AVTokyo2009‎ > ‎

Speakers

Speaker List(INPO)
Project $ (TAKESAKO、HASEGAWA)| Tsukasa Ooi / a4lg (Part1)| Tsukasa Ooi / a4lg (Part2)| Nguyen Anh Quynh| Eiji James Yoshida| IISEC Hideki Hatagami| TANKYO| AIDO| Paul| mR-pBx


INITIAL"$" Legend of Fastest CODE (Episode of Aomi Touring)
"Polyglot" is a computer program written in a valid form of multiple programming languages. For example, print "Hello ",0?"Ruby":"Perl","!\n" is a Perl/Ruby polyglot program which returns different result each languages using difference of handling boolean value.

Applying these techniques makes five language polyglot program like as following:

----------------------------------------------
#include/*
q="""*/
int main() {putchar('C'); if(sizeof('C')-1);
else {putchar('+'); putchar('+');}} /*=;
print'Perl'#";print'Ruby'#""";print'Python'#*/
----------------------------------------------
$ perl a.cpp
Perl
$ ruby a.cpp
Ruby
$ python a.cpp
Python
$ gcc -xc a.cpp && ./a.out
C
$ cl.exe a.cpp
$ a.exe
C++

And applying more growth of these techniques makes obfuscated program with just only symbols
for Perl / Ruby / JavaScript and so on like as
http://preview.tinyurl.com/ngjfg2 .
Moreover we'll show the Perl / Ruby / PHP / JavaScript program embedded in GIF / JPEG images.

We'll consider the application to web security through reading various Polyglot code.
 

Lack of System Registers and two simple anti-forensic attacks
This presentation will talk about two simple anti-forensic attacks possible if you use physical memory acquisition without system registers
such as CR3, IDTR.
These attacks are possible if you use dd, EnCase and more.
 

Creating Secure VM - Compararison between Intel and AMD, and one more thing...
This session will talk about 3 things:
1 - Algorithms to make virtual machines having security-enhanced
features such as invisible instruction breakpoint and hooks of system I/Os.
2 - Differences between Intel VT-x and AMD-V and influences that these
differences brings security-enhanced virtual machines.
3 - New method for virtualization of x86 architecture.

 

Outspect: Unified memory forensic toolset for Virtual Machine
This talk discusses the traditional live memory forensic methods, and points out several significant issues that cannot be fixed with current architecture. Then we propose a novelty approach to perform live memory forensic on Virtual Machine (VM), and demonstrate that our tactics can solve the mentioned problems, or raise the bar much higher in the fight against advanced malware inside VM.

To prove the proposal, we are going to introduce a new memory forensic toolset named Outspect. Outspect has been designed to be independent of VM, and at the moment, it works out-of-the-box with several popular VM such as Xen, KVM and QEMU. Thanks to its extremely flexible architecture, other VMs such as VMWare can be easily supported.

Finally, this talk will entertain the audience with some live demo on detecting several malware running inside memory of Windows VM.
 
Nguyen Anh Quynh is a researcher at The National Institute of Advanced Industrial Science and Technology (AIST), Japan. He interests include computer security, networking, operating system, virtualization, trusted computing, digital forensic, and intrusion detection. He published a lot of academic papers in those fields, and frequently gets around the world to present his research results in various hacking conferences. Quynh obtained his PhD degree in computer science from Keio University, Japan. He is also a member of VnSecurity, a pioneer security research group in Vietnam.


ARP Cache Poisoning mecahnism and measures
(TBA)
 

Social Engineering
In this session, to describe essential confidence-building techniques  at the Social Engineering.
 

Play with Google Maps: Mapping of Malware Source
I thought this may be interesting if we could map the Malware source IP and the SPAM mail source IP on the global map with the geo coding.  This talk will show the current status and how it looks.
 

The Data Center "Hoi-Hoi" Trap
This presentation shows how to solve the many years of the physical security problems - the carrying-in entrance at the Data Center.
 

Well... it's Japan
Japan is different from the rest of the world in many regards. Whenever a foreigner takes his own personal 'surviving Japan 101' he learns all about respect, bowing, tips, raw fish and old beans. Yet looking at daily life in the high-tech capital of the world from a security perspective reveals a different, sometimes fascinating, sometimes scary but always very entertaining view of the country.
This presentation will give you all the stories, pictures and videos - 3 years of discoveries merged into 15 minutes of the sweetest security craziness from the viewpoint of a gaijin whitehat hacker.
 
Paul Sebastian Ziegler is a perfect example of what living in Japan for too long can do to you. Being a self-taught computer security specialist he has worked with and freelanced/consulted for many clients around the globe with tasks ranging from development to penetration testing to virus reverse engineering.
He enjoys interacting with people almost as much as he enjoys negotiating his way of thought with the computers that are supposed to execute upon it and can usually be found out on the streets of Tokyo working on the next insane ("interesting" in his terms) project

Phreaking
(TBA)
Long long time ago, before Skype was born and when the international call was still expensive, there were people called "Phreaker" who was very specialyst of the analong PBX for "Free International Phone-Call"...




Call For Paper | Registration | Access | TimeTable | Speakers