| 09:00 |
Geer
|
CYBERSECURITY AS REALPOLITIK |
| 10:15 |
Blanchou,
Solnik
|
CELLULAR EXPLOITATION ON A GLOBAL SCALE: THE RISE AND FALL OF THE CONTROL PROTOCOL |
Forshaw
|
DIGGING FOR IE11 SANDBOX ESCAPES |
|
Atlasis,
Rey
|
EVASION OF HIGH-END IPS DEVICES IN THE AGE OF IPV6 |
|
Riancho
|
PIVOTING IN AMAZON CLOUDS |
|
Barbosa,
Branco
|
PREVALENT CHARACTERISTICS IN MODERN MALWARE |
|
Oh
|
REVERSE ENGINEERING FLASH MEMORY FOR FUN AND BENEFIT |
|
FitzPatrick
|
SECSI PRODUCT DEVELOPMENT: TECHNIQUES FOR ENSURING SECURE SILICON APPLIED TO OPEN-SOURCE VERILOG PROJECTS |
|
Delignat-Lavaud
|
THE BEAST WINS AGAIN: WHY TLS KEEPS FAILING TO PROTECT HTTP |
|
Conti,
Cross,
Raymond
|
THE LIBRARY OF SPARTA |
|
Lackey
|
API SECURITY ROUNDTABLE: LESSONS LEARNED IN API SECURITY |
|
| 10:50 |
Lindh
|
ATTACKING MOBILE BROADBAND MODEMS LIKE A CRIMINAL WOULD |
| 11:45 |
Miller,
Valasek
|
A SURVEY OF REMOTE AUTOMOTIVE ATTACK SURFACES |
Jakobsson
|
HOW TO WEAR YOUR PASSWORD |
|
Demay,
Lebrun,
Picod
|
BRINGING SOFTWARE DEFINED RADIO TO THE PENETRATION TESTING COMMUNITY |
|
Ragan,
Salazar
|
CLOUDBOTS: HARVESTING CRYPTO COINS LIKE A BOTNET FARMER |
|
Kruegel
|
FULL SYSTEM EMULATION: ACHIEVING SUCCESSFUL AUTOMATED DYNAMIC ANALYSIS OF EVASIVE MALWARE |
|
Sprundel
|
WINDOWS KERNEL GRAPHICS DRIVER ATTACK SURFACE |
|
Fu,
Ling,
Yue
|
MY GOOGLE GLASS SEES YOUR PASSWORDS! |
|
Holcomb
|
NETWORK ATTACHED SHELL: N.A.S.TY SYSTEMS THAT STORE NETWORK ACCESSIBLE SHELLS |
|
Jones
|
GOVERNMENT POLICY ROUNDTABLE: UNDERSTANDING THE NIST RISK MANAGEMENT FRAMEWORK |
|
| 12:20 |
Li,
Li
|
DEFEATING THE TRANSPARENCY FEATURE OF DBI |
Forristal
|
ANDROID FAKEID VULNERABILITY WALKTHROUGH |
|
| 14:15 |
Litchfield
|
ORACLE DATA REDACTION IS BROKEN |
Zaichkowsky
|
POINT OF SALE SYSTEM ARCHITECTURE AND SECURITY |
|
Tarakanov
|
DATA-ONLY PWNING MICROSOFT WINDOWS KERNEL: EXPLOITATION OF KERNEL POOL OVERFLOWS ON MICROSOFT WINDOWS 8.1 |
|
Breen
|
MOBILE DEVICE MISMANAGEMENT |
|
Lehmann,
Sadeghi
|
THE BEAST IS IN YOUR MEMORY: RETURN-ORIENTED PROGRAMMING ATTACKS AGAINST MODERN CONTROL-FLOW INTEGRITY PROTECTION TECHNIQUES |
|
Hay,
Reuille
|
UNVEILING THE OPEN SOURCE VISUALIZATION ENGINE FOR BUSY HACKERS |
|
Beitnes
|
OPENSTACK CLOUD AT YAHOO SCALE: HOW TO AVOID DISASTER |
|
Hypponen
|
GOVERNMENTS AS MALWARE AUTHORS: THE NEXT GENERATION |
|
Ozavci
|
VOIP WARS: ATTACK OF THE CISCO PHONES |
|
Bailey,
Lanier
|
EMBEDDED DEVICES ROUNDTABLE: EMBEDDING THE MODERN WORLD, WHERE DO WE GO FROM HERE? |
|
| 14:50 |
Li
|
APT ATTRIBUTION AND DNS PROFILING |
Weis
|
PROTECTING DATA IN-USE FROM FIRMWARE AND PHYSICAL ATTACKS |
|
| 15:30 |
Rios
|
PULLING BACK THE CURTAIN ON AIRPORT SECURITY: CAN A WEAPON GET PAST TSA? |
Pinto
|
SECURE BECAUSE MATH: A DEEP-DIVE ON MACHINE LEARNING-BASED MONITORING |
|
Lders
|
WHY CONTROL SYSTEM CYBER-SECURITY SUCKS... |
|
Fu,
Ling,
Pearce,
Thomas,
Yue
|
MULTIPATH TCP: BREAKING TODAY'S NETWORKS WITH TOMORROW'S PROTOCOLS |
|
Bankston,
Ford,
Hofmann
|
THE BIG CHILL: LEGAL LANDMINES THAT STIFLE SECURITY RESEARCH AND HOW TO DISARM THEM |
|
Hirvonen
|
DYNAMIC FLASH INSTRUMENTATION FOR FUN AND PROFITĖ |
|
Mulliner
|
FINDING AND EXPLOITING ACCESS CONTROL VULNERABILITIES IN GRAPHICAL USER INTERFACES |
|
Rosenberg
|
REFLECTIONS ON TRUSTING TRUSTZONE |
|
Sood
|
WHAT GOES AROUND COMES BACK AROUND - EXPLOITING FUNDAMENTAL WEAKNESSES IN BOTNET C&C PANELS! |
|
Lewis
|
CERTIFICATIONS ROUNDTABLE: THE QUEST FOR VALUE |
|
| 16:05 |
Saxe
|
A SCALABLE, ENSEMBLE APPROACH FOR BUILDING AND VISUALIZING DEEP CODE-SHARING NETWORKS OVER MILLIONS OF MALICIOUS BINARIES |
| 17:00 |
Cesare
|
BREAKING THE SECURITY OF PHYSICAL DEVICES |
Cohen
|
CONTEMPORARY AUTOMATIC PROGRAM ANALYSIS |
|
Drake
|
RESEARCHING ANDROID DEVICE SECURITY WITH THE HELP OF A DROID ARMY |
|
Jang,
Lee,
Wang
|
ABUSING PERFORMANCE OPTIMIZATION WEAKNESSES TO BYPASS ASLR |
|
Antoniewicz
|
802.1X AND BEYOND! |
|
Belov,
Kamluk,
Sacco
|
COMPUTRACE BACKDOOR REVISITED |
|
Molina
|
LEARN HOW TO CONTROL EVERY ROOM AT A LUXURY HOTEL REMOTELY: THE DANGERS OF INSECURE HOME AUTOMATION DEPLOYMENT |
|
Ottenheimer
|
BABAR-IANS AT THE GATE: DATA PROTECTION AT MASSIVE SCALE |
|
Ford
|
RESPONSIBLE DISCLOSURE ROUNDTABLE: YOU MAD BRO? |
|
| 17:35 |
Hu,
Lau
|
HOW TO LEAK A 100-MILLION-NODE SOCIAL GRAPH IN JUST ONE WEEK? - A REFLECTION ON OAUTH AND API DESIGN IN ONLINE SOCIAL NETWORKS |
| 09:00 |
Lell,
Nohl
|
BADUSB - ON ACCESSORIES THAT TURN EVIL |
Kouns,
Price
|
EPIDEMIOLOGY OF SOFTWARE VULNERABILITIES: A STUDY OF ATTACK SURFACE SPREAD |
|
Diquet
|
IT JUST (NET)WORKS: THE TRUTH ABOUT IOS 7'S MULTIPEER CONNECTIVITY FRAMEWORK |
|
Thomas
|
REVERSE-ENGINEERING THE SUPRA IBOX: EXPLOITATION OF A HARDENED MSP430-BASED DEVICE |
|
Yu
|
WRITE ONCE, PWN ANYWHERE |
|
Lanier,
Lum
|
STAY OUT OF THE KITCHEN: A DLP SECURITY BAKE-OFF |
|
Williams
|
I KNOW YOUR FILTERING POLICY BETTER THAN YOU DO: EXTERNAL ENUMERATION AND EXPLOITATION OF EMAIL AND WEB SECURITY SOLUTIONS |
|
Bambenek,
James
|
THE NEW SCOURGE OF RANSOMWARE: A STUDY OF CRYPTOLOCKER AND ITS FRIENDS |
|
Anderson
|
HOW SMARTCARD PAYMENT SYSTEMS FAIL |
|
Iozzo,
Zatko
|
MOBILE SECURITY ROUNDTABLE: WHAT DOES MOBILE SECURITY LOOK LIKE TODAY? WHAT WILL IT LOOK LIKE TOMORROW? |
|
| 09:35 |
Mesbahi,
Swinnen
|
ONE PACKER TO RULE THEM ALL: EMPIRICAL IDENTIFICATION, COMPARISON, AND CIRCUMVENTION OF CURRENT ANTIVIRUS DETECTION TECHNIQUES |
Spring,
Vixie
|
ABUSE OF CPE DEVICES AND RECOMMENDED FIXES |
|
| 10:15 |
Stamos
|
BUILDING SAFE SYSTEMS AT SCALE - LESSONS FROM SIX MONTHS AT YAHOO |
Wei,
Zhang
|
SIDEWINDER TARGETED ATTACK AGAINST ANDROID IN THE GOLDEN AGE OF AD LIBS |
|
Chechik,
Hayak
|
BITCOIN TRANSACTION MALLEABILITY THEORY IN PRACTICE |
|
Bolshev,
Cherbov
|
ICSCORSAIR: HOW I WILL PWN YOUR ERP THROUGH 4-20 MA CURRENT LOOP |
|
Healey
|
SAVING CYBERSPACE |
|
Brodie,
Shaulov
|
A PRACTICAL ATTACK AGAINST VDI SOLUTIONS |
|
Koca,
Luft
|
WHEN THE LIGHTS GO OUT: HACKING CISCO ENERGYWISE |
|
Cornwell,
Kallenberg,
Kovah
|
EXTREME PRIVILEGE ESCALATION ON WINDOWS 8/UEFI SYSTEMS |
|
Geers,
Thompson
|
LEVIATHAN: COMMAND AND CONTROL COMMUNICATIONS ON PLANET EARTH |
|
Radcliffe
|
MEDICAL DEVICES ROUNDTABLE: IS THERE A DOCTOR IN THE HOUSE? SECURITY AND PRIVACY IN THE MEDICAL WORLD |
|
| 10:50 |
Trost
|
THREAT INTELLIGENCE LIBRARY - A NEW REVOLUTIONARY TECHNOLOGY TO ENHANCE THE SOC BATTLE RHYTHM! |
| 11:45 |
Butler,
Nils
|
MISSION MPOSSIBLE |
Castle
|
GRR: FIND ALL THE BADNESS, COLLECT ALL THE THINGS |
|
Delpy,
Duckwall
|
ABUSING MICROSOFT KERBEROS: SORRY YOU GUYS DON'T GET IT |
|
Torrey
|
MORE SHADOW WALKER: THE PROGRESSION OF TLB-SPLITTING ON X86 |
|
Jang,
Lau,
Lee,
Wang
|
EXPLOITING UNPATCHED IOS VULNERABILITIES FOR FUN AND PROFIT |
|
Gluck,
Wang
|
RAVAGE - RUNTIME ANALYSIS OF VULNERABILITIES AND GENERATION OF EXPLOITS |
|
Schloesser
|
INTERNET SCANNING - CURRENT STATE AND LESSONS LEARNED |
|
Buentello,
Hernandez,
Jin
|
SMART NEST THERMOSTAT: A SMART SPY IN YOUR HOME |
|
Gorenc,
Spelman
|
THINKING OUTSIDE THE SANDBOX - VIOLATING TRUST BOUNDARIES IN UNCOMMON WAYS |
|
Mogull
|
PRAGMATIC SECURITY AUTOMATION ROUNDTABLE |
|
| 12:20 |
Sager
|
FROM ATTACKS TO ACTION - BUILDING A USABLE THREAT MODEL TO DRIVE DEFENSIVE CHOICES |
| 14:15 |
Ptacek
|
48 DIRTY LITTLE SECRETS CRYPTOGRAPHERS DON'T WANT YOU TO KNOW |
deGraaf
|
SVG: EXPLOITING BROWSERS WITHOUT IMAGE PARSING BUGS |
|
Larsen
|
MINIATURIZATION |
|
Devost,
Mateski
|
THE DEVIL DOES NOT EXIST - THE ROLE OF DECEPTION IN CYBER |
|
Mayer,
Sandin
|
TIME TRIAL: RACING TOWARDS PRACTICAL TIMING ATTACKS |
|
Schneier
|
THE STATE OF INCIDENT RESPONSE |
|
Allen,
Jaycox
|
"NOBODY IS LISTENING TO YOUR PHONE CALLS." REALLY? A DEBATE AND DISCUSSION ON THE NSA'S ACTIVITIES |
|
Johansen
|
BE MEAN TO YOUR CODE ROUNDTABLE: SECURITY IN THE AGE OF CONTINUOUS INTEGRATION & DEPLOYMENT |
|
| 14:50 |
Gallingani
|
STATIC DETECTION AND AUTOMATIC EXPLOITATION OF INTENT MESSAGE VULNERABILITIES IN ANDROID APPLICATIONS |
| 15:30 |
Santamarta
|
SATCOM TERMINALS: HACKING BY AIR, SEA, AND LAND |
Bongard
|
FINGERPRINTING WEB APPLICATION PLATFORMS BY VARIATIONS IN PNG IMPLEMENTATIONS |
|
Hathaway,
Myers
|
WHY YOU NEED TO DETECT MORE THAN PTH |
|
Mahjoub,
Reuille,
Toonk
|
CATCHING MALWARE EN MASSE: DNS AND IP STYLE |
|
Balasubramaniyan,
Bandyopadhyay,
Calhoun
|
LIFECYCLE OF A PHONE FRAUDSTER: EXPOSING FRAUD ACTIVITY FROM RECONNAISSANCE TO TAKEOVER USING GRAPH ANALYSIS AND ACOUSTICAL ANOMALIES |
|
Borgaonkar,
Udar
|
UNDERSTANDING IMSI PRIVACY |
|
Valtman
|
A JOURNEY TO PROTECT POINTS-OF-SALE |
|
Johns,
Lekies,
Stock
|
CALL TO ARMS: A TALE OF THE WEAKNESSES OF CURRENT CLIENT-SIDE XSS FILTERING |
|
Arsal
|
SAP, CREDIT CARDS, AND THE BIRD THAT TALKS TOO MUCH |
|
Stratton
|
SECURITY AND SOFTWARE DEFINED NETWORKING ROUNDTABLE: NEW EXPOSURES OR NEW OPPORTUNITIES? |
|
| 16:05 |
Hastings,
Kazanciyan
|
INVESTIGATING POWERSHELL ATTACKS |
| 17:00 |
Seeber
|
HACKING THE WIRELESS WORLD WITH SOFTWARE DEFINED RADIO - 2.0 |
Guiterrez,
Komal
|
UNWRAPPING THE TRUTH: ANALYSIS OF MOBILE APPLICATION WRAPPING SOLUTIONS |
|
Anh
|
CAPSTONE: NEXT GENERATION DISASSEMBLY FRAMEWORK |
|
Haukli
|
EXPOSING BOOTKITS WITH BIOS EMULATION |
|
Muttik,
Nayshtut
|
CREATING A SPIDER GOAT: USING TRANSACTIONAL MEMORY SUPPORT FOR SECURITY |
|
Wang
|
UNDERSTANDING TOCTTOU IN THE WINDOWS KERNEL FONT SCALER ENGINE |
|
Niemczyk,
Rao
|
PROBABILISTIC SPYING ON ENCRYPTED TUNNELS |
|
Wojtczuk
|
POACHER TURNED GAMEKEEPER: LESSONS LEARNED FROM EIGHT YEARS OF BREAKING HYPERVISORS |
|
Novikov
|
THE NEW PAGE OF INJECTIONS BOOK: MEMCACHED INJECTIONS |
|
| 17:35 |
Rogers,
Rogers,
Weaver
|
BADGER - THE NETWORKED SECURITY STATE ESTIMATION TOOLKIT |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.