AV Testing Exposed

Considers the good, the bad, and the ugly in comparative testing, and explores how to lie (or even inadvertently mislead) with detection statistics.
First published in Virus Bulletin 2010 Conference Proceedings*

Call of the WildList: Last Orders for WildCore-Based Testing?

Does WildList testing still have a place in testing and certification when dynamic and whole product testing methodologies are now preferred in most testing contexts?
First published in Virus Bulletin 2010 Conference Proceedings*

SODDImy and the Trojan Defence

This paper looks at the implications in the age of the botnet of the “Some Other Dude Did It” and “it must have been a Trojan” defences against conviction for possession of illegal material, especially pornography.
Presented at the 4th Cybercrime Forensics Education & Training (CFET 2010) Conference in September 2010.

Antivirus Testing and AMTSO: Has Anything Changed?

A summary of how the Anti-Malware Testing Standards Organization has developed in the past few years and the way in which the AV and testing industries have responded to those developments.
Presented at the 4th Cybercrime Forensics Education & Training (CFET 2010) Conference in September 2010.

Real Performance?

This paper objectively evaluates the most common performance testing models (as opposed to detection testing) used in anti-malware testing, highlighting potential pitfalls and presenting recommendations on how to test objectively and how to spot a potential bias.
First presented at EICAR 2010 and published in the Conference Proceedings.

View more

Perception, Security, and Worms in the Apple

Apple’s customer-base has rejoined the rest of the user community on the firing line. This paper will compare the view from Apple and the community as a whole with the view from the anti-virus labs of the actual threat landscape.
First presented at EICAR 2010 and published in the Conference Proceedings.

Macs and Macros: the State of the Macintosh Nation

This 1997 paper reviews the shared history of viruses and the Mac, summarizes the 1997 threatscape, and considers possibilities and strategies for the future. It’s been made available for historical interest because so many people asked about it at EICAR 2010.
First published in Virus Bulletin 1997 Conference Proceedings.*

Please Police Me

This paper looks at the ethical, political and practical issues around the use of “policeware”, when law enforcement and other legitimate agencies use “cybersurveillance” techniques based on software that resembles some forms of malware in its modus operandi.
First presented at AVAR 2009 in Kyoto, and published in the Conference Proceedings.*

Malware, Marketing and Education: Soundbites or Sound Practice?

This paper considers the practical, strategic and ethical issues that arise when the security industry augments its marketing role by taking civic responsibility for the education of the community as a whole.
First presented at AVAR 2009 in Kyoto, and published in the Conference Proceedings.*

Malice Through the Looking Glass: Behaviour Analysis for the Next Decade

This paper considers steps towards a holistic approach to behaviour analysis, using both social and computer science to examine the behaviours by both criminals and victims that underpin malware dissemination.
First published in Virus Bulletin 2009 Conference Proceedings.*

Whatever Happened to the Unlikely Lads? A Hoaxing Metamorphosis

This paper traces the evolution of email-borne chain letters, from crude virus hoaxes to guilt-tripping semi-hoaxes, and examines both their (generally underestimated) impact on enterprises and individuals, and possible mitigations.
First published in Virus Bulletin 2009 Conference Proceedings.*

Is there a lawyer in the lab?

This paper by the Head of ESET’s Virus Laboratory explores the complex legal problems generated by applications that can’t be called out-and-out malware, but are nevertheless potentially unsafe or unwanted.
First published in Virus Bulletin 2009 Conference Proceedings.*

The Game of the Name: Malware Naming, Shape Shifters and Sympathetic Magic

This paper follows up on “A Dose By Any Other Name”, explaining why sample glut and proactive detection have sounded the death knell of the “one detection per variant” model.
Presented at the 3rd Cybercrime Forensics Education & Training (CFET 2009) Conference in September 2009.

Execution Context in Anti-Malware Testing

This paper explains why comparative test results based on static testing may seriously underestimate and misrepresent the detection capability of some products using proactive, behavioural techniques such as active heuristics and emulation.
First published in EICAR 2009 Conference Proceedings.

Understanding and Teaching Bots and Botnets

Second in a series illustrating innovative ways of teaching the concepts behind a major security issue, the paper illustrates how botmasters capture computers and “recruit” them into virtual networks to use them for criminal purposes.
First published in Virus Bulletin 2008 Conference Proceedings.*

People Patching: Is User Education Of Any Use At All?

Presents the arguments for and against education as an antimalware tool, and how to add end users as an extra layer of protection in a defense-in-depth strategy.
AVAR Conference 2008

Who Will Test The Testers?

Making anti-malware testers and certifying authorities pdf accountable for the quality of their testing methods and the accuracy of the conclusions they draw, based on that testing.
First published in 2008 Virus Bulletin Conference Proceedings.*

A Dose By Any Other Name

Tries to answer questions like; why is there so much confusion about naming malware? Is ‘Do you detect virus X?’ the wrong question in today’s threat landscape?
First published in Virus Bulletin 2008 Conference Proceedings.*

Understanding and Teaching Heuristics

Understanding and teaching the basic concepts behind heuristic analysis and how it is used in the anti-malware industry.
AVAR Conference 2007

Teach Your Children Well – ICT Security and the Younger Generation

Research based on surveys in Belgium and the UK on teenage understanding of internet security issues.
First published in 2005 Virus Bulletin Conference Proceedings.*

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.