and plagiarized most of the material. Given the list of ISI clients he includes on the ISI web site and other presentations, it is disturbing that so many agencies and companies have paid them for services.

Several slides appear to be written by Koziol, but are merely title (#1), biography (#2), introductory (#3), brief history of exploit writing (#4), and closing (#21) slides. Ignoring these slides, 100% of the content of the presentation is taken from a single source without attribution.

Koziol Slide # Original Source
Slide 5 Summarized from p230 of "Buffer Overflow Attacks: Detect, Exploit, Prevent" by James C. Foster
Slide 6 Summarized from p229-230 of same book
Slide 7 Image taken from p233 of same book
Slide 8 Summarized from p232-237 of same book
Slide 9 Image taken from p234 of same book
Slide 10 Text taken from p239 of same book
Slide 11 Text taken from How to Implement Linked Lists in WimpWorks 2 by Charles Talibard
Slide 12 Text taken from p241 of "Buffer Overflow Attacks: Detect, Exploit, Prevent" by James C. Foster
Slide 13 Text taken from p241-242 of same book
Slide 14 Text taken from p243 of same book
Slide 15 Text taken from p245 of same book
Slide 16 Text taken from p246 of same book
Slide 17 Image taken from p246 of same book
Slide 18 Text taken from p246-247 of same book
Slide 19 Image taken from p247 of same book
Slide 20 Image taken from p250 of same book

Total Slides Plagiarised
16 / 16 (100%)

A reader also points us to the accompanying audio track. Around 8:30, Koziol does not appear to realize that the "486 architecture" is still present in modern x86 processors, among other statements that suggest a level of unfamiliarity with the material.

main page ATTRITION feedback