Internet Commerce Security Laboratory (ICSL)


Malware and Reverse Engineering Conference (MRE-2017): 3-4 July


Following the success of the previously held workshops in 2013, 2014, 2015 and 2016, we are pleased to announce that the Malware Reverse Engineering Conference will be held in Melbourne in July (3-4th), 2017.

MRE-2017 is a bridge between industry, law enforcement and academia, with a strong focus on practical results from research and development projects in malware reversing. The conference aims to cover:

  • Reverse engineering methods, analyses and algorithms
  • Behavioural and attribution analysis of malware
  • Impacts into the financial sector and government agencies
  • Advanced monitoring schemes for Malware attacks


Registration for MRE is open and you can register at following site:

MRE2017 Registration

MRE2017 Program


Conference will be held at Telstra Conference Centre, Level 1, 242 Exhibition Street, Melbourne (World's most liveable city), VIC, 3000 Australia

Telstra Conference centre (TCC) is in the government (north-eastern) sector of the Melbourne central business district (CBD) the TCC enjoys convenient access to the local hotels (The Marriott and Rydges), theatres (Her Majesty's, The Princess and Comedy), restaurants (Chinatown, Lygon Street, Grossi Fiorentinis) and public transport (taxis, buses, trams and trains). Trams in Melbourne CBD are free.

Parking: 150 Little Lonsdale St and 59 Lonsdale St plus on-street parking

Accommodation: Convenient access to The Marriott Hotel and Rydges Hotel

2017 program and keynote speakers

Planning has commenced for the 2017 Malware Reverse Engineering Conference. If you are interested in providing a presentation or would like information to be forwarded to you as soon as available, please advise Ms Kym Haymes, Keep an eye on this page as information will be added as soon as available.

Maciej Kotowicz, Principal Reverse Engineer at

Maciej Kotowicz has special interest in reverse engineering and exploit development as well as their automation. Occasional speaker. In his free time he like to drink beer and play CTFs, in no particular order. Maciej's talks will have following titles:

  1. Going for the goods: crash course on rapid malware analysis
  2. Unpacking Part2: from craftsmanship to manufacturing
  3., the fence between your money and criminals (Venue: Mt Helen, Ballarat)

David Korczynski, University of Oxford

David Korczynski is a researcher with the Department of Computer Science at University of Oxford. His research areas are malicious software, formal methods and program analysis. David likes to work in the intersection of theory and practice, which in this context means developing mathematical models of malicious software, and bridging these models to practical applications. His main tools of trade are process algebra communicating Sequential Processes, full system emulation environments, information-flow analysis and SMT-based reasoning. David's talks will have following titles:

  1. Advanced fine grained analysis of malware propagation with novel code injections
  2. Repeatable reverse engineering
  3. Abstract models of malware - how and why (Venue: Mt Helen, Ballarat)

Randy Stanger, The National Cyber-Forensics & Training Alliance (NCFTA), USA

Randy Stanger is Team Lead and Acting Program Manager for Malware and Cyber Threats Program. The National Cyber-Forensics & Training Alliance (NCFTA) is a non-profit corporation founded in 2002, focused on identifying, mitigating, and neutralising cyber crime threats globally. The NCFTA operates by conducting real time information sharing and analysis with Subject Matter Experts (SME) in the public, private, and academic sectors. Through these partnerships, the NCFTA proactively identifies cyber threats in order to help partners take preventive measures to mitigate those threats. The NCFTA has a proven track record and has long been identified as the model for private/public partnerships. Today, the NCFTA model, best practices, and lessons learned are being leveraged and emulated in countries around the world. Randy's talk will be on following topic:

Bare Metal Analysis & DarkWeb Research


Noushin Shabab Kaspersky Analysis of an APT: A case study of targeted attacks on APAC countries
Daniel Eden, Roshan Maskey nightHawk nightHawk Response, the art of IR
James Anderson Defence Network Operations Centre Symbolic of the future?
Paul Black FireEye FLARE Inline function identification
Chun Feng Microsoft Australia A Technical Analysis of SMB Exploits
Jon Oliver Trend Micro Locality Sensitive Hashing for Identifying Legitimate Executable Files
Vincent Lo CBA Advanced Web Shell Analysis
Stephen McCombie Secureworks Russia State Security Cyber Capability and Operations
Jason Tong, Aaron Fenwick PWC Defending the Beachhead
Craig Searle Hivint Data Combat: Redux
Alex Tilley Secureworks Current Trends in Cybercrime

Free seminar

A free seminar by Maciej Kotowicz and David Korczynski will be held following the MRE-2017 conference on Wednesday 5th July 2017 at Federation University Australia, Mt Helen Campus, Ballarat.

  •, the fence between your money and criminals
  • Abstract models of malware - how and why

To register your interest in attending please advise Kym Haymes,

Our organising committee is composed of security researchers and engineers from academia and industry.

Organising committee

Our organising committee is composed of security researchers and engineers from academia and industry.

  • Iqbal Gondal, Chair - Director, Internet Commerce Security Laboratory, Federation University Australia
  • Paul J. Watson - ASD, Defence Department
  • Paul Black - PhD Candidate, ICSL
  • Shanna Daly - Consulting Manager, Fireeye
  • Scott Brown - Principal Advisor, Threat Analysis and Hunting, Rio Tinto
  • Gabe Davis - Federal Agent, Cybercrime Operations, AFP Australia
  • Robert Layton - Director, dataPipeline
  • Christian Teutenberg - Threat Research and Intelligence, Security Operation, Telstra


Malware Reverse Engineering Conference 2017 is sponsored by Telstra and secEDU (CBA-UNSW)

There are plenty of opportunities for sponsorship support and we welcome interest in sponsorship from the security industry and other partners. Please contact Dr Iqbal Gondal, Director ICSL if you are interested in discussing sponsorship opportunities.