About Us
Our Mission
Team
Contact
Publications
research.
publications.
Publications
Publications
Conferences
RSA Conference 2023 - The Hidden Risk in Undocumented API Behavior
Sikkerhetsfestivalen 2022, NDC Security 2023 - Attacking through the Software Supply Chain
NTNU malware forum 2022 – Ember Bears are no Saints
Øredev 2022, JavaZone 2021 – Secure coding: Back to basics
Øredev 2019 – Threat modeling workshop
Øredev 2019 – An introduction to Threat modeling
NDC Security 2020 – Modern web application vulnerabilities 2020
Øredev 2019, NDC Minnesota 2019, NDC Sydney 2018 – Modern web application vulnerabilities
NDC Minnesota 2018, NDC Sydney 2018, NDC London 2017, JavaZone 2016 – Broken crypto is broken
BoosterConf 2018 – Threat modeling workshop
JavaZone 2018 – Kubernetes Security with Isio
NDC TechTown 2018 – Fuzzing with AFL
NDC 2018, Oslo – Hack Back – bug hunting on the dark side
JavaZone 2017, NDC TechTown 2017 – An introduction to Threat modeling
O’Reilly Security 2016, VelocityConf 2016, JavaZone 2015 – Continuous security
InfoSecurity London 2016 – Evasion and Anti-Evasion: An Ongoing Game of Cat & Mouse
OWASP AppSec 2016 – Bug Hunting on the Dark Side
InfoSecurity London 2015 – Rethinking Enterprise Security: Lifecycle Defense
RSA Conference, San Francisco 2015 – Bug hunting on the Dark Side
DefCon 2014 – NinjaTV – Increasing Your Smart TV’s IQ Without Bricking It
NDC London 2014 – A fragile internet of things
JavaZone 2014, EUNIS 2014 (track keynote) – Your web application is already out of date
NDC Oslo 2014, NDC Lodon 2013, OWASP AppSec Research EU 2013, WebRebels 2012 – Securing a modern JavaScript based single page web application
OWASP AppSec Research EU 2013, Javazone 2012 – RESTful Security
BoosterConf 2013 – JavaScript security workshop
HackPra 2011 – Practical attacks on web application crypto
NDC Oslo 2011 – Avoiding Cross Site Scripting – Not as easy as you might think
OWASP AppSec EU 2009 – Agile security
CCDCOE Conference on Cyber Warfare 2009 – Proactive Botnet Countermeasures – An Offensive Approacht
Microsoft DCC 2009 – Botnet Takeovers
T2 2009 – Don’t do this at Home: 0wning Botnets
CCC Congress 2008 – Owning the Storm Botnet
Research Papers
A Case Study in Ethical Decision Making Regarding Remote Mitigation of Botnets
Finding and Extracting Crypto Routines from Malware
Banksafe information stealer detection inside the web browser
Classification and Detection of Metamorphic Malware using Value Set Analysis
On the arms race around botnets – Setting up and taking down botnets
Current Trends in Botnet Development and Defense
Proactive Botnet Countermeasures – An Offensive Approach.
Containing Conficker – To Tame A Malware.
NGBPA – Next Generation BotNet Protocol Analysis.
Stormfucker – Owning the Storm Botnet.
Parallelization of Radio Algorithms for Multi-Processor Platforms.
Combining Cognitive Radio and Software Radio Approach for Low Complexity Receiver Architecture.
Evaluation Architecture For Digital Radio Mondiale Multimedia Applications.
Performance Evaluation of current Mobile Phone Architectures with Respect to Multimedia Applications
DDoS detection based on traffic profiles
Inception Framework
Operation Hangover – Unveiling an Indian Cyberattack Infrastructure
Systematic cyber attacks against Israeli and Palestinian targets going on for a year
The many faces of Gh0st Rat
The Syrian Spyware
Patents
Creating an execution safety container for unreliable exploits
Systems and methods for safely executing unreliable malware
Universal tracing of side-channel processes in computing environments
Systems and methods for utilizing a browser extension to encrypt online payment information
Systems and methods for protecting customer payment data against malware attacks on inline frame payment forms
Systems and methods for enforcing strict network connectivity and storage access during online payments
Communications system having security apparatus, security apparatus and method herefor