Information Security Resources

CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site

Title Authors Publication Datesort ascending Venue / Publication
A Penetration Testing Learning Kit Ariel Waissbein 04/23/08 Troopers08, April 23-24, 2008. Munich, Germany
Timing Attacks for Recovering Private Entries From Database Engines (RSA Conference) Ariel Waissbein. Joint work with Ariel Futoransky, Damian Saura and Pedro Varangot 04/07/08 RSA Conference 2008
Using Neural Networks to improve classical Operating System Fingerprinting techniques Carlos Sarraute and Javier Burroni 03/01/08 Electronic Journal of SADIO, Vol. 8, No. 1, pp. 35–47 (2008)
alert('A javascript agent') Aureliano Calvo and Diego Tiscornia 01/02/08 Corelabs Technical Report
Efficient Inversion of Rational Maps over Finite Fields Antonio Cafure, Guillermo Matera and Ariel Waissbein 12/01/07 Institute for Mathematics and its Applications (IMA) Volume 146
Agent Oriented SQL Abuse Fernando Russ, Diego Tiscornia 11/29/07 Pacsec '07, Nov 2007. Tokyo, Japan
Zombie 2.0 Fernando Russ, Diego Tiscornia 10/18/07 Hack.lu. '07
Smartphones (in) security Nicolas Economou and Alfredo Ortega 10/02/07 Ekoparty '08
Ghost in the Virtual Machine Iván Arce 08/16/07 IEEE Security and Privacy, vol.5, no.4
The ND2DB attack: Database content extraction using timing attacks on the indexing algorithms Ariel Futoransky, Damian Saura, and Ariel Waissbein. 08/13/07 First Workshop on Offensive Technologies (WOOT `07)
OpenBSD Remote Exploit Alfredo Ortega and Gerardo Richarte 08/13/07 Black Hat USA 2007 Briefings, August 1-2, 2007. Las Vegas, NV, USA.
A dynamic technique for enhancing the security and privacy of web applications Futoransky, Ariel; Gutesman, Ezequiel; Waissbein, Ariel. 08/13/07 Black Hat USA 2007 
Simulation of Computer Network Attacks Fernando Miranda, Jose Orlicki and Carlos Sarraute 08/01/07 Argentine Symposium on Computing Technology (AST) 2007
Timing Attacks for Recovering Private Entries From Database Engines Ariel Futoransky, Damian Saura, and Ariel Waissbein 08/01/07 Black Hat USA 2007 
Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun & profit Iván Arce 07/31/07 15th USENIX Security Symposium, July 31st –August 4th 2006, Vancouver, B.C. Canada