DAY-CON IX:

Private Workshops: October 12 & 13, 2015


October 14th, 2015    Dayton Security Summit Day 1:

8:30AM - 9:00AM           Registration & Check-In

9:00AM - 9:30AM           Ground Rules (Angus Blitter)

9:30AM - 12:00PM         TBA

12:00PM - 1:00PM         Lunch

1:00PM -   5:00PM         TBA


6:30PM Reception 7:00PM - 10:00PM Delegate Dinner


October 15th, 2015    Dayton Security Summit Day 2:

7:00AM - 8:00AM           5K Hacker Run

9:00AM - 12:00PM         TBA

12:00PM - 1:00PM         Lunch

1:00PM -   5:00PM         “Hiding From Robots”, Angus Blitter


October 16th, 2015

10:00AM - 2:00PM       HackSec Packetwars Invitational


6:00PM - ???       Reception & After Party


Times and Content Subject to Change


ABSTRACTS:


Hiding From Robots by Angus Blitter

The genie is out of the bottle, Elvis has left the building and robots will inherit the earth! How should humans respond to the inevitable evolution of automatons? Join the speaker as he describes the current pervasive robot culture and the eco-system propelling it forward. Marvel as he connects the dots and articulates the near future scenarios that warrant your consideration. Finally, he will posit reasonable responses for mitigating threats posed by robotic adversaries, including hiding, running away and playing dead.


A ROBOTS.TXT for your face by Adrian Dabrowski

Let's face it: Most countries have privacy laws to protect the citizen’s rights on his own image – but they are ineffective and unenforceable. Even the most careful photographer might not have the chance to ask all bystanders and unintentionally imaged people for their consent. The reality is, that almost no amateur photographer cares, and most professional photographer lives in constant fears of lawsuits. Maybe it is time to create a machine-readable privacy policy for everyone: a robots.txt for your own appearance, bridging the analogue gap between the pictured individual and the photographer. A method that would allow anyone who cares to know what permissions you gave for photographs of you. And court proof arguments for anyone who did not care.



Quantum Key Distribution by Michael R. Grimaila

Quantum Key Distribution (QKD) is a revolutionary security technology that exploits the laws of quantum mechanics to achieve information-theoretic secure key exchange. In this presentation, he will provide background and the basic principles of QKD and discuss vulnerabilities arising from the non-idealities present in real world QKD system implementations. Recent research findings will be presented, which provide insight into the performance and security of QKD systems.


HARES by Jacob Torrey

HARES is the logical extension of the MoRE work presented last year at DC8, providing seamless execution of fully-encrypted binaries on unmodified hardware with ~2% CPU overhead. This technology is far from a pipe dream, as Intel is soon releasing the SGX extension to their CPU and chipsets, providing encrypted enclave execution. This talk will provide a technical overview of the HARES system, and then pivot into discussion on the implications of encrypted execution and the very real possibility of un-reversible malware leveraging the trusted computing primitives used for defense to create "trusted implants".


SPEAKER DELEGATES:


Angus Blitter - Your host and resident media whore. Angus is the founder of Hack Sec Klahn, a like-minded group of technologists. Angus is also the creator of PacketWars™ (packetwars.com) the World's first Cyber Sport. Angus believes diversity is good for the species and hackers are a national resource. Old school, grey hat and previously plump, Angus still likes to eat, drink and hack.


Sergey Bratus - Is a Research Assistant Professor of Computer Science at Dartmouth College. His research interests include designing new operating system and hardware-based features to support more expressive and developer-friendly debugging, secure programming and reverse engineering; Linux kernel security (kernel exploits, LKM rootkits, and hardening patches); data organization and other AI techniques for better log and traffic analysis; and various kinds of wired and wireless network hacking. Before coming to Dartmouth, he worked on statistical learning methods for natural text processing and information extraction at BBN Technologies. He has a Ph.D. in Mathematics from Northeastern University. @sergeybratus


Adrian Dabrowski is PhD student at the University of Technology in Vienna and employed as researcher at SBA Research. In his Master's thesis written at SecLab, he focused on several RFID systems ranging from an electronic purse to a metropolitan size locking system. He had the opportunity to be on the winning iCTF (UCSB International Capture the-Flag) team in 2006 and 2011, where he co-organized the team in 2011-2013. In 2013 and 2014 he lived for 9 months in Tokyo, visiting the Echizen Group at the National Institute of Informatics (NII). He is holder of the IEEE Austria Diploma Thesis Award, won the ACSAC 2014 Best Student Paper Award, and was speaker at the technology symposium of European Forum Alpbach 2013, Troopers 2014 and several CCC congresses.

Twitter: @atrox_at

web: https://www.sba-research.org/team/researchers/adrian-dabrowski/


Michael R. Grimaila, PhD, CISM, CISSP (BS 1993, MS 1995, PhD 1999, Texas A&M University) - Is a Professor and Head of the Systems Engineering and Management department at the Air Force Institute of Technology (AFIT), Wright-Patterson AFB, Ohio, USA. He is a member of the Center for Cyberspace Research (CCR), designated as the Air Force Cyberspace Technical Center of Excellence (CyTCoE). Dr. Grimaila serves as a subject matter expert for multiple Department of Defense (DoD) organizations. Dr. Grimaila holds the Certified Information Security Manager (CISM), the Certified Information Systems Security Professional (CISSP), and the National Security Agency's INFOSEC Assessment Methodology (IAM) and INFOSEC Evaluation Methodology (IEM) certifications. Dr. Grimaila is a Fellow of the Information Systems Security Association (ISSA), a Senior Member of the Institute for Electrical and Electronics Engineers (IEEE), and is a member of the Association for Computing Machinery (ACM), Information Systems Audit and Control Association (ISACA), International Information Systems Security Certification Consortium (ISC2), Eta Kappa Nu, and Tau Beta Pi. Dr. Grimaila serves as a National Research Council (NRC) Research Advisor; a conference committee member of the NATO Cooperative Cyber Defense Centre of Excellence (CCD COE) International Conference on Cyber Conflict, Tallinn, Estonia; and as an advisor to the Prince of Wales Fellows / Prince Edward Fellows at MIT and Harvard. His research interests include computer engineering, mission assurance, quantum communications and cryptography, data analytics, network management and security, and systems engineering. He can be contacted via email at Michael.Grimaila@afit.edu.



Ron Gula - Started his career in information security at the National Security Agency conducting penetration tests of government networks and performing advanced vulnerability research. He was also the original author of the Dragon Intrusion Detection System and CTO of Network Security Wizards, acquired by Enterasys Networks. At Enterasys, Ron helped many financial, government, service providers and commercial companies to enhance their network security monitoring. While working for BBN and GTE Internetworking, Ron helped to develop one of the first commercial network honeypots and developed security policies for large carrier-class networks. Since co-founding Tenable Network Security in 2002, Ron has served as CEO. Under his leadership the company has become the leader in continuous network monitoring and is relied upon by organizations world-wide to identify vulnerabilities, reduce risk, and ensure compliance. @RonGula


Mike Sconzo - Has been around the Security Industry for quite some time, and is interested in creating and implementing new methods of detecting unknown and suspicious network activity as well as different approaches for file/malware analysis. This includes looking for protocol anomalies, patterns of network traffic, and various forms of static and dynamic file analysis. He works on reversing malware, tool creation for analysis, and threat intelligence. Currently a lot of his time is spent doing data exploration and tinkering with statistical analysis and machine learning.


Jacob Torrey - Is an Advising Research Engineer at Assured Information Security, Inc. where he leads the Computer Architectures group and acts as the site lead for the Colorado branch. Jacob has worked extensively with low-level x86 and MCU architectures, having written a BIOS, OS, hypervisor and SMM handler. His major interest is how to (mis)use an existing architecture to implement a capability currently beyond the limitations of the architecture. In addition to his research, Jacob volunteers his time organizing conferences in Denver (RMISC & BSidesDenver) and regular meet-ups across the front range. @JacobTorrey