Last week Julien and I were in Berlin to attend to the 18th EICAR conference.

Julien gave a talk on the analysis of a botnet. Based on a technical analysis of the infector and the pieces it drops, he, Damien and Christophe were able to get a discerning picture of the botnet architecture, and to understand how the author(s) monetize their creation with spam service or personal information robbing.

My talk was about a work that Jean-Baptiste and I have focused on during the beginning of the year. Our objective was to design an evaluation methodology for antivirus products that fits into the CSPN evaluation framework proposed by the DCSSI. During the talk, I presented our methodology and the results we obtained during a pilot evaluation we have carried out.

This year conference was once again quite interesting with many quality talks, including a caustic keynote by Fred Cohen. And by the way, Berlin is definitely a pleasant capital.

You can find our slides here (botnet analysis) and here (antivirus software evaluation methodology).