Speakers Speaker Bios & Topics
Andrea Barisani
Andrea Barisani is an internationally known security researcher. Since owning his first Commodore-64 he has never stopped studying new technologies,developing unconventional attack vectors.
His experiences focus on large-scale infrastructure administration and defense,forensic analysis, penetration testing and software development, with more than 10 years of professional experience in security consulting.
Being an active member of the international Open Source and security community he contributed to several projects, books and open standards. He is now the founder and coordinator of the oCERT effort, the Open Source Computer Emergency Response Team.
He has been a speaker and trainer at BlackHat, CanSecWest, DEFCON, Hack In The Box, PacSec conferences among many others, speaking about TEMPEST attacks, SatNav hacking, 0-days, OS hardening and many other topics.
      Chip&PIN is definitely broken
The EMV global standard for electronic payments is widely used for inter-operation between chip equipped credit/debit cards, Point of Sales devices and ATMs. We analyze in detail EMV flaws in PIN protection and illustrate skimming prototypes that can be covertly used to harvest credit card information as well as PIN numbers regardless the type/configuration of the card.
Fyodor Yarochkin
Fyodor Yarochkin (TSTF, o0o.nu) is a security analyst at Armorize. He is happy programmer and AI hobbyst in his free time.
       Milking the Internet: case studies of emerging cybercrime threats
This presentation will cover emerging internet threats and explore the financial motives and mechanisms behind modern cyber crime. The content of this presentation will consist of a set of incidents case studies raging from ISP and Telecom compromises, to banking networks and web hosting companies at enormous scale. We'll discuss the techniques used by attackers to compromise large number of systems and domains. Tools and toolkits that we have developed to monitor, investigate and analyze malicious activity; We will also examine the hidden part of the iceberg to understand motives behind such activities. For the presentation content, expect highly technical case studies mixed up with light-weight analysis data. For the tools coverage we'll discuss previously unreleased set of tools that we used to HTTP traffic hijacking attacks, MiM systems compromise and framework that we use for large scale data mining.
Chen XiaoBo
He is a research scientist of McAfee Labs. He participated in computer security since 2000, working on Scanner, HIPS products. Now he mainly focuses on vulnerabilities/new technologies for vulnerability exploitation and iOS exploitation.
       PWN Your iOS Device
iOS security research is one of the hottest research fields worldwide. But the work is not as easy as we imagine because iOS is tightly closed. With the publish of Jailbreakme 3.0, security of iOS devices catch more attention.
This topic will firstly introduce security protections of iOS include signature checking, sandboxing and ASLR. Then we focus on how to write exploit of iOS and ROP for ARM. Also the theory of Jailbreak will be discussed. After that, we talk about how to analyze kernel of iOS and ways to debug it. And at the last part, we will go deep inside Jailbreakme 3.0 and discuss the vulnerabilities used by it. You will see how does it bypass ASLR protection. Also we will analyze the sample file of Jailbreakme 3.0 and show how to modify it in order to execute our own application. Demo will be shown.
Xu Hao
He now focus on OSX/iOS software development and security research. Also he has more than 5 years experience on Windows security research. Main research areas: OSX/iOS/Windows security, Rootkit and malware, hardware virtualization technology, reverse engineering, smart card & PKI.
       Safari overflow exploit for windows,osx,ios
With the increase of Apple devices, security problems become more serious than before. Safari is widely used browser for all Apple device, also it could run on Windows. If there is a safari vulnerability, hackers could have many attack surface, include Windows, OSX and iOS.
This topic will discuss how to write safari exploit for those three environments. First, we will talk a little about Windows OS, include from XP to Win7. We will see that although Win7 security protection is well, it's still not hard to exploit it. Then we will go through OSX, include Leopard and Snow Leopard version. We focus on how to write exploit for Snow Leopard and show the demo. And last, the topic will discuss iOS. What do we have to learn to write exploit for iOS? What tools shall we prepare for it? And I will talk details about how to write exploit for iOS4.2. The demo will be shown.
Chengyun Chu
Chengyun Chu is a Senior Security Development lead of MSRC Engineering defense team. He joined Microsoft in 2001. He and his defense team generate mitigations and workarounds for use in the monthly Microsoft security bulletins, provide detailed vulnerability documentation for MSRC cases, and act as the engineering technical lead for the Microsoft company-wide Software Security Incident Response Process
       Microsoft's Counter-Zero Day Strategy part II
Zero day attacks represent one of the most difficult classes of issues for both Microsoft customers and the company¡¯s response teams. Two years ago at XCON 2009, Microsoft presented its strategy for countering threats from zero day vulnerabilities by increasing attacker costs and diminishing their returns. This presentation is a follow-up talk to discuss the progress Microsoft has made since then, including extending the Security Development Lifecycle (SDL) process for cloud and agile development, taint analysis and fuzzing, EMET, advanced workarounds, and more.
Zhao Shuang
Zhao Shuang, A student from Ministry of Education Key Lab for Intelligent Networks and Network Security, Xi'an Jiaotong University. Research interests include botnet, vulnerability analysis, mobile security, etc. Written "0day security: software vulnerability analysis"(2nd edition) with failwest, shineast, zihan and digexploit.
       A SMS/IRC based Android bot and some methods of APK security check
This paper describes the implementation method of a SMS/IRC based Android bot, and implement a demo with some basic control functions include sending messages, stealing information, etc, and then discusses how to bypass spam message blocking of security softwares. Then, this paper also discusses some static methods of APK security check, include permission check, function check and classification check, and implement a tool APKStatics for static security check of APK files.
Yang jin
Yang Jin served in COMODO Group in US and now work at Kingsoft Corporation Limited in Beijing as a security researcher. He engages in cloud security solution research and development based on Windows platform and system security research of Windows. In his spare time, he also dabbles in mobile platform £¨windows moblie¡¢android£©security research.
       Full featured kernel Rootkit ShadowHunter in Windows 7
This topic will focus on explaining full featured kernel Rootkit ShowHunter in Windows7 and show some demo to you.
This topic will specify each function module technique of ShadowHunter step by step, including file operation, network communication, basic resistance and strength hidden in kernel-mode and achieving real hidden by disk mirroring.
During the presentation, the demonstration of program¡¯s functions will be shown.
Xiangqian Jiang
Xiangqian Jiang is one of the members of bytehero Lab£¬and served in Harbin Engineering University. Now he mainly focus on the field of anti-virus.
       Research of User Account Information Security Protection in 3G era
With the rapid development of smart mobile terminals nowadays, E-commerce, On-line Banking Service, On-line Games, IM etc, will be more and more used in mobile communication industry. At the same time, an urgent challenge is came out in the information security industry, which is how to protect the security of user property .One of the steps which is important is that the security protection of user account information. The experiences in the Heuristic detection of Trojan in windows system are combined in this paper, and the new technology of Anti-Trojan in mobile terminals with heuristic Android Trojan detection as an example are detailed introduced in this paper.
Dean Pierce
Dean Pierce is a computer security researcher from Portland, Oregon.Over the years he has researched and worked on many areas of application and network security. His current line of research focuses on breaking and hardening Linux based environments.
       Lateral Movement Techniques in Modern Linux Environments
This talk outlines the complex and often overlooked internal escalation structure of running Linux servers and workstations. Real world examples will demonstrate how an attacker can leverage techniques such as dbus session hijacking, unix domain socket tampering, and ptrace injection into some surprising escalations. Best of all, this is how things are supposed to work, so these attack patterns are not going away any time soon.
Chen Huajiang
Chen Huajiang has gained his degree from Dundalk Institute of Technology. He has a Cisco CCNP certification.He enjoys all kinds of open source softwares & hardwares. Over these years, he has researched all kinds of wireless technologies. He used to work in an Irish Company engages in Network CCTV and Access control system.
       RFID Insecurity
This talk will introduce RFID history & current security status. Real world examples of powerful RFID research device Proxmark3. Mifare classic insecurity and datas analysises.In the end, advices how to design a secure RFID system will be given.

©2003-2011 XCon Organizing Committee & HuaYongXingAn Science Technology Co., Ltd. All rights Reserved.