2012 / 7 / 20 (Fri)
~
2012 / 7 / 21 (Sat)

l Agenda 7/20

08:30 ~ 09:40
Registration
Main Room
09:40 ~ 10:00
李德財 校長 Der-Tsai Lee (TW)
Opening Remarks
Speaker

Dr. DT Lee received his B.S. degree in Electrical Engineering from the National Taiwan University in 1971, and the M.S. and Ph. D. degrees in Computer Science from the University of Illinois at Urbana-Champaign in 1976 and 1978 respectively. He is Fellow of IEEE and Fellow of ACM, and Academician of Academia Sinica , Taiwan since 2004. His research interests include design and analysis of algorithms, computational geometry, VLSI layout, web-based computing, algorithm visualization, software security, bio-informatics, and digital libraries.

Main Room
10:00 ~ 10:45
Ryan Heffernan (US)
Designing for Targeted Attacks: Coping with the Realities of Determined Adversaries
Speaker

Attackers have become increasingly sophisticated, and defenders must respond in kind.  How can we design software and services to handle these evolving threats? This talk will explore ways to adapt defense strategies to better resist targeted attacks.

Main Room
11:00 ~ 11:45
萬濤 Tao, Wan (CN)
Security Threats and "Underground Economy" in the Era of Cloud Computing
Speaker

Tao, Wan graduated from Chiao-Tung University, Beijing, in 1993, and is the founder and moderator of IDF Labs and Chief of the so called Chinaeagle Union security group. He is among the first generation of the Chinese hackers. Currently, he is a security consultant in China IBM Corp.

Room 2
11:00 ~ 11:45
林傳凱 C.K. Lin / 蘇展志 Sylphid (TW)
Applying SIEM for Detecting and Preventing APT Low-Profile Attacks / Professional Security Services
Speaker

C.K. Lin / HP ESP ArcSight Northern Asia Division Senior Technical Consultant

C.K. currently works as Senior Technical Consultant in Northern Asia Division of HP ESP ArcSight, and have more than 16 year of network and information security experience. He have held the position of consultant or have led teams to plan, construct, and manage international scale network and information security solutions for various websites or company such as IBM, AT&T, InfoServe, TTN, ISS.

C.K. is also familiar with WAN/LAN architecture, and various information security software product or technology, such as firewall, anti-virus, intrusion detection/defense, vulnerability scanning, cryptography, penetration testing, NAC, SOC... etc. In 2008, he obtained PCI DSS QSA certification in Germany, making him the first security consultant to obtain such certification in IBM Taiwan ( the second in Asia-Pacific region ). In 2010, he joined IBM China Development Lab to recruit and lead the software testing team in Taiwan to test IBM's major information security product -- ISS NIPS.

Sylphid / Senior Security Consultant

Lunch
Main Room
13:00 ~ 13:45
Pedro Vilaça (PT)
OS X Reverse Engineering and Malware - Past and future in OS X malware.
Speaker

Pedro has a broad scope of interests and speciliaties, you can see him as a secuirty consultant, reverse engineer, hacker, visionary, economist, pr even MBA. He used to handle and secure the millions and billions of the Portuguese ATM network until he got bored and left for a full-time MBA. Currently doing freelancing projects on software anti-piracy, reverse engineering and developing a security and mobile device management product for iOS. He has one of the most famous blogs dedicated to OS X and iOS reverse engineering and security, http://reverse.put.as.

http://reverse.put.as
<email: [email protected]>
Twitter: @osxreverse

Room 2
13:00 ~ 13:45
Kunio Miyamoto a.k.a. wakatono (JP)
VMM Detection Approach Maniacs - No one can be believed
Speaker

Kunio Miyamoto graduated from the University of Electro-Communications, Japan, in 1991 with a BS in communication engineering and from Institute of Information Security, Japan, in 2011 with a PhD in information security. He is currently a deputy manager at NTTDATA Corp. This talk will be conducted in Japanese with live translation.

Main Room
13:55 ~ 14:40
鄭文彬 MJ0011 (CN)
Reversing Windows 8: Interesting Kernel Security
Speaker

MJ0011 is a senior security researcher at 360 Safe with more than 8 years of experiences on Windows kernel, security exploits, bypassing techniques and reverse engineering. While securing the 360 product suite (a user base of 400 millions), he had discovered critical Windows vulnerabilities several times in the past. Recently, he gave talks on topics like kernel attack and defense, bootkit, and virtualization at XCON2008, POC2009/2010 and HITCON2011.

This talk will be conducted in Chinese with live translation.

Room 2
13:55 ~ 14:40
OSSLab 張道弘 thx (TW)
In-depth Data Recovery and Digital Forensics
Speaker

OSSLab, also known as Open Source Software Lab, have been into the development of open embedded system, system on chip, and storage architecture. With team members having expertise in analyzing protocols and algorithms used in underlying electronics hardware, which is unlike other company, as they use only software for data rescue and digital forensics. OSSLab is the only company in Taiwan that designs its own software and hardware for digital forensics and data recovery, which can also be used for the highly difficult task of data rescue and digital forensics on mobile devices.

Afternoon Tea
Main Room
15:00 ~ 15:45
Aido & Manaka, tehepero! 愛奴&愛花(・ω<) (JP)
How to organize Emergency headquarters with reference to Sengoku BASARA
Speaker

Chief Security Resercher about Banking system. AVTOKYO Speaker(2009,2010,2011)CISSP, CISA Specialized magazine "Hacker Japan"'s Regular writer. And he was called "King of OTAKU(Real Juu)" satisfied with his real life.

This talk will be conducted in Japanese with live translation.

Room 2
15:00 ~ 15:45
Robert Rowley (US)
State of Web Application Security
Speaker

Robert is a security extraordinare at a shared and virtual hosting provider for approximately over one million websites and hundreds of thousands of customers. This unique environment requires providing increased security for an extremely broad range of websites and customers, and provides an ample range of attacks which our team addresses every day, and have compiled this information into the working piece being presented at this shindig. In this talk, he will cover the subject based on attacks they monitor on their network, sort of a "state of web security" talk. DreamHost hosts 1 million+ domains, so the sample of data provided should be acceptably accurate. Possibly, he will also dissect a handful of common backdoors they see - a basic overview of these attacker's knowledge and intent (why the bad guys do the things they do.)

Main Room
16:00 ~ 16:45
潘明杰 Nanika (TW)
Exploitation of Windows .NET Framework
Speaker

Ming-chieh's (Nanika) major areas of expertise include vulnerability research, exploit techniques, malware detection and mobile security. He has 10+ years of experience on vulnerability research on Windows platform and malicious document and exploit. He has discovered numerous Windows system and document application vulnerabilities, such as Microsoft Office, Adobe PDF, and Flash. He frequently presents his researches at security conferences in Asia, including Syscan Singapore/Taipei/Hong Kong 08/10, Hacks in Taiwan 05/06/07/09/10. Ming-chieh is a staff research engineer with Trend Micro. He and Sung-ting are members of CHROOT security group in Taiwan.

Room 2
16:00 ~ 16:45
周宏霖 Loda Chou (TW)
Introducing LLVM from a Hacker's View
Speaker

Loda is a technical guy with expertise on MS Windows/Linux kernel internals. He enjoys hacking kernel and circumventing software protection. Currently he works at a mobile chip design house.

17:00 ~ 17:10
Wargame Day One

End of Wargame day one! Who will survive from HITCON hackers? Let's wait and see!

l Agenda 7/21

08:30 ~ 09:10
Registration
Main Room
09:10 ~ 09:50
Hsiang-Chen Li
Advanced Persistent Threats
Speaker

Director of Computer Center, National Police Agency of Taiwan

Main Room
10:00 ~ 10:45
宋雷 (CN)
Security Problems of Chinese Web Browser
Speaker

Song is currently an engineer at Jin-Shan working on the Cheetah browser. Previously he had involved in developing 360 Safe antivirus, Ke-Niu antivirus, Jin-Shan Duba antivirus, etc.

Room 2
10:00 ~ 10:45
Myunghun Cha & Jin Suk, Park (KR)
Emulation Based Analysis
Speaker

Cha is currently a fourth year student at Pohang University of Science and Technology in South Korea, studying computer science. In 2007, he joined the Korean hacker organization PLUS, and is now a senior member in the organization. He has many spectacular achievements in various competitions, including: third in Codegate International Hacking Competition 2009, third in DEFCON 17 CTF, and 8th in DEFCON 19.

Jin Suk is currently a second year student at Pohang University of Science and Technology in South Korea, studying Mechanical Engineering. He joined the Korean hacker organization PLUS in 2011. His skills and ability is still a mystery, it seemed that he's a hidden character.

The two from Korea will show the techniques and skills used during the CTF competitions that enabled them to achieve such results, in HIT2012 for the first time.

Main Room
11:00 ~ 11:45
Yuji Ukai (JP)
"egg" - A Stealth Fine Grained Code Analyzer
Speaker

Yuji Ukai is the CEO of Fourteenforty Research Institute, which is highly regarded in the security community in Japan. After graduating from University of Tokushima with a PhD degree in Computer Science, he joined Kodak Research Center in Japan, researching mainly in the field of digital device and embedded system security. In 2003, he immigrated to the United States, and joined eEye Digital Security as a senior research engineer to develop vulnerability scanning tool. His job also includes: Vulnerability analysis, vulnerability auditing, malware analysis, embedded system security, P2P network security. In 2007, he went back to Japan and cofounded Fourteenforty Research Institute. He discovered many critical vulnerability in a wide range of software products, and carried out many research in the field of embedded system and real time operating system vulnerability analysis. Yuji Ukai had spoken in many well known international security conferences, and is widely recognized.

Room 2
11:00 ~ 11:45
axis 大风 (CN)
In-depth Review of Cloud Security
Speaker

He graduated from Xi'an JiaoTong University's gifted class, and in 2000, he began his research in network security. While he was still in school, he founded one of the most influential hacker group in China, known as "ph4nt0m". In 2005, he joined Alibaba, working in the area of information security. During his stay in Alibaba, he contributed significantly to the company's security development flow and application security, and is praised for it. He developed the security framework for Taobao and Alipay, ensuring that the day to day operation of the company can be carried out quickly and securely. In 2009, he joined Alibaba Cloud Computing, and is in charge of cloud computing security, anti-phishing and related work. He have constantly focused on innovation and proper implementation of security technologies. Further, He is also one of those in charge of OWASP community in China, and also, he is highly experienced in Internet security, and authored "白帽子讲 Web 安全". His blog gathered more than 2 million views, as he is keen on sharing. Being highly active in the security community, he is highly influential, and have been invited to speak at many security conference both within the country and international ones. These makes him one of the leaders in China's information security field.

Lunch
Main Room
13:00 ~ 13:45
Brandon Dixon (US)
Wedging into Uncharted Targeted Infrastructure
Speaker

Brandon is a security researcher and engineer for GWU where he spends his time identifying malicious attacks and thinking of better ways to detect/stop them. His research in various security topics has gotten him attention from companies such as Adobe, Verizon, Sprint, and Cisco. He has discovered several exploits and flaws based on vulnerabilities found in commercial products, web applications and messaging technologies.

http://blog.9bplus.com
https://www.pdfxray.com
twitter: @9bplus

Room 2
13:00 ~ 13:45
周立平 教授 Prof. Chou, Li-Ping (TW)
Cryptanalysis in Real Life
Speaker

Prof. Chou, Li-Ping received his PhD degree in Computer Science from the The Taiwan University. His research areas focus on database, parallel processing, and wireless computation. Since 2009, he spent a great deal of time on researching the security of RFID, especially the exploitation of smartcard, such as Mifare Classic.

Main Room
13:55 ~ 14:40
叢培侃 PK (TW)
Pwning The Well-known Chinese P2P Network
Speaker

Peikan (aka PK) has intensive computer forensic, malware and exploit analysis and reverse engineering experience. He's working for National Police Agency now. Besides, he is also the docent for Taiwan Network Information Center (TWNIC), SyScan and HITCON as well as FutureGOV conference and convey various training and workshop for practitioners.

Room 2
13:55 ~ 14:40
洪光鈞 Kuang-Chun Hung (TW)
SCADA Security Uncovered
Speaker

Mr. Hung works in Information & Communication Security Technology Center (ICST). He is an ordinary office worker like us. Family and work are almost all of his life. He likes basketball and knows penetration testing and fuzzing testing. Today, the ordinary office worker will show his prowess in HITCON 2012.

Afternoon Tea
Main Room
15:00 ~ 15:45
Andrey Belenko (RU)
Evolution of iOS Data Protection and iPhone Forensics: from iPhoneOS to iOS 5 and iCloud backups
Speaker

Andrey is the Chief Security Researcher and Software Engineer at Elcomsoft. Co-invented ThunderTables (which are improved RainbowTables) and was first to bring GPU acceleration to password recovery. M. Sc. IT and CISSP.

http://ru.linkedin.com/in/belenko
twitter: @andreybelenko

Room 2
15:00 ~ 15:45
Frank Tse & William Guo (HK)
DDoS - Yesterday, Today and tomorrow
Speaker

Mr. Frank Tse is the Research Manager of Nexusguard, a premium DDoS mitigation provider. He is an experienced network security specialist in DDoS mitigation, responsible for understanding the most current DDoS attacks and developing pre-emptive mitigation strategies. He is also in charge of maintaining the mitigation provider's knowledge base and internal training. Frank has been on the frontline of combating DDoS for Nexusguard for the past three years, analysing and mitigating hundreds of attacks per month. He provides first hand and in-depth insight on attacks and effective application of countermeasures. He is also the coordinator for external communications with academic and research bodies on DDoS related matters. Mr. Tse is a CCIE holder with a degree in Computing Mathematics.

William Guo is a security researcher at Nexusguard, he has experiences in vulnerability detection and incident response, also he is a big fan of internet/startup and tech blog writer.

Main Room
16:00 ~ 16:45
大可 Dark (TW)
Applying iOS Reverse Engineering - IAP Exploitation, Game Cheating and Phone Command & Control
Speaker

Dark has studied network attack and defense technologies since 2005 and is active in information security communities of Taiwan. He was the founder of the hacker group, PHATE and a core member of Zuso Security. He is a member of information security research group, CHROOT now. Dark is an expert on many programming languages, reverse engineering and Windows internal. He presented "The Concept of Game Hacking & Bypassing Game Protection (Hackshield)" in HITCON 2009 when he was just eighteen years old. He recently focuses on iOS reverse engineering and would like to share his study result in HITCON 2012. Although his name is "Dark", Dark is a pure white-hat hacker.

17:00 ~ 17:30
Wargame Ceremony
Wargame Ceremony

Who will make to the finals and win the trophy of HITCON Wargame?!