Information Security Resources

CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site

Titlesort descending Authors Publication Date Venue / Publication
alert('A javascript agent') Aureliano Calvo and Diego Tiscornia 01/02/08 Corelabs Technical Report
An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios Carlos Sarraute, Gerardo Richarte, Jorge Lucangeli Obes 10/21/11 ACM CCS Conference 2011
An Analysis of the Slapper Worm Ivan Arce and Elias Levy 01/01/03 IEEE Computer Society - Security & Privacy Magazine, Vol. 1, No. 1
An attack on CRC-32 integrity checks of encrypted channels using CBC and CFB modes Ariel Futoransky, Ariel Pacetti and Gerardo Richarte 01/01/98 Corelabs Technical Report
An Attack on MySQL's Login Protocol Iván Arce, Agustín Azubel, Emiliano Kargieman, Gerardo Richarte, Carlos Sarraute and Ariel Waissbein 01/31/01 CoreLabs Technical Report (arXiv:1006.2411)
An Oblivious Password Cracking Server Aureliano Calvo, Ariel Futoransky, Carlos Sarraute 08/31/12 41th JAIIO
Analyzing OS fingerprints using Neural Networks and Statistical Machinery Javier Burroni and Carlos Sarraute 02/20/06 EUSecWest, London
Anécdotas de seguridad Ariel Waissbein, Ezequiel Gutesman 09/06/12 Congreso Nacional de Estudiantes de Ingenieria en Sistemas de Informacion (CNEISI) 2012
Assume Nothing, Article about design flaws using as example a Microsoft Windows Virtual P Gary McGraw and Iván Arce 04/30/10 InformIT
Attack Planning in the Real World Jorge Lucangeli Obes, Carlos Sarraute and Gerardo Richarte 07/12/10 AAAI 2010
Attacker-centric risk assessment and metrics (spanish) Ezequiel Gutesman, Fernando Miranda 10/21/09 Forum of Incident Response and Security Teams, FIRST 2009, Santiago, Chile
Automated SQL Ownage Techniques Sebastian Cufre (presented by Fernando Russ) 03/24/10 CanSecWest Vancouver 2010
Automated SQL Ownage Techniques (OWASP) Sebastian Cufre 10/30/09 OWASP AppSec Brasil 2009
Automating Penetration Tests - a new challenge for the IS industry? Ivan Arce and Max Caceres 07/11/01 Black Hat Briefings, Las Vegas, July 11-12, 2001
Automating Penetration Tests, Iván Arce - Presentation at the SANS I/O Wargames 2001 conference Iván Arce 09/26/01 SANS I/O Wargames conference, September 2001, Washington D.C. USA