HIT2006 議程表 |
Day 1 – July 15,2006 |
08:50~09:20 |
報到 |
09:20~09:40 |
開幕致詞、Wargame 競賽介紹 |
09:40~10:10 |
keynote:What's Next for the InfoSec Industry? - Yen-Ming Chen |
The information security industry is one of the most dynamic industries. It is a constantly changing industry with interactions among actors including government, organization, private sector, general public and criminals, thus forming a “Security Ecosystem”. The goal of this presentation is to look at the “Security Ecosystem” from the perspective of innovation. We will first analyze the current situation of the ecosystem and point out a few potential directions for “what's next” in this ecosystem. |
10:10~10:20 |
休息 |
10:20~11:00 |
專題演講 1:XML-based Protocol Fuzzer for OpenSAML implementation - Yen-Ming Chen |
SAML (Security Assertion Markup Language) is a standard for the formation and exchange of authentication, attribute, and authorization data as XML. OpenSAML is a set of open-source libraries in Java and C++ which can be used to build, transport, and parse SAML messages. The presentation is aimed to present methodology and prototypes on fuzzing OpenSAML implementations with buffer overrun and potentially other known attacks. The long term work is to develop a XML-based protocol fuzzer as like PROTOS for ABNF defined protocols. |
11:00~11:10 |
休息 |
11:10~12:00
|
專題演講 2:VoIPhreaking: How to make free phone calls and influence people - grugq (英文演講) |
12:00~13:00 |
中餐 |
13:00~13:30 |
專題演講 3:Introduction to Windows Host IPS - Nouk |
隨著Shellcode, Rootkit, 的成熟,
原本較為冷闢的主機端入侵防禦系統開始熱門起來,
一家家自稱有anti-Zeroday 功能的軟體也開始出現.
本場次將簡單介紹相關技術在這幾年的發展. 歡迎大家會後討論. |
13:30~13:40 |
休息 |
13:40~14:10 |
0day live-demo |
14:10~14:30 |
下午茶時間 |
14:30~15:10 |
專題演講 4:Upload & Download~ I own your WEB - CharmiLin |
15:10~15:20 |
休息 |
15:20~16:10 |
專題演講 5:Thinking XSS(cross site scripting) - BlackFarmer |
跨站式網頁攻擊 XSS (cross site scripting) 的介紹,
- 尋找弱點
- 跨站攻擊的思路及實做, 社交工程的利用
- 如何接收 cookie, 到網站 session hijacking、冒用身分
- 接下來的後續
- 某大 blog 商攻擊範例 |
16:10~16:20 |
休息 |
16:20~17:30 |
專題演講 6:Securing Web Applications using Automated Static Analysis - Wayne (Yao-Wen) Huang |
|
Day 2 – July 16,2006
|
08:30~09:00 |
報到 |
09:00~09:50 |
專題演講 7:Use of AI algorithms in designing of Web
Application
Security Testing framework - Fyodor |
09:50~10:00 |
休息 |
10:00~10:50 |
專題演講 8:Spyware Detection:Automated Behavior Analysis Approach - Birdman |
分析目前流行的Spyware設計手法與運作模型。並介紹我們所開發的自動化的惡意程式行為分析系統與整合型Spyware偵察工具,用來協助
資安人員研究新的Spyware與惡意程式行為模型。 |
10:50~11:00 |
休息 |
11:00~12:00 |
專題演講 9:Obfuscate File Signature Verification With Dynamic
Patching - UNARY |
剖析Windows內建的檔案簽章機制,透過一些技術,改變既有驗證流程。透過此技術的應用,能讓Spyware或是Rootkit更加難以偵測。 |
12:00~13:00 |
午餐時間 |
13:00~13:30 |
專題演講 10:USB Disk Security - Nouk |
一堆堆標榜自己是安全的隨身碟, 甚至告訴大家自己是AES 加密的.
真的安全嗎? ccc~~我們到時走著瞧. |
13:30~13:40 |
休息 |
13:40~14:30 |
專題演講 11:Virus Evolution - zha0 |
1. Virus history
2. Virus Type/Virus naming
3. Infecting Classification
4. x86 Assembly + Addressing & OS Basic Concept
5. Trick & Technique
Relocation
Stealth
Tunneling
Anti-X
Advanced Code Evolution Techniques
Misc
6. OS Implement ( DOS, Win, Linux )
File Format
OS I/O |
14:30~15:00 |
下午茶時間 |
15:00~15:50 |
專題演講 11:Exploit Modify Tips & 0day - Nanika |
1. 取得惡意樣本後, 研究如何觸發應用程式弱點,並從中尋找利用的方式
2. 分享一些 0day 弱點的心得
Excel 0day
Office SmartTag 整數溢位
Explorer overflow DoS |
15:50~16:00 |
休息 |
16:00~16:50 |
專題演講 12:Spyware Forensic With Reversing and Static Analysis
- PK |
目前危害個人機密資料、系統安全的惡意程式,以各種方式、無孔不入進的入我們電腦,當我們上網下載程式、接收電子郵件等,往往會遇到不知檔案是否為惡意程式,但掃毒軟體也未出現警告的情況,在這場我們會講解一些案例以及介紹靜、動態分析未知程式的技巧。 |
16:50~17:30 |
Wargame 結果公布及頒獎、各關卡解說 |