Black Hat USA 2016 | Briefings Schedule - Aug 4

Trainings July 30 - August 2 CISO
Summit August 2 Briefings August 3 Arsenal August 3 Sponsored Sessions August 3 Sponsored Workshops August 3 Briefings August 4 Arsenal August 4 Sponsored Sessions August 4 Sponsored Workshops August 4

Briefings | August 4

07:30

Breakfast
BROUGHT TO YOU BY BLACK HAT USA DIAMOND SPONSOR - Forcepoint

09:00

A Lightbulb Worm?Colin O'Flynn Mandalay Bay BCD 09:00 - 09:25

BadTunnel: How Do I Get Big Brother Power?Yang Yu Mandalay Bay EF 09:00 - 09:25

Blunting the Phisher's Spear: A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges Arun Vishwanath South Seas CDF 09:00 - 09:25

Dark Side of the DNS Force Erik Wu Lagoon K 09:00 - 09:25

Dungeons, Dragons and Security Tiphaine Romand Latapie Mandalay Bay GH 09:00 - 09:25

Keystone Engine: Next Generation Assembler Framework Nguyen Anh Quynh South Seas IJ 09:00 - 09:25

PINdemonium: A DBI-Based Generic Unpacker for Windows Executable Sebastiano Mariani & Lorenzo Fontana Jasmine Ballroom 09:00 - 09:25

Samsung Pay: Tokenized Numbers, Flaws and Issues Salvador Mendoza South Seas ABE 09:00 - 09:25

What's the DFIRence for ICS?Chris Sistrunk & Josh Triplett South Seas GH 09:00 - 09:25

09:25

Break

09:45

Advanced CAN Injection Techniques for Vehicle Networks Charlie Miller & Chris Valasek Mandalay Bay GH 09:45 - 10:35

Defense at Hyperscale: Technologies and Policies for a Defensible Cyberspace Jason Healey South Seas GH 09:45 - 10:35

Suphannee Sivakorn & Jason Polakis South Seas IJ 09:45 - 10:35

Ouroboros: Tearing Xen Hypervisor with the Snake Shangcong Luan Mandalay Bay BCD 09:45 - 10:10

TCP Injection Attacks in the Wild - A Large Scale Study Gabi Nakibly Mandalay Bay EF 09:45 - 10:35

The Art of Defense - How Vulnerabilities Help Shape Security Features and Mitigations in Android Nick Kralevich South Seas ABE 09:45 - 10:35

The Remote Malicious Butler Did It!Tal Be'ery & Chaim Hoch Lagoon K 09:45 - 10:35

Understanding HL7 2.x Standards, Pen Testing, and Defending HL7 2.x Messages Anirudh Duggal Jasmine Ballroom 09:45 - 10:35

Windows 10 Segment Heap Internals Mark Vincent Yason South Seas CDF 09:45 - 10:35

10:35

Coffee Service
BROUGHT TO YOU BY BLACK HAT USA DIAMOND SPONSOR - Hewlett Packard Enterprise

11:00

Analysis of the Attack Surface of Windows 10 Virtualization-Based Security Rafal Wojtczuk Mandalay Bay GH 11:00 - 11:50

Cunning with CNG: Soliciting Secrets from Schannel Jake Kambic South Seas IJ 11:00 - 11:50

Demystifying the Secure Enclave Processor Tarjei Mandt & Mathew Solnik Lagoon K 11:00 - 11:50

Hacking Next-Gen ATMs: From Capture to Cashout Weston Hecker South Seas ABE 11:00 - 11:50

Investigating DDOS - Architecture, Actors, and Attribution Elliott Peterson & Andre Correa Mandalay Bay EF 11:00 - 11:50

Language Properties of Phone Scammers: Cyberdefense at the Level of the Human Judith Tabron South Seas CDF 11:00 - 11:50

Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators Tongbo Luo & Xing Jin Mandalay Bay BCD 11:00 - 11:25

O-checker: Detection of Malicious Documents Through Deviation from File Format Specifications Yuhei Otsubo Jasmine Ballroom 11:00 - 11:25

The Tao of Hardware, the Te of Implants Joe FitzPatrick South Seas GH 11:00 - 11:50

11:50

Break

12:10

AirBnBeware: Short Term Rentals, Long Term Pwnage Jeremy Galloway South Seas IJ 12:10 - 13:00

badWPAD Maxim Goncharov Mandalay Bay BCD 12:10 - 12:35

Discovering and Exploiting Novel Security Vulnerabilities in Apple ZeroConf Luyi Xing & Xiaolong Bai Jasmine Ballroom 12:10 - 13:00

Hardening AWS Environments and Automating Incident Response for AWS Compromises Andrew Krug & Alex McCormack Lagoon K 12:10 - 13:00

Horse Pill: A New Type of Linux Rootkit Michael Leibowitz South Seas CDF 12:10 - 13:00

SGX Secure Enclaves in Practice: Security and Crypto Review Jean-Philippe Aumasson & Luis Merino South Seas GH 12:10 - 13:00

John Seymour & Philip Tully South Seas ABE 12:10 - 13:00

When the Cops Come A-Knocking: Handling Technical Assistance Demands from Law Enforcement Jennifer Granick & Riana Pfefferkorn Mandalay Bay EF 12:10 - 13:00

Windows 10 Mitigation Improvements Matt Miller & David Weston Mandalay Bay GH 12:10 - 13:00

13:00

Lunch
BROUGHT TO YOU BY BLACK HAT USA DIAMOND SPONSOR - RSA

14:30

Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions Vincent Tan Mandalay Bay EF 14:30 - 15:20

Breaking FIDO: Are Exploits in There?Jerrod Chong South Seas GH 14:30 - 14:55

Iran's Soft-War for Internet Dominance Claudio Guarnieri & Collin Anderson Lagoon K 14:30 - 15:20

OSS Security Maturity: Time to Put On Your Big Boy Pants!Jake Kouns & Christine Gadsby Jasmine Ballroom 14:30 - 15:20

Pangu 9 Internals Tielei Wang & Hao Xu & Xiaobo Chen South Seas CDF 14:30 - 15:20

PLC-Blaster: A Worm Living Solely in the PLC Ralf Spenneberg & Maik Brüggemann & Hendrik Schwartke South Seas IJ 14:30 - 15:20

The Year in Flash Natalie Silvanovich Mandalay Bay BCD 14:30 - 15:20

VOIP WARS: The Phreakers Awaken Fatih Ozavci Mandalay Bay GH 14:30 - 15:20

Web Application Firewalls: Analysis of Detection Logic Vladimir Ivanov South Seas ABE 14:30 - 15:20

15:20

Ice Cream Social
BROUGHT TO YOU BY BLACK HAT USA Platinum Plus Sponsors

15:50

Behind the Scenes of iOS Security Ivan Krstic Mandalay Bay GH 15:50 - 16:40

Breaking Hardware-Enforced Security with Hypervisors Joseph Sharkey Lagoon K 15:50 - 16:40

Crumbling the Supercookie, and Other Ways the FCC Protects Your Internet Traffic Travis LeBlanc & Jonathan Mayer South Seas IJ 15:50 - 16:40

DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes Rodrigo Rubira Branco & Rohit Mothe South Seas GH 15:50 - 16:40

The Art of Reverse Engineering Flash Exploits Jeong Wook Oh Jasmine Ballroom 15:50 - 16:40

The Beast Within - Evading Dynamic Malware Analysis Using Microsoft COM Ralf Hund Mandalay Bay BCD 15:50 - 16:40

Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks Nethanel Gelernter South Seas CDF 15:50 - 16:40

Using an Expanded Cyber Kill Chain Model to Increase Attack Resiliency Sean Malone South Seas ABE 15:50 - 16:40

When Governments Attack: State Sponsored Malware Attacks Against Activists, Lawyers, and Journalists Cooper Quintin & Eva Galperin Mandalay Bay EF 15:50 - 16:40

16:40

Networking Break
BROUGHT TO YOU BY BLACK HAT USA Platinum Sponsors

17:00

An AI Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network Konstantin Berlin Lagoon K 17:00 - 17:25

An Inconvenient Trust: User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems Patrick Gage Kelley Mandalay Bay BCD 17:00 - 17:25

Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking?Changhoon Yoon & Seungsoo Lee Mandalay Bay GH 17:00 - 17:25

Building Trust & Enabling Innovation for Voice Enabled IoT Lynn Terwoerds South Seas IJ 17:00 - 17:25

Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud Aude Marzuoli South Seas CDF 17:00 - 17:25

Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization Nan Zhang South Seas GH 17:00 - 17:25

Over the Edge: Silently Owning Windows 10's Secure Browser Erik Bosman & Kaveh Razavi & Herbert Bos & Cristiano Giuffrida Jasmine Ballroom 17:00 - 17:50

Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network Neil Wyler & Bart Stump Mandalay Bay EF 17:00 - 17:50

Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process Anders Fogh & Daniel Gruss South Seas ABE 17:00 - 17:50