Black Hat USA 2008 Archives
Black Hat USA 2008 Presentations are listed alphabetically by speaker.
Keynote: Complexity in Computer Security: a Risky Business
Ian O. Angell, Professor of Information Systems. London School of Economics
Winning the Race to Bare Metal – UEFI Hypervisors
Don Bailey, Martin Mocko
Track: Turbo Talk
Keynote: Natural Security
Rod Beckström, Director of the National Cyber Security Center
RE:Trace - Applied Reverse Engineering on OS X
Tiller Beauchamp, David Weston
Track: Reverse Engineering
Predictable RNG in the Vulnerable Debian OpenSSL package, the What and the How
Luciano Bello, Maximiliano Bertacchini
Track: Network
When Lawyers Attack: Dealing With the New Rules of Electronic Discovery
John Benson, Electronic Discovery Consultant
Track: Deep Knowledge
No More 0-Days (or Code-Based Intrusion Detection by Korset)
Ohad Ben-Cohen
Track: 0-Day Defense
Free-Space Quantum Key Distribution at GHz Transmission Rates
Joshua Bienfang
Track: Turbo Talks
Active 802.11 Fingerpinting: a "Secret Handshake" to Know Your APs
Sergey Bratus
Track: OTA
SmartCard APDU Analysis
Ivan Buetler, Presenter
Track: Hardware
Insane Detection of Insane Rootkits: Chipset Based Approach to Detect Virtualization Malware
Yuriy Bulygin, Presenter, Security Center of Excellence
Track: Root Kit Arms Race
FLEX, AMF 3 and BlazeDS: An Assessment
Jacob Carlson, Kevin Stadmeyer
Track: App Sec 1.0 / 2.0
Cisco IOS Shellcodes/Backdoors
Gyan Chawdhary, Varun Uppal
Track:
SQL Injection Worms for Fun and Profit
Justin Clarke
Track: Turbo Talks
Commission on Cyber Security for the 44th Presidency
Panel Discussion
Visual Forensic Analysis and Reverse Engineering of Binary Data
Greg Conti, Erik Dean
Track: Forensics & Anti Forensics
iRK - Crafting OS X Kernel Rootkits
Jesse D'Aguanno
Track: Rootkits Arms Race
Methods for Understanding Targeted Attacks with Office Documents
Bruce Dang
Track: App Sec 1.0 / 2.0
AppSec A-Z: Reverse Engineering, Source Code Auditing, Fuzzing, and Exploitation
Jared DeMott
Track: App Sec 1.0 / 2.0
Bad Sushi: Beating Phishers at Their Own Game
Nitesh Dhanjani, Senior Manager
Billy Rios, Microsoft
Track: Bots and Malware
Next Generation Collaborative Reversing with Ida Pro and CollabREate
Chris Eagle, Associate Chairman, Computer Science Department, Naval Postgraduate School
Tim Vidas, Research Associate, Computer Science Department, Naval Postgraduate School
Track: App Sec 1.0/ 2.0
A New Breed of Rootkit: The System Management Mode (SMM) Rootkit
Shawn Embleton, CTO, Clear Hat Consulting
Sherri Sparks, President, Clear Hat Consulting
Track: Root Kit Arms Race
Encoded, Layered, and Trancoded Syntax Attacks: Threading the Needle past Web Application Security Controls
Arian Evans
Track: App Sec 1.0 / 2.0
Hacker Court 2008: Hack MyFace
Carole Fennelly, Paul Ohm, Richard Salgado, Kurt Opsahl, Jennifer Granick, Richard Thieme, Peiter Zatko, Brian Martin, Simple Nomad, Jonathan Klein, Caitlin Klein, Ryan Bulat
Track: Reception, Day 1
Passive and Active Leakage of Secret Data from Non Networked Computer
Eric Filiol
Track:
Threats to the 2008 Presidential Election (and more)
Oliver Friedrichs, Director, Emerging Technologies in Symantec Security Response
Track: App Sec 1.0 / 2.0
Taking the Hype Out of Hypervisors
Tal Garfinkel
Track: Virtualization
Side-channel Timing Attacks on MSP430 Microcontroller Firmware
Travis Goodspeed
Track: Hardware
Get Rich or Die Trying - "Making Money on The Web, The Black Hat Way"
Jeremiah Grossman, Arian Evans
Track: Web 2.0
Hacking and Injecting Federal Trojans.
Lukas Grunwald
Track: Forensics & Anti Forensics
Decompilers and Beyond
Ilfak Guilfanov
Track:
Got Citrix, Hack It!
Shanit Gupta
Track: Turbo Talks
Attacking the Vista Heap
Ben Hawkes
Track: 0-Day
The Four Horsemen of the Virtualization Security Apocalypse
Christofer Hoff
Track: Virtualization
Circumventing Automated JavaScript Analysis Tools
Billy Hoffman
Track:
Protecting Vulnerable Applications with IIS7
Brian Holyfield
Track: Turbo Talks
Metamorphic / Polymorphic Malware DNA
Chet Hosmer
Track: Turbo Talks
Virtually Secure
Oded Horovitz
Track: Virtualization
Pointers and Handles, A Story Of Unchecked Assumptions In The Windows Kernel
Alex Ionescu
Track: 0-Day
Black Ops 2008 -- Its The End Of The Cache As We Know It
Dan Kaminsky
Track: The Network
Vista and ActiveX Controls
Su Yong Kim
Track: Turbo Talks
New Classes of Security and Privacy Vulnerabilities for Implantable Wireless Medical Devices
Tadayoshi Kohno, Kevin Fu
Track:
Jinx - Malware 2.0
Itzik Kotler, Jonathan Rom
Track: Bots & Malware
Mobile Phone Messaging Anti-Forensics
Zane Lackey, Senior Security Consultant, iSEC Partners
Luis Miras, Independent Security Researcher
Track: Forensics
Deobfuscator: an Automated Approach to the Identification and Removal of Code Obfuscation
Eric Laspe
Track: Turbo Talks
Highway to Hell: Hacking Toll Systems
Nate Lawson, Founder, Root Labs
Track: OTA
Bluetooth v2.1 - a New Security Infrastructure and New Vulnerabilities
Andrew Lindell
Track: OTA
Developments in Cisco IOS Forensics
Felix Lindner, Head of Recurity Labs
Track: Forensics
Oracle Forensics by David Litchfield
Track: Forensics & Anti Forensics
The Internet is Broken: Beyond Document.Cookie - Extreme Client Side Exploitation
Nathan McFeters, John Heasman, Rob Carter
Track: App Sec 1.0 / 2.0
Braving the Cold: New Methods for Preventing Cold Boot Attacks on Encryption Keys
Patrick McGregor
Track: 0-Day Defense
Pushing the Camel through the Eye of a Needle
SensePost
Track: Web 2.0
Meet the Feds 2008
Panel Discussion
Reverse DNS Tunneling Shellcode
Ty Miller
Track: 0-Day
Satan is on My Friends List: Attacking Social Networks
Shawn Moyer and Nathan Hamiel
Track: App Sec 1.0 / 2.0
Viral Infections in Cisco IOS
Ariel Futoransky
Track: Rootkit Arms Race
A Hypervisor IPS based on Hardware Assisted Virtualization Technology
Junichi Murakami
Track: Virtualization
Mifare -- Little Security, Despite Obscurity
Karsten Nohl
Track: Hardware
Living in the RIA World: Blurring the Line Between Web and Desktop Security
Justine Osborne, Security Consultant, iSEC Partners
Track: App Sec 1.0 / 2.0
Mobitex Network Security
olleB
Track: OTA
Software Radio and the Future of Wireless Security
Michael Ossmann, Information Security Researcher, Institute for Telecommunications Sciences, US Department of Commerce
Track: OTA
Playing by Virtual Security Rules: How Virtualization Changes Everything and What to Do About It
Steve Pate
Track: Turbo Talks
Client-side Security
Petko D. Petkov
Track: App Sec 1.0 / 2.0
Malware Detection Through Network Flow Analysis
Bruce Potter, Founder, Shmoo Group
Track: The Network
Temporal Reverse Engineering
Danny Quist, Colin Ames
Track: Reverse Engineering
Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World
Mike Reavey, Steve Adegbite, Katie Moussouris
Track: Deep Knowledge
No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler UsingTraffic Profiling
Ivan Ristic, Ofer Shezaf
Track: 0-Day Defense
Alternative Medicine: The Malware Analyst's Blue Pill
Paul Royal
Track: Reverse Engineering
Detecting & Preventing the Xen Hypervisor Subversions
Joanna Rutkowska, Rafal Wojtczuk
Track: Virtualization
Bluepilling the Xen Hypervisor
Alexander Tereshkin, Joanna Rutkowska
Track: Virtualization
Return-Oriented Programming: Exploits Without Code Injection
Hovav Shacham
Track: 0-Day
Meet The Owner Of a Real Hacked Company - Forensic Investigation
Mark Shelhart
Track: Turbo Talks
MetaPost-Exploitation
Val Smith, Colin Ames
Track: App Sec 1.0 / 2.0
How To Impress Girls With Browser Memory Protection Bypasses
Alexander Sotirov, Mark Dowd
Track: App Sec 1.0 / 2.0
Deeper Door - Exploiting the NIC Chipset
Sherri Sparks, President, Clear Hat Consulting
Shawn Embleton, CTO, Clear Hat Consulting
Track: Root Kit Arms Race
A Fox in the Hen House (UPnP IGD)
Jonathan Squire
Track: Turbo Talks
Living in the RIA World: Blurring the Line Between Web and Desktop Security
Alex Stamos, Founding Partner, iSEC Partners
Track: App Sec 1.0 /2.0
Concurrency Attacks in Web Applications
Scott Stender
Track: App Sec 1.0 / 2.0
Protocols and Encryption of The Storm Botnet
Joe Stewart
Track: Bots & Malware
Xploiting Google Gadgets: Gmalware and Beyond
Tom Stracener
Track: Bots & Malware
Windows Hibernation File for Fun and Profit.
Matthieu Suiche
Track: Deep Knowledge
REST for the Wicked
Bryan Sullivan
Track: Web 2.0
Inducing Momentary Faults Within Secure Smartcards / Microcontrollers
Christopher Tarnovsky, Flylogic Engineering, LLC.
Track: Hardware
ePassports Reloaded
Jeroen van Beek, Security Consultant
Track: Privacy & Anonymity
Nmap: Scanning the Internet
Fyodor Vaskovich
Track: The Network
Iron Chef: Fuzzing Challenge
Jacob West, Fortify Software
Brian Chess, Chief Scientist, Fortify Software
Charlie Miller, Principal Analyst, Independent Security Evaluators
Sean Fay, Lead Engineer, Fortify Software
Geoff Morrison
Jacob Honoroff
Track: 0-day
Subverting the Xen Hypervisor
Rafal Wojtczuk
Track: Virtualization
Leveraging the Edge: Abusing SSL VPNs
Mike Zusman
Track: The Network
