RSA Conference Brochure 2008 - (Page 28) hackErs & thrEats 1 tuEsday, april 8 1:30 p.m. – 2:40 p.m. HT1-105 WEdnEsday, april 9 8:00 a.m. – 8:50 a.m. HT1-201 (T1) live reverse Engineering Exercise: Hunting for Easter Eggs and Backdoors (T1) Sex, Drugs and Cybercrime: Go Flux Yourself Kim Grillo | Technical Analyst, United States Postal Inspection Service Matthew Ziemniak | Program Director - Cyber Operations, National Cyber-Forensics and Training Alliance Jeremy Cooper | Sr. Software Engineer, Cryptography Research, Inc. This presentation will demonstrate the power of reverse engineering tools to uncover hidden software functionality, be it whimsical (in the classic game MineSweeper) or malicious (in the W32.BugBear worm). In the process, attendees will be given a glimpse of the frontline in the battle between software security specialists and their adversaries. 3:00 p.m. – 3:50 p.m. HT1-106 Cyber criminals are busy creating networks that effectively combat the removal of malicious websites from the Internet. This presentation will discuss their techniques using case studies and demos, providing insight into how these networks are used to facilitate cyber crime. Solutions based upon research findings will also be discussed. 9:10 a.m. – 10:20 a.m. HT1-202 (T1) Black Ops of Web 2.0: DNS rebinding Attacks Dan Kaminsky | Director of Penetration Testing, IOActive Inc. (T1) Uncovering the Foundations of rootkits Mark Tempel | Senior Software Engineer, Shavlik Technologies At the root of web security is the same origin policy, which allows most resources to communicate with each other only if they come from the same host name. But one name can be mapped via DNS to many IP addresses, some local and others not. The effect? You come to my page, I VPN onto your LAN. And that’s only the beginning. 4:10 p.m. – 5:20 p.m. HT1-107 Cutting-edge rootkit technology is built using simpler rootkit techniques. This session will provide a developer’s-eye view of these common rootkit techniques. The presentation will look at how to implement, detect and defeat the detectors of Microsoft Windows® hook and DKOM rootkit techniques. It will also explore how these techniques fare against Windows Vista. This session will prepare participants to conduct their own cutting-edge rootkit research. 10:40 a.m. – 11:50 a.m. HT1-203 (T1) into the Eye of the Storm: An End-to-End Analysis of the Storm Worm Patrick Peterson | Vice President, Technology, IronPort, A Cisco Business Unit (T1) Cross-Site request Forgery: The “Storm” worm infected 1.3 million PCs using advanced techniques and social engineering. The infected PCs (bots) sent 20% of the world’s spam and took down anti-spam sites via a massive DDoS attack. Why was it so “successful” and what can we do about it? This presentation will dissect the Storm worm including message content, infection mechanisms, C&C infrastructure and the criminals behind it. 5:40 p.m. – 6:30 p.m. HT1-108 The Sleeping Giant of Web Site Vulnerabilities Jeremiah Grossman | Founder and CTO, WhiteHat Security During the past several years, the same web attack has been discovered, analyzed and renamed. Whatever it’s called, it means an attacker is compromising an array of website accounts. CSRF vulnerabilities are exploited across the web because it’s easy and most websites are susceptible. This session will describe CSRF and offer technical demonstrations and solutions to stop this threat. (T1) Hacking Consumer Electronics Benjamin Jun | Vice President of Technology, Cryptography Research, Inc. From iPhone upgrades to pay TV piracy, several attacks are surveyed against well-known mobile phone platforms, game consoles and networking platforms. Consumer-embedded platforms face attacks for extracting keys, bypassing boot protection, creating interoperable clones and performing unauthorized “upgrades.” Learn how you can secure your embedded platform against these attacks. 28 sEssion classification (T1) Advanced Technical See page 5 for complete level descriptions.
Table of Contents Feed for the Digital Edition of RSA Conference Brochure 2008 Table of Contents Who Should Attend & Why Keynote Speakers Agenda At-A-Glance Session Classification Special Events & Activities Connect & Network Highlights 1-Day Pre-Conference Tutorials 2-Day Pre-Conference Tutorials Tracks & Sessions Authentication Consumer Protection Business Trends & Impact Case Studies Cryptographers Deployment Strategies Developing with Security Enterprise Defense Hackers & Threats 1 Hackers & Threats 2 Identity & Access Management Industry Experts Law & Liability Policy & Government Professional Development Security-Oriented Architecture Standards Wireless Sponsor Sessions List of Exhibitors Registration Information Sponsors RSA Conference Brochure 2008 RSA Conference Brochure 2008 - (Page Cover1) RSA Conference Brochure 2008 - Table of Contents (Page Cover2) RSA Conference Brochure 2008 - Who Should Attend & Why (Page 1) RSA Conference Brochure 2008 - Keynote Speakers (Page 2) RSA Conference Brochure 2008 - Keynote Speakers (Page 3) RSA Conference Brochure 2008 - Agenda At-A-Glance (Page 4) RSA Conference Brochure 2008 - Session Classification (Page 5) RSA Conference Brochure 2008 - Special Events & Activities (Page 6) RSA Conference Brochure 2008 - Special Events & Activities (Page 7) RSA Conference Brochure 2008 - Connect & Network (Page 8) RSA Conference Brochure 2008 - Highlights (Page 9) RSA Conference Brochure 2008 - 1-Day Pre-Conference Tutorials (Page 10) RSA Conference Brochure 2008 - 1-Day Pre-Conference Tutorials (Page 11) RSA Conference Brochure 2008 - 2-Day Pre-Conference Tutorials (Page 12) RSA Conference Brochure 2008 - 2-Day Pre-Conference Tutorials (Page 13) RSA Conference Brochure 2008 - Authentication (Page 14) RSA Conference Brochure 2008 - Consumer Protection (Page 15) RSA Conference Brochure 2008 - Business Trends & Impact (Page 16) RSA Conference Brochure 2008 - Business Trends & Impact (Page 17) RSA Conference Brochure 2008 - Case Studies (Page 18) RSA Conference Brochure 2008 - Case Studies (Page 19) RSA Conference Brochure 2008 - Cryptographers (Page 20) RSA Conference Brochure 2008 - Cryptographers (Page 21) RSA Conference Brochure 2008 - Deployment Strategies (Page 22) RSA Conference Brochure 2008 - Deployment Strategies (Page 23) RSA Conference Brochure 2008 - Developing with Security (Page 24) RSA Conference Brochure 2008 - Developing with Security (Page 25) RSA Conference Brochure 2008 - Enterprise Defense (Page 26) RSA Conference Brochure 2008 - Enterprise Defense (Page 27) RSA Conference Brochure 2008 - Hackers & Threats 1 (Page 28) RSA Conference Brochure 2008 - Hackers & Threats 1 (Page 29) RSA Conference Brochure 2008 - Hackers & Threats 2 (Page 30) RSA Conference Brochure 2008 - Hackers & Threats 2 (Page 31) RSA Conference Brochure 2008 - Identity & Access Management (Page 32) RSA Conference Brochure 2008 - Identity & Access Management (Page 33) RSA Conference Brochure 2008 - Industry Experts (Page 34) RSA Conference Brochure 2008 - Industry Experts (Page 35) RSA Conference Brochure 2008 - Law & Liability (Page 36) RSA Conference Brochure 2008 - Law & Liability (Page 37) RSA Conference Brochure 2008 - Policy & Government (Page 38) RSA Conference Brochure 2008 - Policy & Government (Page 39) RSA Conference Brochure 2008 - Professional Development (Page 40) RSA Conference Brochure 2008 - Security-Oriented Architecture (Page 41) RSA Conference Brochure 2008 - Standards (Page 42) RSA Conference Brochure 2008 - Wireless (Page 43) RSA Conference Brochure 2008 - Sponsor Sessions (Page 44) RSA Conference Brochure 2008 - Sponsor Sessions (Page 45) RSA Conference Brochure 2008 - List of Exhibitors (Page 46) RSA Conference Brochure 2008 - List of Exhibitors (Page 47) RSA Conference Brochure 2008 - Registration Information (Page 48) RSA Conference Brochure 2008 - Registration Information (Page Cover3) RSA Conference Brochure 2008 - Registration Information (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.