Olivia
Online
SECurity & Reverse Engineering Team (SECRET)
@SECRET_UFPR
The SECurity & Reverse Engineering Team (SECRET) laboratory at Federal University of Paraná (@UFPR), Brazil
Curitiba, Brazil
Joined April 2019
39 Following
278 Followers
312 Posts
We are making Corvus, our malware analysis sandbox, public available for the first time. Check out at https://t.co/HWZCHI1yUq
Multiple of my students are looking for internships. Junior researchers of all levels: undergrads, masters, and PhDs. Open to remote positions around the world and in person in the USA. Hello security companies, reach me out for recommendations.
Our @MarcusBotacin @gracesrm @MalFuzzer ACM DTRAP @acm_dtrap special issue on memory malware and other threats is out. https://t.co/pB83A2kTrq Thanks to all who collaborated!
Just discovered I am a top reviewer for acsac!
Who to follow
Marcus Botacin
@MarcusBotacin
CS Assistant Professor at Texas A&M @TAMUEngineering; PhD @SECRET_UFPR @UFPR; CE/CS Master @Unicamp_IC; #Malware Research; Also: @[email protected]
Thalium Team
@thalium_team
https://t.co/Sx05emsfNz Groupe Thales / Lutte Informatique / recherche de vulnérabilités / développements Red Team
KT
@koczkatamas
Security Engineer @ Google (personal account, opinions are my own!). ex-Tresorit. Ex-captain of @SpamAndHex CTF team.
Want to know more about how to detect memory injections with hardware-based memory monitoring? Access our poster: https://t.co/O69jMxlCZn
Access our summary: https://t.co/eIGT8oEKib
The next is to present our poster (@MalFuzzer) on the prototype of a Hardware AV
Computers are strange. When we want them to be random (e.g., random number generation), they are too deterministic (e.g., pseudo-RNG). When we want them to be deterministic (e.g., deterministic compilation), they are too random...
Among all possible obfuscations, we notice that Bogus Control Flow (BCF) is significally harder for the classifiers. We should invest more time researching how to deal with this type of obfuscation!
The effect of obfuscation and how to revert it is somethign that we should study more. Interested students?
Papers I like to remember.
[Calling all malware analysts] Our research is trying to understand what the malware analysts think and which tools analysts would like to have. Could you take a few minutes to answer our anonymous survey? https://t.co/NGqHVNOFPQ #malware #reverseengineering #redteam #dfir
0-day detectors do not exist, at least not as an absolute definition. Once again, it is all about generalization limits. I prefer to talk about generalization measurements rather than 0-day detection capabilities.
The discussion between signature vs. ML detectors is misleading. ML models are a type of signature, but that generalize more. We can convert ML models to rules. Stay tuned to see a bit more on this in one of my future papers.
[New Paper] Happy to have contributed with some discussions to this paper, more specifically the following:
@SECRET_UFPR guidelines for ML for security experiments.
One of the main contributions of the papers is a checklist that serves as a reminder and prevents researchers and practitioners from committing common mistakes or at least being aware of their existence while using ML in security. https://t.co/yBwEYb9ns8
ML for Cybersecurity is different from regular ML tasks. Attackers may create novel threats that are unknown to defense solutions. Our paper "Machine Learning (In) Security: A Stream of Problems" shows the main challenges in applying ML to security. https://t.co/LztK9sTmcV🧶
"GPThreats-3: Is Automatic Malware Generation a Threat?" My talk on how to use GPT to automatically write malware. Watch here: https://t.co/TmyPaOKjim
I’m happy to share that I’m starting a new position as a Postdoctoral Researcher at @GeorgiaTech! Thanks, @szonouz for the opportunity to join your amazing team.
Presenting my paper about GPT-generated malware.
Paper: https://t.co/ie3wyuSl3b
Slides: https://t.co/7zG6FORyeA
First session!
"Reflections on Trusting Docker: Invisible Malware in Continuous Integration Systems"
"ROPfuscator: Robust Obfuscation with ROP" @peperunas
"GPThreats-3: Is Automatic Malware Generation a Threat?" @MarcusBotacin
"Emoji shellcoding in RISC-V" @gajaloyan
#HITB2023AMS #VIDEO #COMMSEC D1 - All You Always Wanted to Know About AntiViruses - Marcus Botacin - https://t.co/p0gbfBRXI8
Last Seen Users on Sotwe
Achiles
Seen from Vietnam
💗✨ TÜƦKGAYTƦ ✨💗
Seen from Turkey
U g h t e a Ngeunah
Seen from Indonesia
Pornstop
Seen from Israel
CAM MOMS 🫦💦
Seen from Pakistan
可可西里✨
Seen from Canada
GTA 6 Countdown ⏳ 
Seen from Brazil
penikmat stw montok
Seen from Indonesia
Arhanseptya
Seen from Malaysia
淫乱母子
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.8M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.5M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers