Daniel Uroz

I am a first year Computer Security Ph.D. student at RME, a part of the Distributed Computing Group (DisCo) research group from University of Zaragoza (Spain) focused on software and systems security; where I am under the supervision of Prof. Javier Campos and Prof. Ricardo J. Rodríguez, and funded by the Government of Aragón.

Previously, I have worked as a Research Assistant at University of Zaragoza, mainly investigating malware detection techniques in computer forensics. I have also worked as a Malware Analyst at S21Sec, reversing engineering malware and developing tools to detect and automatically extract information of malware samples.

I obtained my bachelor's degree in Computer Science at University of Zaragoza, and I am finishing a master's degree in Research in Cyber Security at University of León (Spain).

Email  /  CV  /  Google Scholar  /  LinkedIn  /  Twitter

profile photo Read my blog

My PhD thesis is based on IoT security, whereas I'm mainly interested in any field regarding computer security, malware analysis, reverse engineering, network protocols, and forensics.

On Challenges in Verifying Trusted Executable Files in Memory Forensics
Daniel Uroz, Ricardo J. Rodríguez
Forensic Science International: Digital Investigation, 32, 300917, Apr. 2020 (21% acceptance rate – 14/66)
paper  /  bibtex  /  tool  /  slides  /  doi:10.1016/j.fsidi.2020.300917

We investigate the limitations that memory forensics imposed to the digital signature verification process of Windows PE signed files, obtained from a memory dump.

Characteristics and Detectability of Windows Auto-Start Extensibility Points in Memory Forensics
Daniel Uroz, Ricardo J. Rodríguez
Digital Investigation, 28, S95-S104, Apr. 2019 (27% acceptance rate – 15/55)
paper  /  bibtex  /  tool  /  slides  /  doi:10.1016/j.diin.2019.01.026

We propose a taxonomy of the Windows ASEPs, considering the features that are used or abused by malware to achieve persistence.

This website's source code was stolen from Jon Barron's website.