After my last blog, I was asked what other EICAR papers would be of interest to people in the testing industry.
In fact, quite a few of this year’s papers were focused on anti-malware testing and/or detection, and the abstracts for the industry papers are available here, and that may give you a start on finding out which papers have been made available on the web by their authors., (Strangely, I couldn’t find a listing of the academic papers, but you can find a listing of the whole programme here.) I only got hardcopy of the proceedings, and I’m not sure if a conference CD is going to be made available: in other years, I believe it’s been possible to buy a hardcopy version after the conference. There is information on some of the papers published elsewhere, though not necessarily the whole paper.
"Applied Parallel Coordinates for Logs and Network Traffic Attack Analysis", by S. Tricaud et al, which won the best paper award this year, is now available here.
Jean-Marie Borello, Eric Filiol, Ludovic Mé. "Are current antivirus programs able to detect complex metamorphic malware? An empirical evaluation" Doesn’t seem to be available online yet, but there may be more information forthcoming here.
There may be more about "On behavioural detection" by P. Beaucamps available from here.
Some other papers I found interesting: "Raw Assault on a Poly/MetaMoRPhic Engine" by A.S. Issa; "Applied evaluation methodology for anti-virus software" by A. Gazet et al.; "A study of anti-virus’ response to unknown threats" by C. Devine; "Accrediting a Testing Lab under the Auspices of International Standards Organization" by Andrew Hayter et al.; and "Checkvir Realtime Anti Malware testing and Certification" by Ferenc Leitold. Unfortunately, I don’t have information right now on the availability of soft copy of any of these.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence