Day 2 • August 3, 2006 |
08:00 - 09:00 |
Registration and Continental Breakfast: Fourth Floor Palace Tower Promenade |
|
|
|
TBA
|
|
Location & Times |
Web Security |
Hardware Security
|
Rootkits
|
Zero Day Defense
|
Windows Vista Security
|
Breakouts
|
Turbo Talks
|
Palace Ballroom 1
|
Augustus 1 & 2
|
Palace Ballroom 3
|
Augustus 5 & 6
|
Augustus 3 & 4
|
Emperor's Salon 1
|
Palace Ballroom 2
|
09:00 - 09:50 |
Zero Day Subscriptions: Using RSS and Atom Feeds as Attack Delivery Systems
Robert Auger & Caleb Sima
|
RFID Malware Demystified
Melanie Rieback
|
R^2: The Exponential Growth of Rootkit Techniques
Jamie Butler, Nick Petroni & William Arbaugh
|
NIDS: False Positive Reduction Through Anomaly Detection
Emmanuelle Zambon & Damiano Bolzoni
|
Microsoft Security Fundamentals: Engineering, Response and Outreach
Andrew Cushman
|
Meet the Feds: OODA Loop and the Science of Security
Jason Beckett, Ovie Carroll, James Christy, Andy Fried, Mike Jacobs, Ken Privette, Keith Rhodes, Dave Thomas, Bob Hopper, Hilary Stanhope, Tim Fowler
|
Attacking Apple’s Xsan
Charles Edge
|
09:00 - 09:20 |
MatriXayWhen WebApp&Database Security Pen-Test/Audit Is a Joy
Yuan Fan & Xiao Rong
|
09:30 - 09:50
|
09:50 - 10:00 |
Break |
10:00 - 11:00 |
Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous"
Jeremiah Grossman & TC Niedzialkowski
|
New Attack RFID-systems and Their Middleware and Backends
Lukas Grunwald
|
Hardware Virtualization Based Rootkits
Dino Dai Zovi
|
Hotpatching and the Rise of Third-Party Patches
Alexander Sotirov
|
Security Engineering in Windows Vista
John Lambert
|
Breaking Crypto Without Keys: Analyzing Data in Web Applications
Chris Eng
|
Finding and Preventing Cross-site request Forgery
Tom Gallagher
|
10:00 - 10:20
|
Investigating Evil Websites with Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger
Tod Beardsley
|
10:30 - 10:50
|
11:00 - 11:15 |
Coffee Service: Fourth Floor Palace Tower Promenade |
|
|
|
|
|
11:15 - 12:30 |
AJAX (in)security
Billy Hoffman
|
The BlueBag: A Mobile, Covert Bluetooth Attack and Infection Device
Claudio Merloni & Luca Carettoni
|
RAIDE: Rootkit Analysis Identification Elimination v1.0
Peter Silberman & Jamie Butler
|
Thermoptic Camoflauge: Total IDS Evasion
Brian Caswell & HD Moore
|
The NetIO Stack: Reinventing TCP/IP in Windows Vista
Abolade Gbadegesin
|
Hacking, Hollywood Style
Johnny Long
|
I’m going to shoot the next person who says VLANs
Himanshu Dwivedi
|
11:15 - 11:35
|
VOIP Security Essentials
Jeff Waldron
|
11:45 - 12:05
|
$30, 30 minutes, 30 networks (Project Cowbird)
Jonathan Squire
|
12:15 - 12:35
|
12:30 - 13:45 |
Booksigning: Hacker’s Challenge 3 with Jeremiah Grossman and Himanshu Dwivedi
|
Lunch: Pavilion at Caesars
|
|
|
|
|
|
13:45 - 15:00 |
Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0
Alex Stamos & Zane Lackey
|
Bluetooth Defense Kit
Bruce Potter
|
Hacking World of Warcraft®: An Exercise in Advanced Rootkit Design
Greg Hoglund
|
Host Based Anomaly Detection on System Call Arguments
Stefano Zanero
|
WiFi in Windows Vista: A Peek Inside the Kimono
Noel Anderson & Taroon Mandhana
|
Disclosure (Public)
Jeff Moss, Paul Proctor, David Mortman, John Stewart, Derrick Scholl, Michael Sutton, Raven, Tom Ptacek, Pamela Fusco, Scott Blake, Jerry Dixon
|
Wi-Fi Advanced Stealth
Franck Veysset & Laurent Butti
|
13:45 - 14:05
|
Code Integration-Based Vulnerability Auditing
William Kimball
|
14:15 - 14:35
|
The Speed of (In)security: Analysis of The Speed of Security vs Insecurity
Stefan Frei & Dr. Martin May
|
14:45 - 15:05
|
15:00 - 15:15 |
Break |
15:15 - 16:30 |
Six Degrees of XSSploitation
Dan Moniz & HD Moore
|
Vulnerabilities in Not-So Embedded Systems
Brendan O'Connor
|
Rootkits: Attacking Personal Firewalls
Alexander Tereshkin
|
IPS Shortcomings
Renaud Bidou
|
Windows Vista Heap Management Enhancements Security, Reliability and Performance
Adrian Marinescu
|
Jericho Forum and Challenge
Paul Simmonds, Henry Teng, Bob West & Justin Somaini
|
Finding Gold in the Browser Cache
Corey Benninger
|
15:15 - 15:35
|
Automated Malware Classification/Analysis Though Network Theory and Statistics
Daniel Bilar
|
15:45 - 16:05
|
Defending Black Box Web Applications: Building an Open Source Web Security Gateway
Shawn Moyer
|
16:15 - 16:35
|
16:30 - 16:45 |
Coffee Service: Fourth Floor Palace Tower Promenade |
|
|
|
TBA
|
|
16:45 - 18:00 |
Analysis of Web Application Worms and Viruses
Billy Hoffman
|
Faster Pwning Assured: Hardware Hacks and Cracks with FPGAs
David Hulton & Dan Moniz
|
Subverting Vista Kernel For Fun And Profit
Joanna Rutkowska
|
The Statue of Liberty: Utilizing Active Honeypots for Hosting Potentially Malicious Events
Philip Trainor
|
Case Study: The Secure Development Lifecycle and Internet Explorer 7
Rob Franco
|
Jericho Forum
con't
|
Building Security into the Software LifeCycle, A Business Case
Marco Morana
|
16:45 - 17:05
|
BlackHat Stand-up Take Two: So What If I don’t Sell My Vulnerabilities…
James C. Foster
|
17:15 - 17:35
|
Runtime Packers: The Hidden Problem?
Maik Morgenstern & Tom Brosch
|
17:45 - 18:05
|