-
Recent Posts
Recent Comments
Arkadiusz Robiński on HTTP Parameter Pollution. So h… c3ret on HTTP Parameter Pollution. So h… Archives
Categories
Meta
Category Archives: Systems Security
About Nexat paper in ACSAC 2011
Last week, our group attended ACSAC 2011. The conference was held in Buena Vista Palace, Orlando, Florida. I presented Nexat paper, and the feedbacks were encouraging. Nexat was a research project in collaboration with Casey Cipriano, and Amir Houmansadr. Nexat tries to solve … Continue reading
Posted in Systems Security
Leave a comment
EXPOSURE: A new service from iSecLab goes online
Last month, in this post, we announced an upcoming service called EXPOSURE which detects domain names that are involved in malicious activities. We perform passive DNS analysis. After a period of testing, finally, we started the beta version of the service. … Continue reading
G-Free: Defeating Return-Oriented Programming and ACSAC 2010
After an adrenaline-inducing trip involving an aircraft breakdown and heavy snowing, I am back from Austin, TX, where I attended ACSAC ’10 together with Davide. Austin is promoted as the “The Live Music Capital of the World”, and it shows: … Continue reading
Posted in Conferences, Systems Security
Tagged 2010, acsac, conference, return oriented programming, rop, talk
Leave a comment
EXPOSURE, a new upcoming service for finding malicious domains using passive DNS analysis
One of the papers we will be presenting in the upcoming NDSS 2011 conference in San Diego will be Leyla‘s work on detecting malicious DNS domains using large-scale passive DNS analysis. We have used EXPOSURE in practice to automatically detect … Continue reading
Anubis – Managing a growing, distributed infrastructure for Binary Analysis [Part I]
As promised in the last blog-post, I will cover some of the internals of our analysis infrastructure for analyzing unknown binaries (Anubis) in a series of posts. With this article, I would like to make a start in that direction, … Continue reading
Digital Signatures and the Austrian Experiment: Our Story
Last year in May, a technical report we published online on the security analysis of the so-called “Citizen Card” in Austria received some press coverage. I noticed that some sites (e.g., the Wikipedia entry for the Citizen Card and a site … Continue reading
Posted in General, Privacy, Systems Security
Leave a comment
FORWARD and SysSec: Attempting to “predict” the future
A couple of weeks ago, I had a déjà vu effect after reading an article that stated that regulators were blaming a computer algorithm for a stock market ‘flash crash’. About a year ago, last November, we were busy creating … Continue reading
Posted in General, Systems Security
Leave a comment
Short report on ACM CCS 2010
Last week, I attended ACM CCS. For the last two years, the conference is being held in Chicago. I think it was a good decision to move. The location in Virginia was always a little difficult to reach, and there … Continue reading