Keynote: Thinking Outside the Box – Embracing Globalization
Paul Simmonds, Global Information Security Director (CISO), Jericho Forum/ICI Plc.

Application Security

Layer 0

Policy, Management, and the Law

Zero Day Attack

Deep Knowledge

Emperors I

Palace Salon II

Antivirus Security Software Tests

Sarah Gordon

Windows WaveSEC Deployment

Paul Wouters

Hacking with Executives

JD Glaser

All New Ø-Day

David Litchfield

Program Semantics-Aware Intrusion Detection

Tzi-cker Chiueh

Information Hiding in Executable Binaries

Rakan El-Khalil

RF-ID and Smart-Labes: Myth, Technology and Attacks

Lukas Grunwald

Legal Liability and Security Incident Investigation

Jennifer Granick

Advanced Return Address Discovery using Context-Aware Machine Code Emulation

Derek Soeder, Ryan Parmeh, Yuji Ukai

Diff, Navigate, Audit

Halvar Flake

Pocket PC Abuse

Seth Fogie

Introduction to Embedded Security

Joe Grand

The Laws of Vulnerabilities for Internal Networks

Gerhard Eschelbeck

Defeating Automated Web Assessment Tools

Saumil Shah

Trust No-one, Not Even Yourself OR The Weak Link Might Be Your Build Tools

David Maynor

Web Application Session Strength

Michael Shema

Metasploit

spoonm & HD Moore

Information Security Law Update

Brad Bolin

NoSEBrEaK - Defeating Honeynets

Thorsten Holz & Maximillian Dornseif

Attacking Obfuscated Code with IDA Pro

Chris Eagle

Hacking Without Re-inventing the Wheel

Nitesh Dhanjani & Justin Clarke

A Historical Look at Hardware Token Compromises

Joe Grand

Hacker Court ’04: Pirates of the Potomac

Panel

Attacking Host Intrusion Prevention Systems

Eugene Tsyrklevich

Vulnerability Finding in Win32—A Comparison

FX

Reception sponsored by

and

and

Continuation of Hacker Court

Booksigning with the authors of "Stealing the Network: How to Own a Continent" during the Gala Reception.

Computer Forensics & Log Analysis

Privacy & Anonymity

Zero Day Defense

Turbo Talks

The Black Hat Testimonies

Panel

Managing Election Data: The California Recall

Rebecca Mercuri, Ph.D & Bev Harris

BlueSnarfing The Risk From Digital Pickpockets

Adam Laurie & Martin Herfurt

Phishing— Committing Fraud in Public

Phillip Hallam-Baker

The Future of History

Robert Morris

The Black Ops of DNS

Dan Kaminsky

Steganography, Steganalysis, & Cryptanalysis

Michael Raggo

Putting the P back in VPN

Roger Dingledine

When the Tables Turn

Sensepost

Richard Thieme

10:00 - 11:00

Web Application Security Crossfire

Panel

Evasion and Detection of Web Application Attacks

K.K. Mookhey

Privacy, Economics and Immediate Gratification

Dr. Alessandro Acquisti

VICE - Catch the Hookers!

Jamie Butler & Greg Hoglund

Google Attacks

Patrick Chambet

11:15 - 11:35

How Next Generation Application Proxies Protect Against The Latest Attacks & Intrusions

Andrew Stevens

11:45 - 12:05

WorldWide WarDrive 4

Chris Hurley

12:15 - 12:35

Shoot the Messenger

Brett Moore

Cyber Jihad and the Globalization of Warfare

Peter Feaver & Kenneth Geers

You got that with GOOGLE?

Johnny Long

Detecting 0-days Attacks With Learning Intrusion Detection Systems

Stefano Zanero

Managing Hackers

James C. Foster

13:45 - 14:05

Insecure IP Storage Networks

Himanshu Dwivedi

14:15 - 14:35

Introduction to the Certification and Accreditation Process (C&A) Within the US Government

Jeff Waldron

14:45 - 15:05

IKE-Test

Ralf Spenneberg

Nobody’s Anonymous—Tracking Spam and Covert Channels

Curtis Kret

The Anonymity Toolkit

Len Sassaman

A Comparison Buffer Overflow Prevention Implementations & Weaknesses

Peter Silberman & Richard Johnson

Cryptographic Port-Knocking

David Worth

15:15 - 15:35

Privacy: Do As I Say...Not as I Do

Sarah Gordon

15:45 - 16:05

Digital Active Self Defense

Laurent Oudot

16:15 - 16:35

Blind SQL Injection Automation Techniques

Cameron Hotchkies

The Evolution of Incident Response

Kevin Mandia

Tracking Prey in the Cyberforest

Bruce Potter & Brian Wotring

Acting in Milliseconds-Why Defense Processes Need to Change

Dominique Brezinski

Introduction to the Global Security Syndicate

Gregory S. Miles & Travis Schack

16:45 - 17:05

Managing MSIE Security in Corporate Networks by Creating Custom Internet Zones

Patrick Chambet

17:15 - 17:35