AVAR Down Under – Security Researchers at Work

ESET will be well represented in papers presented at the AVAR conference in November, but that's not the only interesting content on the agenda.

ESET will be well represented in papers presented at the AVAR conference in November, but that’s not the only interesting content on the agenda.

In the specialist anti-virus industry – though really there are no major companies that only do anti-virus any more – the flurry of conferences that starts to kick in at the end of the summer tends to start winding down with the AVAR (Association of anti-Virus Asia Researchers) International Conference.

This year’s conference in Sydney, appropriately called ‘Security Down Under’,* is the 17th AVAR conference. Wow… It hardly seems yesterday since a speaker at a Virus Bulletin conference invited me to join the fledgling organization, though it wasn’t till 2003 that I actually got there and presented my first AVAR paper. (As it happens, that was also held in Sydney.)

sydney harbour lite 2

The full (and very promising) conference agenda is available here (Day 1) and here (Day 2), including topics such as Hesperbot (presented by Peter Kruse & Yurii Khvyl of CSIS) and some presentations about Android,  but here are a few things that caught my eye (times correct according to the web site as of 28th October 2014):

Day 1:

  • Graham Cluley’s keynote presentation on What 20 years working in the Anti-Virus industry taught me (at 10.00): having known Graham pretty much all that time, I’m confident that he’ll have some interesting reminiscences and insights.
  • Microsoft Anti-Virus: Extortion, Expedience or the Extinction of the AV Industry – The Jury Has Reached A Verdict: by Randy Abrams (NSS Labs). I’ve no doubt Randy’s presentation at 14.35 will be as interesting (and possibly as controversial) as his earlier paper for Virus Bulletin 2006 on Microsoft Anti-Virus:  Extortion, Expedience or the Extinction of the AV Industry: I shall be fascinated to see in what respects his position has changed.
  • That paper is followed at 15.10 by Effectively Testing APT Defences by: Simon Edwards (Dennis Technology Labs), Richard Ford (Florida Institute of Technology), Gabor Szappanos (Sophos). Apart from the impressive security industry credentials of all three presenters, the topic will benefit from the fact that they’ve all put in many hours at the testing coalface with AMTSO, the Anti-Malware Testing Standards Organization.

Day 2:

  • Symantec’s Mark Kennedy talks about theIEEE Anti-Malware Support Service (AMSS), specifically the Clean-file Metadata eXchange (CMX) and the Taggant System at 11.30.
  • Andreas Marx of AV-Test talks about The Internet of Things – Or – Security: The Forgotten Feature (14.10).
  • And 15.20 Ciprian Oprisa & George Cabau of Bitdefender present on POS Malware: Are we really defenseless?

Captain Cook hails a taxi to the conference hotel,
unable to resist all those ESET presentations

ESET is also strongly represented again this year:

  • At 12.30 on November 13th, Peter Kosinar talks about Stealing the internet, one router at a time.
  • At 10.30 on the 14th, Sébastien Duquette talks about Exploitation of CVE-2014-1761 in targeted attack campaigns.
  • And at 12.05 on the 14th, Sebastian Bortnik presents our joint paper on Lemming Aid and Kool Aid: Helping the Community to help itself through Education

If you’re going to be there, do come and say hello!

* If the conference title makes you think Down Under I’m afraid I have to tell you that the occasion doesn’t represent the rebirth of Men at Work. Though ‘Security Researchers at Work’ does sound like an appropriate (if not very catchy) name for a scratch band. ;)

The Rocks lite
Security researchers thinking about the post-conference party

David Harley
Small Blue-Green World
ESET Senior Research Fellow