RSS feed logo header graphic

Black Hat Briefings USA 08 Schedule

August 6 – 7, 2008

Schedule by Time and Track

Day One • August 6, 2008

Skip to Day 2
08:00 to 08:50 Regisration and Continental Breakfast: Fourth Floor Palace Tower Convention Floor - sponsored by Cisco Logo
08:50 to 09:00 Introduction by Black Hat Founder and Director, Jeff Moss
09:00 to 09:50 Keynote Ian Angell Professor of Information Systems, London School of Economics - "Complexity in Computer Security - a Risky Business"
09:50 to 10:00 Break

Root Kits
Roman Ballroom
0-Day
Palace 1
App Sec 1.0/2.0
Augustus 3&4
Bots & Malware
Palace 3
Deep Knowledge
Florentine Ballroom
The Network
Augustus 5&6
Over The Air
Augustus 1&2
Reverse Engineering
Palace 2

10:00 to 11:00


Deeper Door:
Exploiting the NIC
Chipset

Sherri Sparks
Shawn Embleton
Pointers and
Handles

Alex Ionescu
AppSec A-Z
Jared DeMott
Bad Sushi:
Beating Phishers
at Their Own Game

Nitesh Dhanjani
Billy K Rios
When Lawyers
Attack:
Dealing With the
New Rules of
Electronic Discovery

John Benson
Nmap: Scanning
the Internet

Fyodor Vaskovich
Mobitex Network
Security

olle B
Next Generation
Collaborative Reversing
with Ida Pro and
CollabREate

Chris Eagle
Tim Vidas

11:00 to 11:15


Coffee Service: Fourth Floor Palace Tower Convention Floor - sponsored by IOActive Logo

11:00 to 11:15 Booksigning: Chris Eagle, Allen Harper, & Jonathan Ness, authors of “Gray Hat Hacking, Second Edition”

11:15 to 12:30


A New Breed
of Rootkit:
The System Management
Mode (SMM) Rootkit
Shawn Embleton
Sherri Sparks
Black Ops 2008:
Its The End Of
The Cache As
We Know It

Dan Kaminsky
AppSec A-Z
Jared DeMott
Jinx - Malware 2.0
Itzik Kotler
Jonathan Rom
When Lawyers
Attack:
Dealing With the
New Rules of
Electronic Discovery

(continued)
John Benson
Leveraging the Edge:
Abusing SSL VPNs

Mike Zusman
Highway to Hell:
Hacking Toll Systems

Nate Lawson
Decompilers and Beyond
Ilfak Guilfanov

12:30 to 13:45


Lunch: Plated lunch in the Roman Plaza Tent, Casino Level Boxed lunch in Claudius Ballroom, Third Floor - sponsored by Symantec Logo

12:30 - 12:45 Booksigning: Jared DeMott, author of “Fuzzing for Software Security: Robustness Testing for Quality Assurance and Vulnerability”

13:45 to 15:00


Insane Detection of
Insane Rootkits

Yuriy Bulygin
Cisco IOS
Shellcodes/
Backdoors

Gyan Chawdhary
Varun Uppal
Client-side Security
Petko D. Petkov
Protocols and Encryption of the
Storm Botnet

Joe Stewart
Iron Chef:
Fuzzing Challenge

Jacob West
Charlie Miller
Geoff Morrison
Jacob Honoroff
Sean Fay
Brian Chess
The Four Horsemen
of the Virtualization Security Apocalypse

Christofer Hoff
Software Radio
and the Future of Wireless Security

Michael Ossmann
Temporal Reverse Engineering
Danny Quist
Colin Ames

15:15 to 16:30


iRK - Crafting OS X Kernel Rootkits
Jesse D'Aguanno
Return-Oriented
Programming:
Exploits Without
Code Injection

Hovav Shacham
Living in the RIA
World

Alex Stamos
David Thiel
Justine Osborne
Xploiting Google Gadgets:
Gmalware
and Beyond

Tom Stracener
Robert Hansen
Iron Chef:
Fuzzing Challenge

(continued)
Jacob West
Charlie Miller
Geoff Morrison
Jacob Honoroff
Sean Fay
Brian Chess
Malware Detection Through Network
Flow Analysis

Bruce Potter
Bluetooth v2.1
- a New Security Infrastructure
and New
Vulnerabilities

Andrew Lindell
RE:Trace - Applied Reverse Engineering on OS X
Tiller Beauchamp
David Weston
 

16:30 to 16:45


Coffee Service: Fourth Floor Palace Tower Promenade - sponsored by VMWarelogo

16:45 to 18:00


VIral Infections
in Cisco IOS

Ariel Futoransky
Reverse DNS
Tunneling Shellcode

Ty Miller
FLEX, AMF 3 and BlazeDS: An Assessment
Jacob Carlson
Kevin Stadmeyer
Meet the Feds
Panel Discussion
MetaPost
Exploitation

Val Smith
Predictable RNG
in the Vulnerable
Debian OpenSSL Package,
the What
and the How

Luciano Bello
Maximiliano
Bertacchini

New Classes of Security and Privacy Vulnerabilities for Implantable Wireless Medical Devices
Tadayoshi Kohno
Kevin Fu
Alternative Medicine: The Malware Analyst's Blue Pill
Paul Royal

18:00 on


Reception: 4th Floor - sponsored by   Norman LogoQualys LogoMicrosoft Logo

18:00 -18:15 Booksigning: Ty Miller, author of “Hacking Exposed: Linux”

19:00 - 22:00 Fourth Annual Black Hat No Limit Hold ‘Em Poker Tournament: sponsored by   Arbor Logo Location: Claudius 1 and 2 Register here (Black Hat exhibitors ineligible)
Hacker Court
Panel Discussion
Palace 1
Commission on Cyber Security for the 44th Presidency
Panel Discussion
Palace 3
Michael Assante
Jerry Dixon
Tom Kellerman
Marcus Sachs
Amit Yoran
Pwnie Awards
Palace 2

Day Two • August 7, 2008

Up to Day 1
08:00 to 08:50 Regisration and Continental Breakfast: Fourth Floor Palace Tower Convention Floor - sponsored by Nokia Logo
08:50 to 09:00 Introduction by Black Hat Founder and Director, Jeff Moss
09:00 to 09:50 Keynote Rod Beckström, Director of the National Cyber Security Center (NCSC) - "Natural Security"
09:50 to 10:00 Break

0-Day Defense
Roman Ballroom
App Sec 1.0/2.0
Augustus 3&4
Deep Knowledge
Florentine Ballroom
Forensics
Augustus 5&6
Hardware
Palace 1
Web 2.0
Augustus 1&2
Virtualization
Palace 3
Turbo Talks
Palace 2

10:00 to 11:00


No More 0-Days
(or Code-Based
Intrusion Detection
by Korset)

Ohad Ben-Cohen
Encoded, Layered
and Transcoded
Syntax Attacks:
Threading the
Needle Past Web Application Security

Arian Evans
Passive and Active Leakage of Secret
Data from Non-Networked
Computer

Eric Filiol
Developments in
Cisco IOS Forensics

Felix Lindner
ePassports Reloaded
Jeroen van Beek
Satan is on
My Friends List:
Attacking Social
Networks

Shawn Moyer
Nathan Hamiel
Taking the Hype
Out of Hypervisor

Tal Garfinkel

10:00-10:20
Winning the Race to Bare Metal – UEFI Hypervisors
Don Bailey
Martin Mocko

10:30-10:50
Metamorphic/ Polymorphic Malware DNA
Chet Hosmer

11:00 to 11:15


Coffee Service: Fourth Floor Palace Tower Convention Floor - sponsored by Google Logo

11:15 to 12:30


No More Signatures: Defending Web Applications from
0-Day Attacks with ModProfiler Using
Traffic Profiling

Ivan Ristic
Ofar Shezaf
Circumventing
Automated
JavaScript Analysis Tools

Billy Hoffman
Passive and Active Leakage of Secret
Data from Non-Networked Computer

(continued)
Eric Filiol
Visual Forensic
Analysis and Reverse
Engineering of
Binary Data

Greg Conti
Erik Dean
SmartCard APDU
Analysis

Ivan Buetler
Threats to the 2008 Presidential Election
(and more)

Oliver Friedrichs
Suberverting the Xen Hypervisor
Rafal Wojtczuk

11:15-11:35
A Fox in the Hen House (UPnP IGD)
Jonathan Squire

11:45-12:05
SQL Injection Worms for Fun and Profit
Justin Clarke

12:15-12:35
Mobile Phone Messaging Anti-Forensics
Zane Lackey
Luis Miras

 

12:30 to 13:45


Lunch: Plated lunch in the Roman Plaza Tent, Casino Level Boxed lunch in Claudius Ballroom, Third Floor - sponsored by Microsoft Logo

12:30 - 12:45 Booksigning: Zane Lackey, Alex Stamos & Himanshu Dwivedi, authors of “Hacking Exposed: Web 2.0”

13:45 to 15:00


A Hypervisor IPS
based on Hardware Assisted Virtualization Technology

Junichi Murakami
Concurrency Attacks
in Web Applications

Scott Stender
Alexander Vidergar
Attacking the
Vista Heap

Ben Hawkes
Hacking and Injecting Federal Trojans
Lukas Grunwald
Side-channel Timing
Attacks on MSP430 Microcontroller Firmware

Travis Goodspeed
REST for the WIcked
Bryan Sullivan
Detecting & Preventing
the Xen Hypervisor
Subversions

Joanna Rutkowska
Rafal Wojtczuk

13:45-14:05
Protecting Vulnerable
Applications with IIS7

Brian Holyfield

14:15-14:35
Got Citrix, Hack It!
Shanit Gupta

14:45-15:05
Vista and ActiveX Controls
Su Yong Kim

 

15:15 to 16:30


Secure the Planet!
New Strategic
Initiatives from
Microsoft to Rock
Your World

Mike Reavey
Katie Moussouris
Steve Adegbite
How To Impress
Girls With Browser
Memory Protection Bypasses

Alexander Sotirov
Mark Dowd
The Internet is
Broken: Beyond
Document.Cookie - Extreme Client-side Exploitation

Nathan McFeters
Rob Carter
John Heasman
Hacking and Injecting Federal Trojans
Lukas Grunwald
Mifare - Little Security, Despite Obscurity
Karsten Nohl
Get Rich or Die
Trying - Making
Money on the Web,
the Black Hat Way

Jeremiah Grossman
Arian Evans
Bluepilling the Xen Hypervisor
Joanna Rutkowska
Alexander Tereshkin

15:15-15:35
Fuzzing Proprietary SCADA Protocols
Sergey Bratus

15:45-16:05
Deobfuscator: An Automated Approach to the Identification and Removal of Code Obfuscation
Eric Laspe
Jason Raber

16:15-16:35
Active 802.11 Fingerprinting
Sergey Bratus
Daniel Peebles
Cory Cornelius
Axel Hansen

16:30 to 16:45


Coffee Service: Fourth Floor Palace Tower Promenade - sponsored by Core Security logo
 

16:45 to 18:00


Braving the Cold:
New Methods for Preventing
Cold Boot Attacks on Encryption Keys

Patrick McGregor
Methods for Understanding
Targeted Attacks
with Office
Documents

Bruce Dang
Windows Hibernation
File for Fun and Profit

Matthieu Suiche
Inducing Momentary
Faults Within
Secure Smartcards/
Microcontrollers

Christopher Tarnovsky
Pushing the Camel
Through the Eye of a Needle

SensePost
VirtuallySecure
Oded Horovitz

16:45-17:05
Free-space QuantumKey Distribution at GHz Transmission Rates
Joshua Bienfang

17:15-17:35
Playing by Virtual Security Rules: How Virtualization Changes Everything and What to Do About It
Steve Pate

17:45-18:05
Meet the Owner of a Real Hacked Company - Forensic Analysis
Mark Shelhart

Privacy Policy | Sponsorship Inquiry | DEFCON | Black Hat Main RSS Feed
1997-2009 Black Hat ™