GreHack 2012-Call For Papers

De Ensiwiki
Aller à : navigation, rechercher

Security logo.png  Sécurité 

GreHack-2012-poster.png
Logo for light background.png

GreHack is a non profit Security Conference (during day) and an Ethical Hacking Contest - aka CTF - (during night). This event will happen during the 42nd week (19th-20th October 2012) at Grenoble, french core for micro and nanotechnologies R&D. 2012 is the first edition. Some GreHack 2012 objectives.

twitter: @grehack

Submission

Important Dates

Google Calendar format

Language

  • Summary: french or english are both fine (authors choice)
  • Slides: we highly advise english
  • Speech: english or french

Topics suggestions

Including, but not limited to:

Track: ethical and legal

  • ethical hacking: a consumer advance, or a risque for worlwide security?
  • current state of laws relative to cyber-security and hacking + justified suggestions of modifications

Track: technical

  • Hadopi: why is it a technical and legal failure? how to exploit in memory vulnerabilities of Hadopi approved software?
In Memory Vulnerabilities
  • Windows 8: heap analysis, kernel structures and new memory protections
  • Exploit Corner: come present us your last sploit!
Hardcore Penetration Testing
  • Code obfuscation in order to complicate Reverse Engineering
  • Discrete Attacks (eg: without writing on the filesystem)
  • Hypervisor evasion
  • Vulnerabilities and exploits on defensive security tools (eg: AntiMalwares, Firewalls, IDS)
  • Fuzzing of Embeeded devices (eg: TV, printers...)
Attacking Infrastructures
  • Internet: how to root your ***box? Which security functionalities (and properties) are provided? How to bypass them?
  • ipsec, ipv6
  • routing protocols
  • wireless: 802.11, réseaux 3G, 4G, WiMAX, RFID
  • sensor networks
Malwares and Botnets
  • state of the art of botnets redundancy mechanism
  • self-code modification (polymorphism) of malwares
  • comparison of antimalwares when mutating malwares

Track: research

Learning and Offensive Security
  • static and dynamic analysis (data tainting)
  • dumb/simple/basic fuzzing and smart-fuzzing for automating vulnerability detection
  • metrics for exploitability of vulns (in memory, web)
  • model checking
  • advances in reverse-engineering automation and model inference
  • symbolic exection
Hardware Attacks
  • nanotechnology
  • fault injection in memory via laser
  • smart cards
  • transportations
  • medical tools
  • embeeded malwares
Cryptology
  • influence of the environnment on PRNG entropy
  • mathematic aspects in current cryptology
Defensive Security
  • Trust Based Computing
  • New Access Control Models for processes isolation
  • New H/W + S/W for increasing the cost of exploitation

Remark

  • We highly encourage original topics that break with traditional research directions
  • We will favor presentations with tools demonstrations or results

Presentation Format

MEDIUM TALK(= ~30min)

  • Summary 4 pages long (at least)

SHORT TALK (= ~15min)

  • Summary 2 pages long (at least)

Summary

Student Grants

A limited number of grants will be provided. Priority will be given to students who will present a paper. Students willing to participate can also be selected.

Those

  • speakers: transportation, hosting (train if living more than 20Km far away from Grenoble + in France or Switzerland. Plane help will be considered for speakers from Europe.)
  • participants: citizen of a low income country, or person having made significative contribution for the community

apply for a grant: send a mail to grehack-program_committee _A_T_ car-online.fr and precise your motivations. Include a link to your website, publications list and tools

See GreHack-2012 speakers fees details

Your submission must include following information

All submissions will be peer-reviewed. Single blinded review process

Authors of accepted papers must guarantee that their paper will be presented at GreHack 2012.

  • Speakers name or alias
  • Biography
  • Presentation Title
  • Description
  • Needs: Internet? Others?
  • Company (name) or Independent?
  • Address
  • Phone
  • Email
  • Demo (Y/N)
  • Will you release a 0-day? (Y/N)
  • Will you release a tool? (Y/N)
  • Summary (according to above rules: 2 or 4 pages IEEE template (word + latex formats))

Featured Conference Content

Note: if possible, we advise speakers to have their slides in english and to speak in french if they are sufficiently fluent in it, otherwise english + english. First formula has the advantage of permitting both audiences to follow.

Keynote

Pic Speaker name Corp/Lab/Gov/Self Talk
Grehack-2012-speakers-eric freyssinet.gif Eric Freyssinet

Invited Talks

Pic Speaker Corp/Lab/Gov/Self Talk title
Grehack-2012-speakers-kostya kortchinsky.png Kostya Kortchinsky Microsoft, previously Immunity

Grehack-2012-speakers-Philipe Elbaz-­Vincent.jpg Philippe Elbaz-­Vincent

Grehack-2012-speakers-regis leveugle.jpg Regis Leveugle

Grehack-2012-speakers-dave penkler.jpg Dave Penkler HP Enterprise Services CTO Office
Grehack-2012-speakers-missing picture.png Boris Balacheff HPLabs Cloud & Security Lab

Program Committee

Submissions will be reviewed by:

Publication

Informal proceeedings of papers and talks will be available on the event webapge.

Diverse