Following is the EuroSec 2013 programme. The workshop will take place in room "Vzdělávací centrum". Follow @syssecproject or @EuroSecWorkshop on Twitter to stay up to date with the workshop news.
|9:00-10:00||Welcome and Keynote I|
|Welcome and introductionThorsten Holz, (Workshop Chair)|
Keynote: Miniduke, Teamspy: Targeted attacks with governmental targetsBoldizsár Bencsáth (CrySyS Lab, BME)
Abstract: Latest investigations uncovered two interesting series of malware based targeted attacks against high-profile targets, including governmental institutions. In February 2013, a new 0-day vulnerability was found to be used in the wild to infect computers with custom malware. About one week later, we found together with Kaspersky Labs new samples, where the same 0-day vulnerability was used, but the attackers used different malicious code to be installed on the targets. Investigations on the Miniduke campaign uncovered that many of the targets that could be identified are governmental institutions in more than 20 countries. Another attack campaign was revealed in March 2013, where investigations found that the attackers abused the legitimate software TeamViewer, hence, it is called TeamSpy. These attacks are also targeted and some victims are governmental institutions. In my presentation I will give details about these two recent investigations carried out by CrySyS Lab.
You Can Type, but You Can’t Hide: A Stealthy GPU-based Keylogger
Lazaros Koromilas, Giorgos Vasiliadis, Sotiris Ioannidis (Foundation for Research and Technology - Hellas),
Evangelos Ladakis (University of Crete),
Michalis Polychronakis (Columbia University)
A System Call-Centric Analysis and Stimulation Technique to Automatically Reconstruct Android Malware Behaviors
Alessandro Reina, Aristide Fattori (Università degli Studi di Milano),
Lorenzo Cavallaro (Royal Holloway, University of London)
|Beyond Instruction Level Taint Propagation Beng Heng Ng, Earlence Fernandes, Ajit Aluri, Zijiang James Yang, Atul Prakash (University of Michigan)|
|Dowser: a guided fuzzer to find buffer overflow vulnerabilities Istvan Haller, Asia Slowinska, Herbert Bos (VU University Amsterdam)|
Keynote: Wireless Security: from Anti-Jamming Communication to Secure LocalizationChristina Pöpper (ETH Zurich)
Abstract: With the wide proliferation of wireless devices, securing information sent over the wireless medium becomes vital. The wireless setting, however, introduces a number of challenges and limitations that cannot be fully resolved using traditional security solutions. In this talk, I will present investigations and solutions tailored to secure wireless communication scenarios. I focus on vulnerabilities to communication interference attacks in which attackers try to prevent the reception of the correct, timely information transmitted by the sender. In particular, my talk will address the following aspects: the vulnerability of wireless radio transmissions to signal-layer attacks, schemes for enabling communication under jamming attacks without shared secrets, and secure localization techniques (in particular resistance against spoofing attacks on GPS).
|Fast Software Encryption with SIMD Tilo Müller, Johannes Götzfried (FAU Erlangen-Nuremberg)|
|BusMonitor: A Hypervisor-Based Solution for Memory Bus Covert Channels Brendan Saltaformaggio, Dongyan Xu, Xiangyu Zhang (Purdue University)|
|Simple-to-use, Secure-by-design Networking in EthosW. Michael Petullo, Jon A. Solworth (University of Illinois at Chicago)|
|Decreasing System Availability on an Avionic Multicore Processor Using Directly Assigned PCI Express Devices Ole Isfort, Kevin Müller, Daniel Münch, Michael Paulitsch (EADS Deutschland GmbH)|