CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site.

Title Venue / Publication Publication Date
Intercepting SAP SNC-protected traffic Troopers
Building a Dynamic Reputation System for DNS In Proceedings of the 19th USENIX Security Symposium
Detecting Malware Domains at the Upper DNS Hierarchy 20th USENIX Security Symposium
The IMDDOS Botnet: Discovery and Analysis

In less than four months, the Chinese IMDDOS Botnet has become one of the largest active botnets in the world.

DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic International Conference on Dependable Systems and Networks (DSN)
Characterizing Malicious Traffic on Cellular Networks: A Retrospective RSA Conference
Getting fun with Frida Ekoparty
Abusing GDI for ring0 exploit primitives: Reloaded Ekoparty
gFuzz: An Instrumented Web Application Fuzzing Environment Hack.Lu 2008, Luxembourg
Windows SMEP bypass: U=S Ekoparty
Power Save Denial of Service in 802.11 Networks Ekoparty 2009
Syscall Proxying - Simulating remote execution Black Hat USA '03
HTML5 Heap Sprays, Pwn All The Things EuSecWest 2012
SAP’s Network Protocols Revisited Troopers 2014 Conference
Abusing the Windows WiFi native API to create a Covert Channel 2011
MD5 to be considered harmful today PacSec'05 Conference, Tokyo, Japan.
Using AI Techniques to improve Pen Testing Automation Hackito Ergo Sum (HES), Paris, France
Pentesting en AWS AWS User Group Argentina
802.11 Massive Monitoring DEF CON 23
Attack Planning in the Real World AAAI 2010
Vulnerability Management at the Crossroads, part I Network Security
An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios ACM CCS Conference 2011
Automating Penetration Tests, Iván Arce - Presentation at the SANS I/O Wargames 2001 conference SANS I/O Wargames conference, September 2001, Washington D.C. USA
Uncovering SAP vulnerabilities: reversing and breaking the Diag protocol Defcon 20 Conference
Breaking Out of VirtualBox through 3D Acceleration REcon 2014