Silvio Cesare
Silvio Cesare | |
---|---|
Born | Sydney, New South Wales, Australia |
Occupation | Security researcher |
Years active | 1993–present |
Silvio Cesare (/tʃɛˈzæreɪ/ chez-ARR-ay)[citation needed] is an Australian security researcher known for his multiple articles in phrack, talks at numerous security conferences including Defcon and Black Hat Briefings.[1] Silvio is also a former member of w00w00. He is credited with the publication of the first ELF virus for UNIX-like operating systems. His security research includes an IDS evasion bug in the widely deployed Snort software.[2][3][4][5] Silvio holds a PhD in Computer Science from Deakin University and is the co-founder of the security conference BSides Canberra. He earned his Master of Informatics and Bachelor of Information Technology from CQUniversity Australia. He currently operates the Canberra based training and consulting provider InfoSect.[6]
Articles
Silvio is the author of "Software Similarity and Classification", released by Springer.[7]
He is the author of numerous whitepapers on information security, including:
- Share Library Call Redirection Via ELF PLT Infection - Phrack[8]
- Similarities for Fun and Profit - Phrack[9]
- Fast Automated Unpacking and Classification of Malware[10]
Software and Services
Silvio has released numerous tools to perform software similarity classification.[citation needed]
Simseer
Simseer is a free online service that tells you how similar to each other are the software that you give it. It is built using the technology of Malwise. There are a number of applications where it is useful to know if software is similar such as malware classification, incident response, plagiarism detection, and software theft detection.
Bugwise
Bugwise[11] is a service that performs bug detection in Linux executable binaries. It does this by using static program analysis. More specifically, it is performed using decompilation and data flow analysis. Currently, the service checks for the presence of some double frees in sequential code that use the libc allocator functions.
Clonewise
Clonewise[12] is an open source project to identify clones of packages embedded in other software source. Identifying package clones enables us to automatically infer outstanding vulnerabilities from out of date clones.[13]
References
- ^ "Black Hat USA 2013". UBM Tech. 2013. Retrieved 23 May 2014.
- ^ Bejtlich, Richard (28 May 2008). "Snort Evasion Vulnerability in Frag3". TaoSecurity. Retrieved 23 May 2014.
- ^ anonymous (28 July 2002). "Runtime Process Infection". Phrack. 0x0b (0x3b): 0x08. Retrieved 23 May 2014.
- ^ sd and devik (12 December 2001). "Linux on-the-fly kernel patching without LKM". Phrack. 0x0b (0x3a): 0x07. Retrieved 23 May 2014.
- ^ You Dong-Hoon (4 April 2011). "Android platform based linux kernel rootkit". Phrack. 0x0e (0x44): 0x06. Retrieved 23 May 2014.
- ^ "Infosect". Retrieved 21 June 2019.
- ^ Cesare, Silvio & Xiang, Yang (2002). Software Similarity and Classification. Springer. ISBN 978-1-4471-2909-7. Retrieved 23 May 2014.
- ^ Cesare, Silvio (5 January 2000). "Shared Library Call Redirection Via ELF PLT Infection". Phrack. 0xa (0x38): 0x07. Retrieved 23 May 2014.
- ^ Pouik and G0rfi3ld (14 April 2014). "Similarities for Fun and Profit". Phrack. 0x0e (0x44): 0x0f. Retrieved 23 May 2014.
{{cite journal}}
: CS1 maint: numeric names: authors list (link) - ^ Cesare, Silvio (May 2010). "Fast Automated Unpacking and Classification of Malware". Retrieved 23 May 2014.
- ^ "Bugwise". FooCodeChu. Retrieved 23 May 2014.
- ^ "Clonewise - Automatically Identifying Package Clones and Inferring Security Vulnerabilities". FooCodeChu. Retrieved 23 May 2014.
- ^ Pauli, Darren (22 November 2011). "Tool kills hidden Linux bugs, vulnerabilities". SC Magazine. Retrieved 23 May 2014.