info@coresecurity.com  | +1.617.399.6980 | Contact Us

• Solutions
  • Solutions Overview
    • About Our Solutions
    • Determine Exposure to Real-World Threats
    • Perform Continual, Automated Testing
    • Assess Security Across IT Layers
    • Validate Security Controls
    • Connect Security Data to Business Risk
  • Solutions by Industry
    • Financial Services
    • Government
    • Health Care
      • Respond to the HITECH ACT
      • Validate HIPAA Compliance
      • Limit Unauthorized Insider Activities
      • Maximize limited security staffing
      • Drive down Web-based Security Risks
      • Insulate Your Networks from Unauthorized Devices
      • Diminish the Impact of Social Engineering
      • Validate security investments
    • Higher Education
      • Overview
      • Assess exposure to potential data breaches
      • Insulate networks from unmanaged devices
      • Limit unauthorized insider activities
      • Drive down web-based security risks
      • Maximize limited security staffing
      • Diminish the impact of social engineering
      • Validate security investments
      • Meet compliance demands
    • Retail
  • Solutions for Compliance
    • CAG
    • FFIEC
    • FISMA / NIST
      • NIST 800-137
      • NIST 800-39
      • NIST 800-53
    • GLBA
    • HIPAA
    • PCI
    • SOX
    • Validate Security Controls
• Products
  • Products Overview
  • CORE INSIGHT Enterprise
    Security Intelligence Solution
    • Overview
    • How It Works
    • Dashboards
    • Reports
    • What's New
    • Demos
      • CORE Insight Videos
    • Data Sheets and White Papers
    • Comparing CORE INSIGHT to CORE IMPACT
    • How to Buy
  • CORE IMPACT Pro
    Penetration Testing Software
    • Overview
    • What It Tests
      • End-User Security Awareness
      • Endpoint Systems
      • Mobile Devices
      • Network Devices
      • Network Systems
      • Web Applications
      • Wireless Networks
      • IPS/IDS, Firewalls and Other Defenses
      • Vulnerabilities Identified by Scanners
    • Commercial-Grade Exploits
      • Overview
      • Recent Exploits and Updates
      • How Our Exploits Work
      • About Our Client-Side Exploits
      • About Our Agents
    • Vulnerability Scanner Integration
    • Reporting
    • What's New
      • Version 12.3
      • Version 12
      • Version 11
    • Demos
      • Impact
    • Data Sheets, White Papers and Other Resources
    • Intro To Penetration Testing
      • What Is Penetration Testing?
      • Comparing Security Testing Options
      • What To Look For
      • Independent Penetration Testing Resources
      • Conducting Penetration Tests
    • Comparing CORE IMPACT to CORE INSIGHT
    • Training, Certification and Support
    • How to Buy
  • Core WebVerify Web
    Application Security Testing Software
    • Overview
    • Web Application Vulnerability Coverage
    • WebVerify vs. Scanners
    • Reveal Implications of Application Vulnerabilities
  • Core CloudInspect Cloud Security Testing for AWS
  • Demos and Evaluations
  • The Research Behind Our Products
  • Why Our Products are Safe
  • How to Buy
• Services
  • Services Overview
  • Core Security Consulting
    Services
    • Overview
    • Comprehensive Penetration Testing
    • Application Penetration Testing
    • Web Services Security Assessment
    • Source Code Auditing
    • Wireless Penetration Testing
    • Leading-Edge Technology Testing
    • How to Buy
  • CORE IMPACT Professional Services
    • Overview
    • Web Application Penetration Testing Services
    • Network Penetration Testing Services
    • Client-Side Penetration Testing Services
    • Wireless Network Penetration Testing Services
    • Benefits
    • How to Buy
• CoreLabs Research
  • CoreLabs Overview
  • Research Projects
  • Advisories
  • Publications
    • Presentations and Papers
    • Journals and Magazines
    • Internet Articles
  • Open Source Projects
  • CoreLabs Extranet Site
• News & Events
  • News & Events Overview
  • Events and Webcasts
    • Webcasts
    • Conferences
    • Speaking Engagements
  • News
    • Press Releases
    • In The News
  • Reviews
  • Awards
• Partners
  • Partners Overview
  • Strategic Partners
    • Business Partners
    • Technology Partners
  • Training Partners
    • CICT Training and Certification
  • Using Core's Products in Your Consulting Practice
• Company
  • Company Overview
  • Management Team
  • Board of Directors
  • Customers
    • Success Stories
  • Careers
  • Contact Us
• Blog
• Customer Portal

Home :: CoreLabs Research :: Research Projects

Research Projects

• CoreLabs Research

• CoreLabs Overview

• Research Projects

• Advisories

• Publications
  • Presentations and Papers
  • Journals and Magazines
  • Internet Articles

• Open Source Projects

• CoreLabs Extranet Site

PRACTICAL AND THEORETICAL RESEARCH TOPICS IN INFORMATION SECURITY

The CoreLabs team is focused on producing sound theories that help formalize information security solutions and techniques. We aim to quantify the security of pragmatic solutions and attack practical problems with the full force of theoretical computer science, mathematics and engineering. Our efforts allow us to anticipate future trends and to research alternate approaches to common information security problems.

Project Resources:

MD5 Flaws:

Richarte, Gerardo; "MD5 to be considered harmful today". PacSec, November, 2005. Tokyo, Japan.

Richarte, Gerardo; "Two executable files with the same MD5 hash, crc32, checksum32 and checksum16". December, 2005

Richarte, Gerardo; "Two executables with the same MD5 hash". November, 2005

Richarte, Gerardo; "Eight files with the same MD5 hash ". November, 2005

More resources:

Burroni, Javier | Sarraute, Carlos; " Using Neural Networks for remote OS Identification ". PacSec, November 2005. Tokyo, Japan.

Waissbein, Ariel ; " Una técnica de protección para agentes móviles contra estaciones (hosts) maliciosas ". III Congreso Iberoamericano de Seguridad Informática (CIBSI), November 2005. Valparaiso, Chile.

Futoransky, Ariel | Waissbein, Ariel; " Aplicaciones Web, Privacidad y Vulnerabilidades ". (Talk given at Universidad Nacional de La Plata - Spanish, November, 2005). Buenos Aires, Argentina.

Arce, Ivan; " Attack Trends - The Land of the Blind ", IEEE Computer Society - Security & Privacy Magazine, Vol. 3, No. 4, 2005 .

Arce, Ivan; " Tendencias en Ataques Informáticos ". (Talk given in October 2005 FIRST Technical Colloquium, October 6, 2005). Palacio San Martín, Buenos Aires, Argentina

Futoransky, Ariel | Richarte, Gerardo | Waissbein, Ariel; "Cryptography on Forensics and Reverse Engineering". (Talk given in October 2005 FIRST Technical Colloquium, October 6, 2005). Palacio San Martín, Buenos Aires, Argentina.   [See event description here ]

Arce, Ivan; " Attack Trends - Bad Peripherals ", IEEE Computer Society - Security & Privacy Magazine, Vol. 3, No. 1, 2005 .

Arce, Iván; " Nuevos Ataques y Nuevas Tendencias en Seguridad Informática ", (Presentation), Computer Security Mexico, 2004 .

Futoransky, Ariel | Kargieman, Emiliano | Sarraute, Carlos | Waissbein, Ariel; " El Complicado Arte de (des)cubrir Grietas en la Seguridad Informática ", (Talk given at Facultad de Ciencias Exactas y Naturales - Spanish), Buenos Aires, Argentina, 2004 .

Arce, Ivan; " Attack Trends - The Shellcode Generation ", IEEE Computer Society - Security & Privacy Magazine, Vol. 2, No. 5, 2004 .

Futoransky, Ariel | Kargieman, Emiliano | Sarraute, Carlos | Waissbein, Ariel; " Prolegómeno a la Seguridad Informática ", (Four lectures course given to the doctorate candidates of ITBA University - Spanish), Buenos Aires, Argentina, 2004 .

Arce, Ivan; " Attack Trends - The Kernel Craze ", IEEE Computer Society - Security & Privacy Magazine, Vol. 2, No. 3, 2004 .

Kargieman, Emiliano | Richarte, Gerardo; " Seguridad de la Información ", (Five lectures and exam - Escuela de Verano de Ciencias Informáticas, Universidad de Rio Cuarto - Spanish), Córdoba, Argentina, 2004 . (5.4 MB)

Arce, Ivan; " More Bang For the Bug: An Account of 2003's Attack Trends ", IEEE Computer Society - Security & Privacy Magazine, Vol. 2, No. 1, 2004 .

Waissbein, Ariel; " Modelos de Seguridad Informática (Software Protection) ", (Talk given at Universidad Nacional de Rosario - Spanish), 2004 .

Arce, Ivan; " Attack Trends - The Rise of the Gadgets ", IEEE Computer Society - Security & Privacy Magazine, Vol. 1, No. 5, 2003 .

Arce, Iván | Richarte, Gerardo; " State of the art Security from an attacker's viewpoint ", (Presentation), Pacific Security, Japan, 2003 .

Arce, Ivan; " Attack Trends - The Weakest Link Revisited ", IEEE Computer Society - Security & Privacy Magazine, Vol. 1, No. 2, 2003 .

Richarte, Gerardo; " Modern Intrusion Practices ", (Presentation), Black Hat, 2003 .

Arce, Ivan | Levy, Elias; " Attack Trends - An Analysis of the Slapper Worm ", IEEE Computer Society - Security & Privacy Magazine, Vol. 1, No. 1, 2003 .

Futoransky, Ariel | Ochoa, Hernán; " Security in the Microsoft® .NET Framework ", (An Analysis by Core Security Technologies and Foudnstone, Inc.), 2002 .

Futoransky, Ariel | Sarraute, Carlos | Waissbein, Ariel; " Un Zoom Práctico de la Criptología Moderna ", (Invited lecture IEEE, Universidad Argentina de la Empresa - Spanish), Buenos Aires, Argentina, 2002 .

Arce, Iván; " Bug Hunting: The Seven Ways of the Security Samurai ", Security & Privacy - Supplement to Computer Magazine, IEEE Computer Society, 2002 .

Sarraute, Carlos | Waissbein, Ariel; " Criptología y Seguridad de la Información ", (Talk given at the Universidad Tecnológica Nacional - Spanish), 2002 .

Arce, Iván; " Vulnerability Reporting: Bugs in the Bug Reporting Process ", TISC Insight Newsletter (The Internet Security Conference), Volume 3, Issue 3. IEEE Computer Society, 2001 .

Kargieman, Emiliano; " The Security Process ", (Presentation), 2001 .

« Back to Projects List

Related Content