More speakers will be up on later!!!
APT DNA Clustering and Defense Kungfu
by Anthony LAI & Benson Wu & Birdman
We are always busy with malware analysis, simply close our door and work on deep reverse engineering and behavior analysis, however, does the analyst know the enterprise/organization suffering from APT (Advanced Persistent Threat) or we call "Targeted" attack? We have carried out research against Mila's sample archives to show you our latest APT "gangs" clustering analysis and our engine to decide whether the attachment is an APT and application about digging them out from the mailbox instead of depending on those "built-in" anti-virus engine. If you believe Anti-virus software could save you from this threat, please come and join our session, dudes.
Anthony Lai (aka Darkfloyd) has worked on code audit, penetration test, crime investigation and threat analysis and acted as security consultant in various MNCs.
Benson Wu focuses research on detect and counter advanced persistent threat, code review, secure coding and SDLC process implementation.
Jeremy Chiu (aka Birdman) has more than ten years of experience with host-based security, focusing on kernel technologies for both the Win32 and Linux platforms.
Chip & PIN is Definitely Broken: Protocol and Physical Analysis of EMV POS Devices
by Andrea Barisani & Daniele Bianco
The EMV global standard for electronic payments is widely used for inter-operation between chip equipped credit/debit cards, Point of Sales devices and ATMs. Following the trail of the serious vulnerabilities published by Murdoch and Drimer’s team at Cambridge University regarding the usage of stolen cards, we explore the feasibility of skimming and cloning in the context of POS usage. We will analyze in detail EMV flaws in PIN protection and illustrate skimming prototypes that can be covertly used to harvest credit card information as well as PIN numbers regardless the type/configuration of the card. Our updated research also explores in depth the design, implementation and effectiveness of tamper proof sensors in modern and widely used POS terminals, illustrating different techniques for bypass and physical compromise. As usual cool gear and videos are going to be featured in order to maximize the presentation.
Andrea Barisani is a security researcher and consultant. His professional career began 10 years ago but all really started when a Commodore-64 first arrived in his home when he was 10. Now, 18 years later, Andrea is having fun with large-scale IDS/Firewalls deployment and administration, forensic analysis, vulnerability assessment, penetration testing, security training and his Open Source projects. He eventually found that system and security administration are the only effective way to express his need for paranoia.
Daniele Bianco began his professional career during his early years at university as system administrator and IT consultant for several scientific organizations.
The Story Behind The Story of "Cyber Crime"
by Daiki Fukumori
The book "Cyber Crime" covered enough Cyber Crime at all? My session will cover following "The Behind The Story of Cyber Crime" - Is Russia really the top countries for Cyber Crime? - Is China currently playing major Cyber Crime? - Is Japan's countermeasure against Cyber Crime still behind?
Daiki Fukumori began his career as an engineer specialized in IDS, IRT, and Web application security. He also started his extensive investigation behind Cyber Crime beyond malware analysis. He has addressed distinctive security-related conferences such as RSA CONFERENCE JAPAN, POC(Korea), Security Solution, Shibuya.pm, AVTOKYO, and supervised the book "Cyber Crime" (original title: "Fatal System Error" by Joseph Menn).
How can we safely use Facebook?
by Eiichi Moriya
Facebook contains a significant amount of information; real names, personal history, family structure etc. However, making a mistake configuring your profile could result in privacy violations or your personal information being leaked. For that reason, I will explain how to use Facebook safely while describing some stories of failure.
Eiichi Moriya: In 2001 he joined Internet Security Systems; for ten years he was the head of their Security Operations Center.
Here he conducted monitoring using IPS/FWs as well as handled incident response for enterprise companies. Starting in 2011, he has been in charge of handling internal security incidents and ISMS internal audits.
SQL Injection from Past to Now
by Orange
SQL Injection is a problem in Web Security for more than 10 years. But people or scripting kids use the same way or use automatic tools to attack websites. My topic is major in MySQL, especially in
Cheng-Da Tsai (aka Orange) is a security research assistant in Net-Hack (http://www.net-hack.com) Vulnerability Research LAB and a college student. Also a member of CHROOT security group in Taiwan. Major in Web Security and Windows Vulnerability Exploitation research.
Privacy in Sensor Data
by Yuichi HATTORI (Eidwinds)
In these days, as smartphones get popular, GPS, accelerometer, and gyro also became easy to use for us because we can get sensor data easily today. Smartphone's application with sensors are very useful as you know. and, what do we know from these sensor data? In this presentation, we will present owner's actions which sensor data shows.
Yuichi HATTORI is Ph.D. candidate at Kyushu Institute of Technology, Japan. His research interests include human activity recognition with smart phones, healthcare application of web/pervasive/ubiquitous systems. He is a participant of Security Camp 2006, a tutor of Security & Programming Camp 2011, and the leader of Security Steel(http://www.security-steel.net/). His Twitter ID is @Eidwinds.
PART1: Sleephacking: how to optimize your sleep for CTF games
by Benny K.
Humans are the only creatures that have adapted a mono-phasic sleeping cycle. Humans used to have a multi-phasic sleep pattern as well. People try to compensate their busy lives by sleeping less and compensating with caffeine. This presentation will talk about how sleep works and the different types of multi-phasic sleeping cycles plus other sleephacks and their benefits. Useful for CTF players (Capture the Flag) players on how to improve their concentration and performance and learn to balancing time and sleep during a competition. PART2: Hitchhikers' guide to honeypots
by Benny K.
Honeypots are a great way to capture malware. This talk will talk about some of the great tools of the Honeynetproject and how to run a sensor in a cloud environment. We will discuss what you can do with the captured malware and how to contribute to a safer internet. Last but not least, a few words about the new Honeynet Japan Chapter.
Benny K. has been working in IT security for 10 years and recently moved to Tokyo. He is a co-founder of BruCON, a Belgian security conference and frequents hacker conferences and hackerspaces around the world. He believes in building bridges in the security and hacker community and is a Twitter addict. You can find him online under @security4all
Itaru Kamiya:
After joining NTT Software Laboratories, he engaged in the preparation
of development standard, package development of social media and 3D
image distribution, while he was on loan to one of the group company.
After that, he became a member of NTT-CERT in 2008. AT CSIRT
operation, he engaged in the vulnerability information distribution
and contact point to other organizations. Representative of NTT-CERT
at present.
Machine learning with "Moe"
by Kenji Aiko
I'll do the presentation that can computer understand about "Moe" using Machine learning. What's "Moe"? Look at http://en.wikipedia.org/wiki/Mo%C3%A9
Security Engineer. Admin of http://ruffnex.oc.to/kenji/
Panel 1: Anonymous and APT, How did we get this?
by Takuji Kitagawa & Masafumi Negishi
Enigmatic group and organization are wriggling in the modern network society. The new type of activities that can not ever be applied, might have shaken the traditional media for their concept of values. And the word "APT" now has wings. Is "Stunxnet" really APT? In this session, Masashi Negishi and Takuji Kitagawa, very known as security incident watcher, will talk about chaotic Internet social situation, incidents, and any security news report.
Takuji Kitagawa : Vulnerability Analyst at SOC. Besides of work, watching world security information.
Masafumi Negishi : A member of Nanorymous known as the anonymous watcher. Fighting with the rumor "Negishi is wearing a mask" always.
PANEL 2: An In Depth Discussion on Developers and Browsers
by Amachang & Hoshikuzu & Hasegawa
Creating secure web applications is an endless battle between developers and the Browser. To what extent must developers know about every Web Browser's idiosyncracies? With attackers who are highly skilled and hold in depth knowledge of the Browsers and how to abuse them, is it really possible for developers to protect their applications without being experts in every browsers' quirks or idiosyncracies? In this session we will be discussing what we can do now for securing web applications; with developer's who are working the front lines Amachang and the famous Hoshikuzu and Hasegawa.
Amachang (TBA)
Hoshikuzu : The general user who is trying to check the safety of his favorite web browsers and web services within his control. He says that he cannot become a hacker or a cracke, either
Yosuke Hasegawa :
Drive Forward the Domestic Security
by AIDO & Manaka
Focusing attention to the industry where the highest security is required, and investigating it eight years with my original methods, I reached one answer that should drive forward the domestic security.
AIDO studies at Towano High School enjoying fulfilling life. This is presented by me and my pure lover Manaka.
Backdoor found by "eye"grep
by murachue
In this presentation, some wireless AP backdoor has been found around 2005 is introduced with demo and how it is been found.
murachue is commnly known as the "eye"grep man. A member of Team Sutegoma2, and he is strong at forensics.
Android Application Obfuscation
by Yoshitaka Kato
In recent years more and more applications in the Android Market are being subjected to obfuscation techniques. This most likely means more and more companies are using these obfuscation tools during their development of Android applications. However, we must deal with the code these tools produce as well as reverse engineer them to an effective degree, even if we may not know or be familiar with them. In this talk I will discuss a tool called Proguard and it's obfuscation methods and effectiveness for obfuscating Android applications.
Yoshitaka Kato: Has worked on a wide range of jobs as a Security Analyst on anything from web and smart phone application assessments to binary analysis.
He is currently aiming for a position as a "security business' oxidized silver" and "master of communication."
Differences of the TSC behavior between The Virtual Machine and The Real Machine
by wakatono
There is many differences between the virtual machine environment on virtual machine monitor(VMM) and the real machine, even though these environments looks same. These differences is caused by many factors including the differences of CPUs, VMM implementations, and so on. In this presentation, I show differences of the Time Stamp Counter(TSC) behavior on the VMM and the real machine, and make demonstration to use these differences.
Dr. wakatono is one of researchers in an IT systems company.
His private works and results are more than those of his company work.
He has been interested in the security of OS or a network. And he started to
research security technology about client computers and virtual machine
monitors in early days, when many of engineers had been interested in server
computers and networks.
In Mar. 2011, he graduated some institute in Japan, and received degree of
Ph.D. in Informatics. Twitter ID: @wakatono
Website of my profile and works: http://www.pfsec.net/ (sorry in Japanese)
Android Phone Security
by Hideaki Kawabata
In 2011, Android malware as well as personal information being leaked or stolen has become more active and as such has attracted a lot of attention. In this presentation, I will explain malware infections, personal information leakage and the differences of these issues on the Android, feature phone and desktop PC platforms. Additionally, using demonstrations I will introduce methods of defending against android attacks as well as examine safe use of Android systems.
Kawabata is part of KDDI's research labs involved with security research. Primarily he performs research on smartphone's new security models and analyzes android malware. He was awarded for his excellent thesis at the Computer Security Symposium in 2011. He is a person fond of sweets who loves Starbuck's dark mocha chip cream frappachino.
How to build a CTF dream team for dummies
by Marat Vyshegorodtsev
CTF-like contests are becoming more and more popular games in white
hat/student environment. In this presentation I will describe how to build a team of players to
get high rankings in the international competitions. I'll discuss:
Marat Vyshegorodtsev (aka マラット) has worked in the Russian
biggest security consulting company as a pentester and security
analyst doing some project he could never tell to anyone ^_^. After
coming to Japan to get his masters at the University of Tokyo Marat
has started to work for Rakuten Computer Emergency Response Team. His
research is focused on DNS architectural security issues. Also, Marat
has more than 6 years of CTF playing experience. In 2011 within the
team "IV" he took 4th place at the famous DEFCON 19 CTF. Twitter:
@touzoku, Blog: maratto.blogspot.com
AVTOKYO CTF Project repots
by tessy
Back in AVTOKYO2008, our CTF group "Team sutegoma2" which was born from AVTOKYO, set a goal for "Going to DefCon CTF Final stage from Japan". After that, we have been participating any international CTF contests all over the world for about three years. Then this year, finally we accomplished our goal! In this session, I will talk about our team results and missions for future.
tessy:Leader of AVTOKYO, Team sutegoma2, and Team T-dori.
A Primer On Last Branch Recording
by Ryan MacArthur
I will introduce the audience to tracing execution on x86 through Debug MSR's (Last branch recording), Go from single stepping to basic block jumping like a pro!
Ryan MacArthur:
Neophyte security researcher who has a penchant for booze. Tinkerer
that has spiralled down into the kernel. Visionary Street Fighter IV
player. I've no impressive list of CVE's and no string of acronyms
after my name. Mere dwarf standing on the shoulders of giants. I've
researched automated malware analysis while getting my masters in
security informatics from Johns Hopkins. I then joined Symantec as a
malware analyst where I reverse engineered malware and file formats to
aid in detection of exploits. After that I joined iSIGHT Partners Lab
to build/break things for our customers.
|
AVTOKYO2011 >