Conference Papers
White Papers

Fake But Free and Worth Every Cent

Two years on from “Is there a lawyer in the lab”, greyware and Possibly Unwanted Applications offer serious challenges for security vendors.
First published in Virus Bulletin 2011 Conference Proceedings*

By Robert Lipovsky, Daniel Novomesky, Juraj Malcho .
Download

Daze of Whine and Neuroses

The Anti-Malware Testing Standards Organization (AMTSO) has shaken up the AV testing world and attracted much controversy. But has it outlived its usefulness? And what is the future of detection testing?
First published in Virus Bulletin 2011 Conference Proceedings*

By David Harley and Larry Bridwell .
Download

Security Software & Rogue Economics: New Technology or New Marketing?

Presented at the 2011 EICAR conference in May 2011, this paper contrasts existing malicious and legitimate technology and marketing, considering ways in which integration of security packages might mitigate the current wave of fake applications and services.

By David Harley .
Download

The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet

This paper, presented at the Annual Computer Security Applications Conference (2010), and to which ESET’s Pierre-Marc Bureau was a contributor, discusses alternative approaches to understanding botnet mechanisms, using “in the lab” experiments involving at-scale emulated botnets.

By Joan Calvet, Carlton R. Davis, José M. Fernandez, Jean-Yves Marion, Pier-Luc St-Onge, Wadie Guizani, Pierre-Marc Bureau, and Anil Somayaji .
Download

Test Files and Product Evaluation: the Case for and against Malware Simulation

This paper, presented at the 2010 AVAR conference summarizes the kind of problems that arise when simulated malware is used inappropriately in detection testing, with particular emphasis on the history and correct use of the EICAR test file.

By David Harley, Lysa Myers and Eddy Willems .
Download

Large-Scale Malware Experiments: Why, How, And So What?

How and why a group of researchers replicated a botnet for experimental purposes, and what use they made of the results.
First published in Virus Bulletin 2010 Conference Proceedings*

By Joan Calvet, Jose M. Fernandez, Pierre-Marc Bureau, and Jean-Yves Marion .
Download

AV Testing Exposed

Considers the good, the bad, and the ugly in comparative testing, and explores how to lie (or even inadvertently mislead) with detection statistics.
First published in Virus Bulletin 2010 Conference Proceedings*

By Peter Kosinár, Juraj Malcho, Richard Marko, and David Harley .
Download

Call of the WildList: Last Orders for WildCore-Based Testing?

Does WildList testing still have a place in testing and certification when dynamic and whole product testing methodologies are now preferred in most testing contexts?
First published in Virus Bulletin 2010 Conference Proceedings*

By David Harley and Andrew Lee .
Download

SODDImy and the Trojan Defence

This paper looks at the implications in the age of the botnet of the “Some Other Dude Did It” and “it must have been a Trojan” defences against conviction for possession of illegal material, especially pornography.
Presented at the 4th Cybercrime Forensics Education & Training (CFET 2010) Conference in September 2010.

By David Harley .
Download

Antivirus Testing and AMTSO: Has Anything Changed?

A summary of how the Anti-Malware Testing Standards Organization has developed in the past few years and the way in which the AV and testing industries have responded to those developments.
Presented at the 4th Cybercrime Forensics Education & Training (CFET 2010) Conference in September 2010.

By David Harley .
Download
1234

Follow Us

FacebookYoutubeTwitterLinkedInGoogle+RSS

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.