Virus Bulletin and AVAR: a conference paper is for life

As 2014 draws to a close, so does the security conference season, for the moment. However, a conference paper is for life, not just Christmas. (Well, I try to keep all mine available, even though some of the earlier ones are mostly only of historical interest.)

Since the Virus Bulletin conference in September, Martijn Grooten has published a series of blogs about papers from the conference that have been made available on the VB site, including a paper by Jean-Ian Boutin in which he discusses the commoditization of web injects, and a paper by Eugene Rodionov, Aleksandr Matrosov and myself on the continuing evolution of bootkits.

• VB2014 paper: The evolution of webinjects
• VB2014 paper: Bootkits: past, present & future

The blogs include links to the papers in HTML and PDF formats, and the slide decks, all of which are available on the Virus Bulletin web site, and the videos on VB’s YouTube channel, which show the slides as background to the audio from the actual presentation.

A quick link for the Bootkit paper is here (PDF), and for the Bootkit presentation here. The webinjects paper is here (PDF), and the corresponding presentation here. Much more information is given in the Virus Bulletin blog articles. The blog series also includes similar articles linking to other papers and presentations from VB2004.

Meanwhile, I’ve recently returned from the AVAR conference in Sydney. So recently, in fact, that while my body is in the UK, my head still seems to be in a time zone East of Java. But I do remember that Sebastian Bortnik did a great job of presenting our paper Lemming Aid and Kool Aid: Helping the Community to help itself through Education. That paper is now available here.  There’ll be a blog or two expanding on the topic shortly.

I don’t know if there are any such plans for Peter Kosinar’s presentation on Stealing the internet, one router at a time or Sébastien Duquette’s talk about Exploitation of CVE-2014-1761 in targeted attack campaigns, but both were well received.

However, the presentation voted top of the AVAR pops was Graham Cluley’s keynote, possibly because of his indescribable rendition of his AntiVirus Industry Song. Hard though that is to credit. But he did promise never to sing it again. (We can but hope.)

The same may not be true of the motley crew of slightly more musical security researchers who couldn’t resist getting up to play at the party after the conference: after all, it’s become almost traditional to have such an event at the end of meetings in which ESET has had a hand. Here’s a sample courtesy of YouTube and Andreas Marx…

And the boomerang? A gift from the conference organizers to presenters. Fortunately, I rather like it: I hear it can be really frustrating trying to throw one away.

David (Boom! Boom!) Harley
Small Blue-Green World
ESET Senior Research Fellow