2013-08-01

09:00

• KEYNOTE - TAKE RISK, DON’T FAIL

10:15

• CMX: IEEE CLEAN FILE METADATA EXCHANGE

• PASS-THE-HASH 2: THE ADMIN'S REVENGE

• ABUSING WEB APIS THROUGH SCRIPTED ANDROID APPLICATIONS

• THE SCADA THAT DIDN'T CRY WOLF- WHO'S REALLY ATTACKING YOUR ICS DEVICES- PART DEUX!

• MOBILE ROOTKITS: EXPLOITING AND ROOTKITTING ARM TRUSTZONE

• FULLY ARBITRARY 802.3 PACKET INJECTION: MAXIMIZING THE ETHERNET ATTACK SURFACE

• BLUETOOTH SMART: THE GOOD, THE BAD, THE UGLY, AND THE FIX!

• HONEY, I’M HOME!! - HACKING Z-WAVE HOME AUTOMATION SYSTEMS

• THE FACTORING DEAD: PREPARING FOR THE CRYPTOPOCALYPSE

• MO MALWARE MO PROBLEMS - CUCKOO SANDBOX TO THE RESCUE

• DO-IT-YOURSELF CELLULAR IDS

10:45

• MOBILE MALWARE: WHY THE TRADITIONAL AV PARADIGM IS DOOMED AND HOW TO USE PHYSICS TO DETECT UNDESIRABLE ROUTINES

• BIG DATA FOR WEB APPLICATION SECURITY

11:45

• BOCHSPWN: IDENTIFYING 0-DAYS VIA SYSTEM-WIDE MEMORY ACCESS PATTERN ANALYSIS

• ENERGY FRAUD AND ORCHESTRATED BLACKOUTS: ISSUES WITH WIRELESS METERING PROTOCOLS (WM-BUS)

• DISSECTING CSRF ATTACKS & COUNTERMEASURES

• HUNTING THE SHADOWS: IN DEPTH ANALYSIS OF ESCALATED APT ATTACKS

• THE OUTER LIMITS: HACKING THE SAMSUNG SMART TV

• REVEALING EMBEDDED FINGERPRINTS: DERIVING INTELLIGENCE FROM USB STACK INTERACTIONS

• UART THOU MAD?

• ANDROID: ONE ROOT TO OWN THEM ALL

• STEPPING P3WNS: ADVENTURES IN FULL-SPECTRUM EMBEDDED EXPLOITATION (AND DEFENSE!)

14:15

• USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER

• HOT KNIVES THROUGH BUTTER: BYPASSING AUTOMATED ANALYSIS SYSTEMS

• ABOVE MY PAY GRADE: CYBER RESPONSE AT THE NATIONAL LEVEL

• ') UNION SELECT `THIS_TALK` AS ('NEW OPTIMIZATION AND OBFUSCATION TECHNIQUES’)%00

• OUT OF CONTROL: DEMONSTRATING SCADA DEVICE EXPLOITATION

• FUNDERBOLT: ADVENTURES IN THUNDERBOLT DMA ATTACKS

• PRESS ROOT TO CONTINUE: DETECTING OSX AND WINDOWS BOOTKITS WITH RDFU

• WHAT'S ON THE WIRE? PHYSICAL LAYER TAPPING WITH PROJECT DAISHO

• IMPLANTABLE MEDICAL DEVICES: HACKING HUMANS

• NETWORK FORENSICS: SUDDEN DEATH WORKSHOP

• JTAGULATOR: ASSISTED DISCOVERY OF ON-CHIP DEBUG INTERFACES

15:30

• CREEPYDOL: CHEAP, DISTRIBUTED STALKING

• POST EXPLOITATION OPERATIONS WITH CLOUD SYNCHRONIZATION SERVICES

• VIRTUAL DEOBFUSCATOR - A DARPA CYBER FAST TRACK FUNDED EFFORT

• IS THAT A GOVERNMENT IN YOUR NETWORK OR ARE YOU JUST HAPPY TO SEE ME?

• COMPROMISING INDUSTRIAL FACILITIES FROM 40 MILES AWAY

• RFID HACKING: LIVE FREE OR RFID HARD

• SSL, GONE IN 30 SECONDS - A BREACH BEYOND CRIME

• EXPLOITING NETWORK SURVEILLANCE CAMERAS LIKE A HOLLYWOOD HACKER

• HACKING, SURVEILLING, AND DECEIVING VICTIMS ON SMART TV

17:00

• OPTIROP: HUNTING FOR ROP GADGETS IN STYLE

• DEFENDING NETWORKS WITH INCOMPLETE INFORMATION: A MACHINE LEARNING APPROACH

• TERIDIAN SOC EXPLOITATION: EXPLORATION OF HARVARD ARCHITECTURE SMART GRID SYSTEMS

• BUGALYZE.COM - DETECTING BUGS USING DECOMPILATION AND DATA FLOW ANALYSIS

• HACKING LIKE IN THE MOVIES: VISUALIZING PAGE TABLES FOR LOCAL EXPLOITATION

• HOME INVASION V2.0 - ATTACKING NETWORK-CONTROLLED HARDWARE

• MULTIPLEXED WIRED ATTACK SURFACES

• OWNING THE ROUTING TABLE - PART II

• SPY-JACKING THE BOOTERS