Boldizsár Bencsáth

Learn More
Stuxnet was the first targeted malware that received worldwide attention for causing physical damage in an industrial infrastructure seemingly isolated from the online world. Stuxnet was a powerful targeted cyber-attack, and soon other malware samples were discovered that belong to this family. In this paper, we will first present our analysis of Duqu, an(More)
In September 2011, a European company sought our help to investigate a security incident that happened in their IT system. During the investigation, we discovered a new malware that was unknown to all mainstream anti-virus products, however, it showed striking similarities to the infamous Stuxnet worm. We named the new malware Duqu, and we carried out its(More)
— A method for protecting an Internet server against a bandwidth-consuming DDoS attack is proposed and analyzed. Incoming traffic is monitored continuously and " dangerous " traffic intensity rises are detected. Such an event activates a traffic filtering rule which pushes down the incoming aggregate traffic to an acceptable level by discarding excess(More)
DoS attacks are aimed at the loss of or the reduction in availability, which is one of the most important general security requirements in computer networks. A promising approach proposed to alleviate the problem of DoS attacks is to use client puzzles. In this paper, we study this approach using the apparatus of game theory. In our analysis, we derive the(More)
Malware analysis can be an efficient way to combat malicious code, however, miscreants are constructing heavily armoured samples in order to stymie the observation of their artefacts. Security practitioners make heavy use of various virtualization techniques to create sandboxing environments that provide a certain level of isolation between the host and the(More)
Virtualization is a powerful technology for increasing the efficiency of computing services; however, besides its advantages, it also raises a number of security issues. In this article, we provide a thorough survey of those security issues in hardware virtualization. We focus on potential vulnerabilities and existing attacks on various virtualization(More)
Wireless mesh networking allows network operators and service providers to offer nearly ubiquitous broadband access at a low cost to customers. In this paper, we focus on QoS-aware mesh networks operated by multiple operators in a cooperative manner. In particular, we identify the general security requirements of such networks and we give an overview on the(More)
Most contemporary embedded devices, such as wireless routers, digital cameras, and digital photo frames, have Web based management interfaces that allow an administrator to perform management tasks on the device from a Web browser connecting to the device's Web server. It has been shown earlier that many of these devices are vulnerable to Cross Site(More)
In this paper we show that the performance of the generic SMTP servers are more limited than we previously thought. We implemented a environment to test SMTP server performance focusing on Denial of Service (DoS) attacks. Our measurements show that a standard SMTP server can be easily overloaded by sending simple email messages and the overload can occur(More)