Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.)
To conform with EICAR's usual copyright requirements, the paper is available on my own web page, not ESET's white papers page (though our web folks have kindly put up a link there). However, I'm working on a version of the presentation/speaker notes, since some of the content is significantly different in emphasis to the original paper, and that will appear on the white papers page quite soon.
Here are a few impressions of the conference, though some of these points are likely to be expanded on later. I've already cited a fascinating paper by ESIEA's Eric Filiol and Alan Zaccardelle here and here, though I've only really talked about one of the issues they raised, so I may well come back to that. Unfortunately I was unable to get to Rainer Fah's opening presentation -somehow, some email insists on being prioritised, even when I'd rather be at the conference – but we did have a lengthy conversation on the mutual interests of EICAR and AMTSO as regards the raising of testing standards, and I hope we'll be able to pursue that discussion in the near future.
Trend's Morton Swimmer and GData's Ralf Benzmueller presented particularly forceful "position statements" on the current and future threat and counterthreat landscapes, and if either presentation becomes available on the web, I'll put a pointer up here: both were notably neat summations. Dr Web's Boris Sharov also offered an excellent overview presentation, and Morton, Ralf, Boris and Eric all participated in a panel session moderated by Rainer on Cyber War, a pivotal topic and persistent thread in this year's conference. Along with these and other interesting industry papers, a number of more academic papers on topics such as "Algorithmic Detection of Malware by Semantic Signatures", "Malware spectral analysis: security evaluation of Bayesian network", and "A Graph Matching Algorithm for Binary Malware Analysis via Normalized Compression Distance between Functions" also conspired to stretch our brains. And for those of us concerned about the additional complications introduced by the shift to mobile computing, papers on Android and Symbian gave us further food for thought.
EICAR isn't the largest event of the conference year, but never fails to stimulate with the range of its content. Good to see some of the guys from our labs in Slovaki there, too.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow
Author David Harley, We Live Security