Elie Bursztein

Elie Bursztein leads Google's anti-abuse research team, which invents transformative solutions that help protect users against online threats.

blurry image for loading

Article banner

3 million smiles during the pandemic - the retrospective

blurry image for loading

Article banner

Spotlight: Malware Lead Generation At Scale

blurry image for loading

Article banner

Account protections - A Google Perspective

blurry image for loading

Article banner

blurry image for loading

Article banner

3 million smiles during the pandemic - the retrospective

3 million smiles during the pandemic - the retrospective

Blog post Jul 2021

Retrospective of my attempt to make people smile during the COVID pandemic by performing magic tricks online for 32 weeks in a row.

blurry image for loading

Article banner

blurry image for loading

Article banner

Spotlight: Malware Lead Generation At Scale

Spotlight: Malware Lead Generation At Scale

Publication ACSAC 2020

We present Spotlight, a large-scale malware lead-generation framework that uses deep-learning to clusters malware famillies to isolate potentially-undiscovered ones and prioritizes them for further investigation

blurry image for loading

Article banner

blurry image for loading

Article banner

Account protections - A Google Perspective

Account protections - A Google Perspective

This talk provides an overview of how accounts get compromised and the defenses we found effective at Google to reduce accounts hijacking risks.

blurry image for loading

Article banner

blurry image for loading

Article banner

Hacker's guide to deep-learning side-channel attacks: code walkthrough

Hacker's guide to deep-learning side-channel attacks: code walkthrough

Blog post Jun 2021

Learn how to perform a deep-learning side-channels attack using TensorFlow to recover AES cryptographic keys from a hardware device power traces, step by step.

blurry image for loading

Article banner

blurry image for loading

Article banner

Hacker's guide to deep-learning side-channel attacks: the theory

Hacker's guide to deep-learning side-channel attacks: the theory

Blog post May 2021

Learn the concepts behind deep-learning side-channels attack, a powerful cryptanalysis technique, by using it to recover AES cryptographic keys from a hardware device.

blurry image for loading

Article banner

blurry image for loading

Article banner

A Hacker’s guide to reducing side-channel attack surfaces using deep-learning

A Hacker’s guide to reducing side-channel attack surfaces using deep-learning

Talk Defcon & BH 2020

This talk showcases SCALD, our tool that leverages deep-learning explainability and dynamic execution to automatically find which parts of a crypto-hardware implementation is responsible for leaking the information exploited by side-channel attacks

blurry image for loading

Article banner

blurry image for loading

Article banner

Malicious Documents Emerging Trends: A Gmail Perspective

Malicious Documents Emerging Trends: A Gmail Perspective

This talk provides a comprehensive analysis of the malicious documents that target users and corporate inboxes, an in-depth analysis of the latest evasion tactics used by attackers and what Google is doing about it.

blurry image for loading

Article banner

blurry image for loading

Article banner

Insights about the first five years of Right to Be Forgotten requests at Google

Insights about the first five years of Right to Be Forgotten requests at Google

Blog post Dec 2019

This blog post distills the key findings of our longitudinal analysis of how Europe’s right to be forgotten (RTBF) is being applied in practice.

blurry image for loading

Article banner

blurry image for loading

Article banner

Five years of the Right to Be Forgotten

Five years of the Right to Be Forgotten

Publication CCS 2019

We conducted a retrospective measurement study of 3.2 million URLs that were requested for delisting from Google Search over five years.

blurry image for loading

Article banner

blurry image for loading

Article banner

Protecting accounts from credential stuffing with password breach alerting

Protecting accounts from credential stuffing with password breach alerting

Publication Usenix Security 2019

In this paper, we propose a privacy-preserving protocol whereby a client can query a centralized breach repository to determine whether a specific username and password combination is publicly exposed, but without revealing the information queried.

blurry image for loading

Article banner

blurry image for loading

Article banner

A Hacker Guide To Deep Learning Based Side Channel Attacks

A Hacker Guide To Deep Learning Based Side Channel Attacks

Talk Defcon 2019

This talk provides a step-by-step introduction on how to use deep learning to perform AES side-channel attacks.

blurry image for loading

Article banner

blurry image for loading

Article banner

Deconstructing the Phishing Campaigns that Target Gmail Users

Deconstructing the Phishing Campaigns that Target Gmail Users

Talk Black Hat USA 2019

In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets.

blurry image for loading

Article banner

blurry image for loading

Article banner

Rethinking the detection of child sexual abuse imagery on the Internet

Rethinking the detection of child sexual abuse imagery on the Internet

Publication WWW 2019

In order to scale CSAI protections moving forward, we discuss techniques for automating detection and response by using recent advancements in machine learning.