Application Security: As network routers, fire walls, and operating systems become more mature, the security surrounding applications have become one of the most popular attack vectors. Format string problems, improper input validation testing, improper authentication, and buffer overflows abound. How do we find or fix these problems? Presentations could cover strategies for auditing web applications, reverse engineering binaries to find or fix vulnerabilities, source code analysis, secure coding practices, black box and stress testing testing tools, and configuration best practice guidelines would all be appropriate for this track.
Deep Knowledge: In depth presentations on a variety of topics. Not for the faint of heart.
Computer Forensics & Log Analysis: So, you think you have been hacked? How can you tell? This track will deal with what you should do before a system goes live and after you suspect a system or network compromise. Topics could include log analysis, IDS, disk forensics, aide, tripwire, baseline analysis, etc. Configuring and tuning, technology comparisons, attacking or bypassing IDS or HoneyNet technologies, secure log distribution, analysis and alerting would all be appropriate.
Layer Ø: The security of people and objects requires different technology and strategies. This track will focus more on how the physical aspects of our networks and environments. Topics might include topics from electronic countermeasures to eavesdropping (Audio or network), physical security surrounding locks, doors, and access control systems (How hard is it really to break into where the back up tapes are stored?), biometric security strengths and weaknesses of fingerprints and facial recognition systems to the extreme of HERF attacks. We spend a lot of our time thinking about network and application security, here is a chance to be exposed to the physical side of things.
Policy, Management, and the Law: How does the law deal with the security issues that are discovered? What legislation do businesses need to comply with? What are acceptable policies surrounding a corporate web presence? What are the social responsibilities of security practitioners? Analysis of current or future laws and legislation, management trends, and policy development would fit in this track.
Privacy & Anonymity: In the ever increasing surveillance of the public Net, what are the issues privacy-conscious people and administrators should be aware of? Talks could cover legal topics such as "What can we legally do to increase our personal privacy?" Technology talks could cover tools related to privacy such as defeating forensics tool kits, anonymous networking and proxies such as FreeNet or JAP, the future of anonymous re-mailers.
Turbo Talks: New for 2004, the Turbo Talks track will consist of 20 minute talks covering subjects that do not require a full length presentation slot. Topics can range widely, and there are no specific guidelines for what must be included. Examples might include the announcement of a new security project or initiative, the release of research data, a quick tip or techniques talk on a very specific topic, a call for participation in a study, a Question and Answer session surrounding a new law, etc. Please note: Because of the nature of this track Black Hat will not pay a speaking, hotel, or airfare fee. Selected presenters receive a full conference pass only.
Ø Day Attack: What is the cutting edge of Ø-day attack techniques? How are these vulnerabilities found and tested? This track will focus on topics including applied attack methodologies, using but not loosing your 0-day tools, new classes of vulnerabilities just discovered or under development, trends in the 0-day underground community, etc.
Ø Day Defense: "Ø-day" vulnerabilities are a fact of life, but how we as consultants or organizations deal with them vary greatly. Some build elaborate multi-layer defense in depth systems. Some accept the risks and invest in response and restorations strategies. This track will deal with the strategies and technologies that have evolved to deal with the 0-day. Topics might include how to defend against unknown vulnerabilities using tools such as systrace, pax, propolice, trojan proof, MAC policies, etc. Lessons learned stories may include case studies of how your organization reacted to a 0-day, what worked and what didn't. A technology overview might point to the most promising new techniques, from honeypots to compartmentalized operating systems.