Monthly Archives: Jun 2013

CFET Paper (5)

Posted on Jun 26, 2013 by David Harley

My most recent CFET paper, co-written with Martijn Grooten (Virus Bulletin), Craig Johnston (independent researcher) and Stephen Burn (Malwarebytes). FUD and Blunder: Tracking PC Support Scams Presented at the Cybercrime Forensics Education & Training Conference in September 2012, this paper … Continue reading →

Posted in CFET, conference papers, David Harley | Tagged fake AV, forensics, marketing, scareware, support scams | Leave a comment

CFET Paper (4)

Posted on Jun 26, 2013 by David Harley

Man, Myth, Malware and Multi-Scanning is the 4th of my CFET papers, co-written with Julio Canto of VirusTotal. Almost uniquely (for me), the paper was written some time after the presentation at the conference. [My other presentation at that conference – … Continue reading →

Posted in AMTSO, CFET, conference papers, David Harley | Tagged Julio Canto, multi-scanning, pseudo-testing, pseudo-validation, VirusTotal | Leave a comment

CFET paper (3)

Posted on Jun 26, 2013 by David Harley

This was the second of two papers I presented at CFET in 2010. SODDImy and the Trojan Defence This paper looks at the implications in the age of the botnet of the “Some Other Dude Did It” and “it must … Continue reading →

Posted in CFET, conference papers, David Harley, Small Blue-Green World | Tagged chain of evidence, child abuse, forensics, Julie Amero, SODDI | Leave a comment

CFET Paper (2)

Posted on Jun 26, 2013 by David Harley

This was my second CFET paper. Antivirus Testing and AMTSO: Has Anything Changed? A summary of how the Anti-Malware Testing Standards Organization has developed in the past few years and the way in which the AV and testing industries have … Continue reading →

Posted in AMTSO, CFET, conference papers, David Harley | Tagged anti-malware testing, Anti-Malware Testing Standards Organization, certification, comparative testing, detection testing, performance testing | Leave a comment

CFET paper (1)

Posted on Jun 26, 2013 by David Harley

This is the paper on malware naming I presented at the 3rd Cybercrime Forensics Education & Training (CFET 2009) Conference in Canterbury on The Game of the Name Malware Naming, Shape Shifters and Sympathetic Magic. Here’s the abstract: Once upon a time, … Continue reading →

Posted in CFET, conference papers, David Harley | Tagged Cybercrime Forensics Education and Training, generic detection, malware naming | Leave a comment

Virus Bulletin article, July 2006

Posted on Jun 26, 2013 by David Harley

When I left the NHS in 2006, one of the first jobs I took on as a freelancer was writing for Ferris Research. This was an article that I was going to submit to them, but it obstinately refused to … Continue reading →

Posted in articles, David Harley, Small Blue-Green World, Virus Bulletin articles | Tagged ham, IP block, mail filtering, spam, Verizon | Leave a comment

EICAR Paper (11): PIN Holes: Numeric Passcodes and Mnemonic Strategies

Posted on Jun 26, 2013 by David Harley

This is the second paper I presented at the EICAR 2012 conference in Lisbon. As before, It’s posted here rather than on the ESET resources page for conference papers in accordance with EICAR’s copyright stipulation that EICAR conference papers be posted … Continue reading →

Posted in conference papers, David Harley, EICAR | Tagged Amitay, entropy, mnemonic strategy, passcode, passphrase, password, PIN, Rasmussen, rote learning, Rudmin | Leave a comment

EICAR Paper (10): After AMTSO: a funny thing happened on the way to the forum

Posted on Jun 26, 2013 by David Harley

This is one of two papers I presented at the 2012 EICAR conference in Lisbon. After AMTSO: a funny thing happened on the way to the forum Here’s the abstract: Imagine a world where security product testing is really, really useful. Testers … Continue reading →

Posted in AMTSO, conference papers, David Harley, EICAR | Tagged Anti-malware product testing, detection testing | Leave a comment

EICAR paper (9): Security Software & Rogue Economics: New Technology or New Marketing?

Posted on Jun 26, 2013 by David Harley

This is a paper I presented in 2011 at the EICAR conference in Krems, Austria, on “Security Software & Rogue Economics: New Technology or New Marketing?” Here’s the abstract: A highlight of the 2009 Virus Bulletin Conference was a panel … Continue reading →

Posted in conference papers, David Harley, EICAR, ESET, Virus Bulletin | Tagged AV marketing, fake AV, FUD, scareware | Leave a comment

EICAR paper (8): Real Performance

Posted on Jun 26, 2013 by David Harley

This is a paper called “Real Performance?” written by Ján Vrabec and myself and presented at the 2010 EICAR Conference in Paris, available by kind permission of EICAR. Abstract: The methodology and categories used in performance testing of anti-malware products and their … Continue reading →

Posted in AMTSO, conference papers, David Harley, EICAR | Tagged anti-malware, benchmarking, detection testing, performance testing, product testing | Leave a comment

Monthly Archives: Jun 2013

CFET Paper (5)

CFET Paper (4)

CFET paper (3)

CFET Paper (2)

CFET paper (1)

Virus Bulletin article, July 2006

EICAR Paper (11): PIN Holes: Numeric Passcodes and Mnemonic Strategies

EICAR Paper (10): After AMTSO: a funny thing happened on the way to the forum

EICAR paper (9): Security Software & Rogue Economics: New Technology or New Marketing?

EICAR paper (8): Real Performance

Recent Posts

Recent Comments

Archives

Categories

Meta