Stanford EE Computer Systems Colloquium

4:15PM, Wednesday, December 02, 2009
NEC Auditorium, Gates Computer Science Building B03

Open Source Security Research
An Overview of Suspicious Hosting Providers and Malicious File Inclusion

Jart Armin & Andrew Martin
About the talk:

While most security research is published by independent or staff security researchers, smaller collaborations exist between like minded security professionals. Open Source Security Research presents the audience with a inside look at the work conducted by the Host Exploit team on topics that include both suspicious hosting providers such as McColo, Intercage, Real Host and blended threats such as Malfi and the miscreants behind the attacks.


There is no downloadable version of the slides for this talk available at this time.

About the speakers:

Andrew Martin ( is an information security professional with a tier 1 North American Financial Institution. For the past 3 years he has specialized in intrusion detection optimization, malware detection and forensic analysis. Andrew is the senior investigator for malware and attempted network intrusions at the bank.

In the past few years he has presented to several groups, including other financial institutions and health care professionals on botnet detection and managing malware investigations. He is also one of a handful of individuals world- wide to hold SANS's top certification, the GSE with specialization in malware.

Andrew contributes threat analysis information to other financial institutions and ISPs as well as trusted security partners. As part of his mandate he regularly evaluates malware detection and management products and works with the manufactures to customize and improve them. He has also contributed to the security programs of academic bodies in both Canada and the United States.

Jart Armin ( is a leading activist, and analyst, researching into organized cyber crime and Internet security. He initially came to the fore in the analysis and exposure of the RBN (Russian Business Network). This was followed by the exposure and eventual shut down of Intercage / Atrivo, McColo, EstDomains, and Real Host Latvia, as examples.

He established as a multinational open source community effort, for research and reporting on bad actors operating the Internet.

Jart provides security and threat analysis for several Fortune 500 companies, financial institutions, governmental organizations, and writes for several online publications.

Contact information:

Jart Armin & Andrew Martin