Category Archives: General

Anubis – Managing a growing, distributed infrastructure for Binary Analysis [Part II]

In part I of this blog post, I summarized how and why the Anubis system has grown into a not only virtually, but also physically distributed analysis service. In part II, I will explain how we tackled the problem of … Continue reading

Posted in Anubis, Binary Analysis, General, Malware Analysis and Detection | Leave a comment

EXPOSURE: A new service from iSecLab goes online

Last month, in this post, we announced an upcoming service called EXPOSURE which detects domain names that are involved in malicious activities. We perform passive DNS analysis. After a period of testing, finally, we started the beta version of the service. … Continue reading

Posted in Botnets, DNS, General, Malware Analysis and Detection, Systems Security | Leave a comment

Apple Sued Over Applications Giving Information to Advertisers

According to this Bloomberg article, a law suit was filed against Apple for allowing applications to give personally identifiable information to advertisement networks without the users’ consent. First off, IANL. However, I feel that my recent work regarding iPhone and … Continue reading

Posted in Binary Analysis, General, Privacy | Leave a comment

BADGERS 2011 Call for Papers

In April, I am co-chairing a new workshop called BADGERS (Building Analysis Datasets and Gathering Experience Returns for Security) with Thorsten. The BADGERS workshop is intended to encourage the development of large scale security-related data collection and analysis initiatives. It will … Continue reading

Posted in Call For Papers, General | Leave a comment

OWASP BeNeLux 2010

I just got back from Holland where I was invited to participate in the annual OWASP BeNeLux conference with a talk on Clickjacking. For the second year, the OWASP chapters of Holland, Belgium and Luxembourg co-organized an event with the … Continue reading

Posted in Conferences, General | Tagged , , | Leave a comment

LEET 11 and Eurosec 11 workshops

I am involved in two interesting workshops next year: LEET and Eurosec. Both events are being partially-organized by iSecLab members. I am chairing Eurosec and Chris is chairing LEET. Both workshops usually have interesting programs and I would encourage the submission … Continue reading

Posted in Call For Papers, General | Leave a comment

Detecting Privacy Leaks in iPhone Applications

In the upcoming NDSS 2011 conference in San Diego, one of the papers our team will be presenting is Manuel‘s work on detecting privacy leaks in iPhone applications. The sales of smartphones have exploded recently — especially because of mobile phone … Continue reading

Posted in Binary Analysis, General, Privacy | Leave a comment

Digital Signatures and the Austrian Experiment: Our Story

Last year in May, a technical report we published online on the security analysis of the so-called “Citizen Card” in Austria received some press coverage. I noticed that some sites (e.g., the Wikipedia entry for the Citizen Card and a site … Continue reading

Posted in General, Privacy, Systems Security | Leave a comment

FORWARD and SysSec: Attempting to “predict” the future

A couple of weeks ago, I had a déjà vu effect after reading an article that stated that regulators were blaming a computer algorithm for a stock market ‘flash crash’. About a year ago, last November, we were busy creating … Continue reading

Posted in General, Systems Security | Leave a comment

Short RAID 2010 Report: A New Threat for Social Networks?

It has been over a month since I returned from the RAID conference in Canada. This year, RAID was organized in Ottawa, the capital. I tend to think that Ottawa was declared “the capital” for its location rather that its … Continue reading

Posted in Conferences, General, Web Security | Tagged , , | Leave a comment