CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site.

Title	Venue / Publication	Publication Date
Intercepting SAP SNC-protected traffic	Troopers	03/21/17
Building a Dynamic Reputation System for DNS	In Proceedings of the 19th USENIX Security Symposium	03/20/17
Detecting Malware Domains at the Upper DNS Hierarchy	20th USENIX Security Symposium	03/20/17
The IMDDOS Botnet: Discovery and Analysis	In less than four months, the Chinese IMDDOS Botnet has become one of the largest active botnets in the world.	03/20/17
DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic	International Conference on Dependable Systems and Networks (DSN)	03/20/17
Characterizing Malicious Traffic on Cellular Networks: A Retrospective	RSA Conference	03/20/17
Getting fun with Frida	Ekoparty	10/30/16
Abusing GDI for ring0 exploit primitives: Reloaded	Ekoparty	10/30/16
gFuzz: An Instrumented Web Application Fuzzing Environment	Hack.Lu 2008, Luxembourg	05/19/16
Windows SMEP bypass: U=S	Ekoparty	05/19/16
Power Save Denial of Service in 802.11 Networks	Ekoparty 2009	05/19/16
Syscall Proxying - Simulating remote execution	Black Hat USA '03	05/19/16
HTML5 Heap Sprays, Pwn All The Things	EuSecWest 2012	05/19/16
SAP’s Network Protocols Revisited	Troopers 2014 Conference	05/19/16
Abusing the Windows WiFi native API to create a Covert Channel	Hack.lu 2011	05/19/16
MD5 to be considered harmful today	PacSec'05 Conference, Tokyo, Japan.	05/19/16
Using AI Techniques to improve Pen Testing Automation	Hackito Ergo Sum (HES), Paris, France	05/19/16
Pentesting en AWS	AWS User Group Argentina	05/19/16
802.11 Massive Monitoring	DEF CON 23	05/19/16
Attack Planning in the Real World	AAAI 2010	05/19/16
Vulnerability Management at the Crossroads, part I	Network Security	05/19/16
An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios	ACM CCS Conference 2011	05/19/16
Automating Penetration Tests, Iván Arce - Presentation at the SANS I/O Wargames 2001 conference	SANS I/O Wargames conference, September 2001, Washington D.C. USA	05/19/16
Uncovering SAP vulnerabilities: reversing and breaking the Diag protocol	Defcon 20 Conference	05/19/16
Breaking Out of VirtualBox through 3D Acceleration	REcon 2014	05/19/16

CoreLabs Information Security Publications

Identity Governance

Cyber Threat