Information Security Resources

CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site

Title Authors Publication Date Venue / Publication
The ND2DB attack: Database content extraction using timing attacks on the indexing algorithms Ariel Futoransky, Damian Saura, and Ariel Waissbein. 08/13/07 First Workshop on Offensive Technologies (WOOT `07)
OpenBSD Remote Exploit Alfredo Ortega and Gerardo Richarte 08/13/07 Black Hat USA 2007 Briefings, August 1-2, 2007. Las Vegas, NV, USA.
A dynamic technique for enhancing the security and privacy of web applications Futoransky, Ariel; Gutesman, Ezequiel; Waissbein, Ariel. 08/13/07 Black Hat USA 2007 
Simulation of Computer Network Attacks Fernando Miranda, Jose Orlicki and Carlos Sarraute 08/01/07 Argentine Symposium on Computing Technology (AST) 2007
Timing Attacks for Recovering Private Entries From Database Engines Ariel Futoransky, Damian Saura, and Ariel Waissbein 08/01/07 Black Hat USA 2007 
Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun & profit Iván Arce 07/31/07 15th USENIX Security Symposium, July 31st –August 4th 2006, Vancouver, B.C. Canada
Enforcing Privacy in Web Applications A. Futoransky and A. Waissbein 10/11/05 Third Annual Conference on Privacy, Security and Trust. October 12-14, 2005. The Fairmont Algonquin, St. Andrews , New Brunswick, Canada.
Crypto in Forensics and Reverse-engineering Ariel Futoransky, Gerardo Richarte and Ariel Waissbein 10/06/05 FIRST Technical Colloquium. October 6, 2005. Palacio San Martín, Buenos Aires, Argentina.
Tendencias de ataque en seguridad informática Iván Arce 10/03/05 2005 FIRST Technical Colloquium, Buenos Aires, Argentina
Advanced Software Protection Now Diego Bendersky, Ariel Futoransky, Luciano Notarfrancesco, Carlos Sarraute and Ariel Waissbein. 01/27/03 CoreLabs Technical Report (arXiv:1006.2356)
An Analysis of the Slapper Worm Ivan Arce and Elias Levy 01/01/03 IEEE Computer Society - Security & Privacy Magazine, Vol. 1, No. 1
About Exploits Writing, Gerardo Richarte Gerardo Richarte 12/03/02 G-CON 1, ITESM Campus Estado de Mexico, Mexico
Four different tricks to bypass StackShield and StackGuard protection Gerardo Richarte, April 24, 2002 04/24/02 Corelabs Technical Report
Bug Hunting: The Seven Ways of the Security Samurai Iván Arce 04/01/02 IEEE Computer Magazine, Security and Privacy supplement, April 2002, pp. 11-15
Automating Penetration Tests, Iván Arce - Presentation at the SANS I/O Wargames 2001 conference Iván Arce 09/26/01 SANS I/O Wargames conference, September 2001, Washington D.C. USA