CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site.

Title Venue / Publication Publication Date
Intercepting SAP SNC-protected traffic Troopers
Detecting Malware Domains at the Upper DNS Hierarchy 20th USENIX Security Symposium
Building a Dynamic Reputation System for DNS In Proceedings of the 19th USENIX Security Symposium
The IMDDOS Botnet: Discovery and Analysis

In less than four months, the Chinese IMDDOS Botnet has become one of the largest active botnets in the world.
DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic International Conference on Dependable Systems and Networks (DSN)
Characterizing Malicious Traffic on Cellular Networks: A Retrospective RSA Conference
Getting fun with Frida Ekoparty
Abusing GDI for ring0 exploit primitives: Reloaded Ekoparty
Automating Penetration Tests, Iván Arce - Presentation at the SANS I/O Wargames 2001 conference SANS I/O Wargames conference, September 2001, Washington D.C. USA
An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios ACM CCS Conference 2011
An in-depth examination of IP cameras attack surface Ekoparty 2013
Uncovering SAP vulnerabilities: reversing and breaking the Diag protocol Defcon 20 Conference
Breaking Out of VirtualBox through 3D Acceleration REcon 2014
Vulnerability Management at the Crossroads, part I Network Security
Attack Planning in the Real World AAAI 2010
Windows SMEP bypass: U=S Ekoparty
Power Save Denial of Service in 802.11 Networks Ekoparty 2009
Syscall Proxying - Simulating remote execution Black Hat USA '03
HTML5 Heap Sprays, Pwn All The Things EuSecWest 2012
SAP’s Network Protocols Revisited Troopers 2014 Conference
Abusing the Windows WiFi native API to create a Covert Channel Hack.lu 2011
MD5 to be considered harmful today PacSec'05 Conference, Tokyo, Japan.
Using AI Techniques to improve Pen Testing Automation Hackito Ergo Sum (HES), Paris, France
Pentesting en AWS AWS User Group Argentina
802.11 Massive Monitoring DEF CON 23