DeepSec 2017 Talk: Essential Infrastructure Interdependencies: Would We Be Prepared For Significant Interruptions? – Herbert Saurugg

Sanna/ September 29, 2017/ Conference

How would your day look without electrical power? Given the fact that we rely on information technology every single minute of our lives (well, mostly), this would be a very dark outlook indeed. Knocking out the power grid is a tactic used by the military. They have even special tools for disabling power lines and transformer stations. Progress has enabled network access for power plants and other parts of the grid. It’s not all about hacking stuff. There is a lot more involved when it comes to critical infrastructure, and this is why we have asked Herbert Saurugg, a renowned specialist on this topic, to conduct a presentation at DeepSec 2017. Cyber Security and Critical Infrastructure Protection (CIP) are major topics almost everywhere. Its priority has also increased during recent years because of rising

Read More

DeepSec 2017 Talk: Uncovering And Visualizing Botnet Infrastructure And Behavior – Andrea Scarfo & Josh Pyorre

Sanna/ September 28, 2017/ Conference, Internet

When you read about information security, then you might get the impression that there are lots of nameless threats Out There™. Especially when it comes to networked malicious software, i.e. malware, that forms robot armies, the picture gets a lot more vague and foggy. So you need to get some details to sharpen your view. There are some means how to do this, and you will be told at DeepSec 2017 by Andrea Scarfo and Josh Pyorre. How much information about a botnet can one find using a single IP address, domain name or indicator of compromise (IOC)? What kind of behavior can be determined when looking at attacker and victim infrastructure? In an attempt to discover and analyze the infrastructure behind large-scale malware activity, Andrea and Josh began their research with known indicators

Read More

DeepSec 2017 Talk: Next-Gen Mirai Botnet – Balthasar Martin & Fabian Bräunlein

Sanna/ September 27, 2017/ Conference, Internet, Security

While you were living in a cave, devices took over the world and got connected to the network. This is the state of affairs we live in right now. As long as nothing happens we don’t notice anything about it. The Mirai (未来) botnet changed this all of a sudden. Consumer devices were drafted into an army of bots. Thanks to the proliferation of networked devices such as cameras, home routers, and others the botnet was very successful. The code was designed to run on embedded devices and is even online for inspection. Let’s take a look at how to improve Mirai. Badly secured embedded devices enabled the largest DDoS attack on critical networks seen to date: The Mirai attacks in 2016 were largely pegged on Internet-exposed telnet with default credentials. While such telnet

Read More

DeepSec 2017 Schedule Update, Review Status, Disputes, and Trainings

René Pfeiffer/ September 26, 2017/ Administrivia, Conference, High Entropy

The DeepSec 2017 schedule is still preliminary. We are almost done, and we have a small update. Some of you have noticed that the schedule featured a training about mobile security. The outline as shown as in the schedule was identical to a different course from a different trainer. We received a complaint, we got the course materials to compare, and it turned out that only the outline of the workshop as shown online was identical, and the original table of contents was not part of the submission we received during the call for papers. The dispute has been settled. The trainer has apologised to the creator of the original table of contents. Nevertheless the trainer has asked to withdraw his submission. This means we will try to replace the slot in the schedule

Read More

DeepSec 2017 Early Bird Tariff ends on 25 September

René Pfeiffer/ September 22, 2017/ Administrivia, Conference

The early bird tariff for DeepSec 2017 (and ROOTS) ends on 25 September 2017. We recommend buying your ticket now. Save some money! In addition we ask you to book the workshop you want to visit as early as possible! Every year we see sad faces, because the workshop of your choice had to be cancelled. Our trainers need a minimum number of attendees. Some trainers need to catch flights and spend good parts of a whole day travelling. They can’t come to Vienna if the minimum number of trainees is not met. So do yourself a favour, make up your mind now, and book the training you want to have. In case you cannot use online payment, let us know. We can invoice the ticket to you directly, if needed. Just drop us

Read More

Workshops, Trainings, Talks: DeepSec and ROOTS Schedule Update

René Pfeiffer/ September 20, 2017/ Administrivia, Conference

As you might have noticed, the DeepSec schedule is not complete yet. Furthermore the ROOTS schedule is not published at all. The reason for this are the still pending reviews. The major part concerns ROOTS. ROOTS is an academic workshop where academic publications are presented. There has been some confusion about the term workshop. In the context of ROOTS this means presentations. This is why we have replaced the word workshops on the DeepSec web site and in (hopefully) all texts with the word training. Trainings are the two-day, well, trainings in advance of the DeepSec conference days. ROOTS features presentations, also called workshops in ROOTS-context, as does the DeepSec conference (on the conference days). So we have trainings (the two-day training courses; one, the ARM exploit laboratory is for three days, be careful)

Read More

DeepINTEL Conference approaches the next generation of IT Security

Sanna/ August 31, 2017/ Conference, Discussion, Security Intelligence

Strategic Information Security: Predicting the Present DeepINTEL Conference presents Approaches to the Next Generation of Security Many products and approaches of information security are trying hard to predict the future. There is always a lot of talk about threats of the future, detection of attacks before they arise or the magic word “pro-active”.  But the prediction of the future does not benefit your business if the present is still unknown. When it comes to information security this means: Do you now know enough about your current situation to make the right decisions within the next few hours? The DeepINTEL seminar conference, which takes place on 21st/22nd of September in Vienna, focuses on this strategic question. Analogies distort Perception and Facts Analogies are often used to illustrate connections. Especially in the areas of IT security,

Read More

DeepSec 2017 Training: The ARM IoT Exploit Laboratory

René Pfeiffer/ August 29, 2017/ Conference, Security, Training

If the Internet of Things (IoT) will ever leave puberty, it has to deal with the real world. This means dealing with lies, fraud, abuse, exploits, overload, bad tempered clients (and servers), and much more. Analysing applications is best done by looking at what’s behind the scenes. IoT devices, their infrastructure, billions of mobile devices, and servers are powered by processors using the Advanced RISC Machine (ARM) architecture. This design is different from the (still?) widespread Intel® x86 or the AMD™ AMD64 architecture. For security researchers dealing with exploits the change of design means that the assembly language and the behaviour of the processor is different. Developing ways to inject and modify code requires knowledge. Now for everyone who has dealt with opcodes, registers and oddities of CPUs, this is nothing new. Grab the

Read More

DeepSec 2017 Talk: Malware Analysis: A Machine Learning Approach – Chiheb Chebbi

Sanna/ August 26, 2017/ Conference, Security

Software has a character. It can be beneficial. It can also be malicious. A networked business world and the Internet of connected individuals make life for malicious software, also known as malware, easier. Just like international travel facilitates the spread of diseases and parasites, the networked globe is a big advantage for malware. Researcher can hardly keep up with the numbers of detected viruses, worms, and trojan horses. So why not let machines look for malware on their own? Certainly automation already benefits the hunt for malicious code. Chiheb Chebbi has some ideas that can help. Threats are a growing problem for people and organizations across the globe. With millions of malicious programs in the wild it has become hard to detect zero-day attacks and polymorphic viruses.This is why the need for machine learning-based

Read More

DeepSec 2017 Keynote: Social Science First! – Dr. Jessica Barker

Sanna/ August 24, 2017/ Conference, High Entropy, Security

While the schedule is still preliminary, we have already some confirmations from our speakers. We are happy to announce Dr Jessica Barker as the keynote speaker for DeepSec 2017. Information security has a lot to do with interactions. Despite AI (a.k.a. Assisted Intelligence), „smart“ assistants (a.k.a. paper clips on steroids), and a metric ton of gadgets we still have a lot of contact with human beings. Marketing departments and tech people lost in code often forget this. Jessica will give you something to think about which you can’t discuss with Siri, Alexa, the Google AI, or even HAL 9000. Bruce Schneier popularised the concept in 1999: cyber security is about people, process and technology. Yet almost two decades later, the industry still focuses so much more on technology than the other two dimensions of

Read More

Administrivia: How to access ROOTS and DeepSec 2017

René Pfeiffer/ August 22, 2017/ Administrivia, Conference

We have received some question on how to attend the presentations of the 1st Reversing and Offensive-oriented Trends Symposium (ROOTS) 2017. It’s very easy. ROOTS is co-hosted with DeepSec 2017. This means if you attend DeepSec, you also attend ROOTS. In turn attending ROOTS gives you also access to the DeepSec conference. So you only need one ticket to access both events. Bear in mind that our sponsors can give you discount codes for buying tickets. In addition we have a special programme for academics to give you the academic discount for the tickets. Don’t forget: Buying early means saving money! The early bird tariff is still valid until 25 September 2017. After that the ticket price increases. Do us and yourself a favour and book as early as possible. Thank you! See you

Read More

DeepSec 2017 Preliminary Schedule published

René Pfeiffer/ August 17, 2017/ Administrivia, Conference, Training

After two weeks of intense reviewing we have published the preliminary schedule for DeepSec 2017. There are some blanks to fill, but this will be done in the coming weeks. We still have to do some reviews and wait for the speaker’s confirmation. In case you noticed, the ROOTS track is not filled yet. The call for papers was extended to 26 August. This means the ROOTS schedule will be published at the end of September. We have to give the programme committee ample time to review all submissions. So if you want to present your research at ROOTS 2017, please ready your submission. Science first!

DeepSec 2017 Schedule, ROOTS, and Closing of Call for Papers

René Pfeiffer/ August 3, 2017/ Administrivia, Conference

Thanks a lot for your submissions! We are currently in the final phase of the review. Expect the first draft of the schedule for the end of the week. Important: Don’t forget that the Call for Papers for the 1st Reversing and Offensive-oriented Trends Symposium 2017 (ROOTS) is still open and was extended to 15 August 2017! Please submit and help us to put more science into infosec! Given the headlines in the IT (security) news we need all the facts we can get.

DeepINTEL Schedule updated – Psychology and Power Grids

René Pfeiffer/ July 27, 2017/ Administrivia, Conference

We have updated the schedule for DeepINTEL 2017. The human mind and power grids are both critical infrastructure. Both can be manipulated and switched off, arguably. And most of us use both every day. So this is why we added two more presentations to the schedule. Stefan Schumacher of the Magdeburg Institute for Security Research talks about Manipulating Human Memory for Fun and Profit. Since memory is crucial for forensics, you should spent some thoughts on this matter. Your brain doesn’t cope well with cryptographically signed timestamps or hashes. Since you need to understand all aspects of the environment, the human psychology is part of every „cyber“ strategy – before and after incidents. Mathias Dalheimer’s presentation is titled The Power Grid is vulnerable – and it’s really hard to fix this. Anyone familiar with physics

Read More

Digital Security of the Future: Technology and Algorithms alone are no Substitute for Strategy

René Pfeiffer/ July 14, 2017/ Conference, Security Intelligence

Unfortunately, you can not rely on antivirus programs when it comes to the security of your own business. Antivirus programs do not read newspapers, they do not attend lectures, they don’t protect you from social engineering or know the meaning of Facebook friends or Twitter tweets. False friends, indeed. The continuous monitoring and evaluation of threats is the next step in information security. This aspect has always been an important part of digital defense. Today’s discussion often centers around the term Security Intelligence, which unites different approaches. The DeepINTEL is Austria’s first event, which, since 2012, has been taking up this topic – in all its facets, because modern information security is interdisciplinary. Lectures by experts from various fields of science, defence and industry: At DeepINTEL you have the opportunity to strategically rethink your

Read More