RSS feed logo header graphic

Black Hat Briefings USA 08 Schedule

August 6 – 7, 2008

Schedule by Time and Track

Day One • August 6, 2008

Skip to Day 2
08:00 to 08:50 Regisration and Continental Breakfast: Fourth Floor Palace Tower Convention Floor - sponsored by Cisco Logo
08:50 to 09:00 Introduction by Black Hat Founder and Director, Jeff Moss
09:00 to 09:50 Keynote Ian Angell Professor of Information Systems, London School of Economics - "Complexity in Computer Security - a Risky Business"
09:50 to 10:00 Break
Root Kits
Roman Ballroom		 0-Day
Palace 1		 App Sec 1.0/2.0
Augustus 3&4		 Bots & Malware
Palace 3		 Deep Knowledge
Florentine Ballroom		 The Network
Augustus 5&6		 Over The Air
Augustus 1&2		 Reverse Engineering
Palace 2

10:00 to 11:00
Deeper Door:
Exploiting the NIC
Chipset
Sherri Sparks
Shawn Embleton		 Pointers and
Handles
Alex Ionescu		 AppSec A-Z
Jared DeMott		 Bad Sushi:
Beating Phishers
at Their Own Game
Nitesh Dhanjani
Billy K Rios		 When Lawyers
Attack:
Dealing With the
New Rules of
Electronic Discovery
John Benson		 Nmap: Scanning
the Internet
Fyodor Vaskovich		 Mobitex Network
Security
olle B		 Next Generation
Collaborative Reversing
with Ida Pro and
CollabREate
Chris Eagle
Tim Vidas

11:00 to 11:15
Coffee Service: Fourth Floor Palace Tower Convention Floor - sponsored by IOActive Logo

11:00 to 11:15 Booksigning: Chris Eagle, Allen Harper, & Jonathan Ness, authors of “Gray Hat Hacking, Second Edition”

11:15 to 12:30
A New Breed
of Rootkit:
The System Management
Mode (SMM) Rootkit Shawn Embleton
Sherri Sparks		 Black Ops 2008:
Its The End Of
The Cache As
We Know It
Dan Kaminsky		 AppSec A-Z
Jared DeMott		 Jinx - Malware 2.0
Itzik Kotler
Jonathan Rom		 When Lawyers
Attack:
Dealing With the
New Rules of
Electronic Discovery
(continued)
John Benson		 Leveraging the Edge:
Abusing SSL VPNs
Mike Zusman		 Highway to Hell:
Hacking Toll Systems
Nate Lawson		 Decompilers and Beyond
Ilfak Guilfanov

12:30 to 13:45
Lunch: Plated lunch in the Roman Plaza Tent, Casino Level Boxed lunch in Claudius Ballroom, Third Floor - sponsored by Symantec Logo

12:30 - 12:45 Booksigning: Jared DeMott, author of “Fuzzing for Software Security: Robustness Testing for Quality Assurance and Vulnerability”

13:45 to 15:00
Insane Detection of
Insane Rootkits
Yuriy Bulygin		 Cisco IOS
Shellcodes/
Backdoors
Gyan Chawdhary
Varun Uppal		 Client-side Security
Petko D. Petkov		 Protocols and Encryption of the
Storm Botnet
Joe Stewart		 Iron Chef:
Fuzzing Challenge
Jacob West
Charlie Miller
Geoff Morrison
Jacob Honoroff
Sean Fay
Brian Chess		 The Four Horsemen
of the Virtualization Security Apocalypse
Christofer Hoff		 Software Radio
and the Future of Wireless Security
Michael Ossmann		 Temporal Reverse Engineering
Danny Quist
Colin Ames

15:15 to 16:30
iRK - Crafting OS X Kernel Rootkits
Jesse D'Aguanno		 Return-Oriented
Programming:
Exploits Without
Code Injection
Hovav Shacham		 Living in the RIA
World
Alex Stamos
David Thiel
Justine Osborne		 Xploiting Google Gadgets:
Gmalware
and Beyond
Tom Stracener
Robert Hansen		 Iron Chef:
Fuzzing Challenge
(continued)
Jacob West
Charlie Miller
Geoff Morrison
Jacob Honoroff
Sean Fay
Brian Chess		 Malware Detection Through Network
Flow Analysis
Bruce Potter		 Bluetooth v2.1
- a New Security Infrastructure
and New
Vulnerabilities
Andrew Lindell		 RE:Trace - Applied Reverse Engineering on OS X
Tiller Beauchamp
David Weston
 

16:30 to 16:45
Coffee Service: Fourth Floor Palace Tower Promenade - sponsored by VMWarelogo

16:45 to 18:00
VIral Infections
in Cisco IOS
Ariel Futoransky
 Reverse DNS
Tunneling Shellcode
Ty Miller		 FLEX, AMF 3 and BlazeDS: An Assessment
Jacob Carlson
Kevin Stadmeyer		 Meet the Feds
Panel Discussion
 MetaPost
Exploitation
Val Smith
 Predictable RNG
in the Vulnerable
Debian OpenSSL Package,
the What
and the How
Luciano Bello
Maximiliano
Bertacchini

 New Classes of Security and Privacy Vulnerabilities for Implantable Wireless Medical Devices
Tadayoshi Kohno
Kevin Fu		 Alternative Medicine: The Malware Analyst's Blue Pill
Paul Royal

18:00 on
Reception: 4th Floor - sponsored by   Norman LogoQualys LogoMicrosoft Logo

18:00 -18:15 Booksigning: Ty Miller, author of “Hacking Exposed: Linux”

19:00 - 22:00 Fourth Annual Black Hat No Limit Hold ‘Em Poker Tournament: sponsored by   Arbor Logo Location: Claudius 1 and 2 Register here (Black Hat exhibitors ineligible)
Hacker Court
Panel Discussion
Palace 1		 Commission on Cyber Security for the 44th Presidency
 Panel Discussion
Palace 3
Michael Assante
Jerry Dixon
Tom Kellerman
Marcus Sachs
Amit Yoran
 Pwnie Awards
Palace 2

Day Two • August 7, 2008

Up to Day 1
08:00 to 08:50 Regisration and Continental Breakfast: Fourth Floor Palace Tower Convention Floor - sponsored by Nokia Logo
08:50 to 09:00 Introduction by Black Hat Founder and Director, Jeff Moss
09:00 to 09:50 Keynote Rod Beckström, Director of the National Cyber Security Center (NCSC) - "Natural Security"
09:50 to 10:00 Break
0-Day Defense
Roman Ballroom		 App Sec 1.0/2.0
Augustus 3&4		 Deep Knowledge
Florentine Ballroom		 Forensics
Augustus 5&6		 Hardware
Palace 1		 Web 2.0
Augustus 1&2		 Virtualization
Palace 3		 Turbo Talks
Palace 2

10:00 to 11:00
No More 0-Days
(or Code-Based
Intrusion Detection
by Korset)
Ohad Ben-Cohen		 Encoded, Layered
and Transcoded
Syntax Attacks:
Threading the
Needle Past Web Application Security
Arian Evans		 Passive and Active Leakage of Secret
Data from Non-Networked
Computer
Eric Filiol		 Developments in
Cisco IOS Forensics
Felix Lindner		 ePassports Reloaded
Jeroen van Beek		 Satan is on
My Friends List:
Attacking Social
Networks
Shawn Moyer
Nathan Hamiel		 Taking the Hype
Out of Hypervisor
Tal Garfinkel

10:00-10:20
Winning the Race to Bare Metal – UEFI Hypervisors
Don Bailey
Martin Mocko

10:30-10:50
Metamorphic/ Polymorphic Malware DNA
Chet Hosmer

11:00 to 11:15
Coffee Service: Fourth Floor Palace Tower Convention Floor - sponsored by Google Logo

11:15 to 12:30
No More Signatures: Defending Web Applications from
0-Day Attacks with ModProfiler Using
Traffic Profiling
Ivan Ristic
Ofar Shezaf		 Circumventing
Automated
JavaScript Analysis Tools
Billy Hoffman		 Passive and Active Leakage of Secret
Data from Non-Networked Computer
(continued)
Eric Filiol		 Visual Forensic
Analysis and Reverse
Engineering of
Binary Data
Greg Conti
Erik Dean		 SmartCard APDU
Analysis
Ivan Buetler		 Threats to the 2008 Presidential Election
(and more)
Oliver Friedrichs		 Suberverting the Xen Hypervisor
Rafal Wojtczuk

11:15-11:35
A Fox in the Hen House (UPnP IGD)
Jonathan Squire

11:45-12:05
SQL Injection Worms for Fun and Profit
Justin Clarke

12:15-12:35
Mobile Phone Messaging Anti-Forensics
Zane Lackey
Luis Miras
 

12:30 to 13:45
Lunch: Plated lunch in the Roman Plaza Tent, Casino Level Boxed lunch in Claudius Ballroom, Third Floor - sponsored by Microsoft Logo

12:30 - 12:45 Booksigning: Zane Lackey, Alex Stamos & Himanshu Dwivedi, authors of “Hacking Exposed: Web 2.0”

13:45 to 15:00
A Hypervisor IPS
based on Hardware Assisted Virtualization Technology
Junichi Murakami		 Concurrency Attacks
in Web Applications
Scott Stender
Alexander Vidergar		 Attacking the
Vista Heap
Ben Hawkes		 Hacking and Injecting Federal Trojans
Lukas Grunwald		 Side-channel Timing
Attacks on MSP430 Microcontroller Firmware
Travis Goodspeed		 REST for the WIcked
Bryan Sullivan		 Detecting & Preventing
the Xen Hypervisor
Subversions
Joanna Rutkowska
Rafal Wojtczuk

13:45-14:05
Protecting Vulnerable
Applications with IIS7
Brian Holyfield

14:15-14:35
Got Citrix, Hack It!
Shanit Gupta

14:45-15:05
Vista and ActiveX Controls
Su Yong Kim
 

15:15 to 16:30
Secure the Planet!
New Strategic
Initiatives from
Microsoft to Rock
Your World
Mike Reavey
Katie Moussouris
Steve Adegbite		 How To Impress
Girls With Browser
Memory Protection Bypasses
Alexander Sotirov
Mark Dowd		 The Internet is
Broken: Beyond
Document.Cookie - Extreme Client-side Exploitation
Nathan McFeters
Rob Carter
John Heasman		 Hacking and Injecting Federal Trojans
Lukas Grunwald		 Mifare - Little Security, Despite Obscurity
Karsten Nohl		 Get Rich or Die
Trying - Making
Money on the Web,
the Black Hat Way
Jeremiah Grossman
Arian Evans		 Bluepilling the Xen Hypervisor
Joanna Rutkowska
Alexander Tereshkin

15:15-15:35
Fuzzing Proprietary SCADA Protocols
Sergey Bratus

15:45-16:05
Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation
Eric Laspe
Jason Raber

16:15-16:35
Active 802.11 Fingerprinting
Sergey Bratus
Daniel Peebles
Cory Cornelius
Axel Hansen

16:30 to 16:45
Coffee Service: Fourth Floor Palace Tower Promenade - sponsored by Core Security logo
 

16:45 to 18:00
Braving the Cold:
New Methods for Preventing
Cold Boot Attacks on Encryption Keys
Patrick McGregor		 Methods for Understanding
Targeted Attacks
with Office
Documents
Bruce Dang		 Windows Hibernation
File for Fun and Profit
Matthieu Suiche		 Inducing Momentary
Faults Within
Secure Smartcards/
Microcontrollers
Christopher Tarnovsky		 Pushing the Camel
Through the Eye of a Needle
SensePost		 VirtuallySecure
Oded Horovitz

16:45-17:05
Free-space QuantumKey Distribution at GHz Transmission Rates
Joshua Bienfang

17:15-17:35
Playing by Virtual Security Rules: How Virtualization Changes Everything and What to Do About It
Steve Pate

17:45-18:05
Meet the Owner of a Real Hacked Company - Forensic Analysis
Mark Shelhart
Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed
1997-2009 Black Hat ™