lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 4 Aug 2012 19:25:46 -0500
From: Fabien DUCHENE <f.duchene@...-online.fr>
To: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: GreHack 2012 - LAST Call For Papers (Grenoble,
 France) till 15th August 2012

----------------------------------------------
*GreHack 2012* LAST Call For Papers .. till 15th August 2012.
----------------------------------------------
http://grehack.org GreHack 2012 conference will take place in Grenoble
(Alps), France on October 19th-20th 2012 and brings together students,
academia, industry and government to exchange knowledge around
emerging issues in the security + hacking world. During the night, a
Capture The Flag will take place. Each paper is peer reviewed at least 3
times.

---------------------
*Suggested Topics (not limited to)*
---------------------
http://grehack.org/en/index.php/GreHack_2012-Call_For_Papers-english/
- Track: ethical, legal and philosophical
-- greyhat hacking: a consumer advance, or a risk for worldwide security?
-- current state of laws relative to cyber-security and hacking +
justified suggestions of modifications

- Track: technical
-- Hadopi: why is it a technical and legal failure? how to exploit in
memory vulnerabilities of Hadopi approved software?
-- In Memory Vulnerabilities
  --- Windows 8: heap analysis, kernel structures and new memory protections
  --- Exploit Corner: come present us your last sploit!
-- Hardcore Penetration Testing
  --- Code obfuscation to complicate Reverse Engineering
  --- Discrete Attacks (eg: without writing on the filesystem)
  --- Hypervisor evasion
  --- Vulnerabilities and exploits on defensive security tools (eg:
AntiMalwares, Firewalls, IDS)
-- Attacking Infrastructures
  --- Internet: how to root your ***box? Which security
functionalities (and properties) are provided? How to bypass them?
  --- ipsec, ipv6
  --- routing protocols
  --- wireless: 802.11, réseaux 3G, 4G, WiMAX, RFID
  --- sensor networks
-- Malwares and Botnets
  --- state of the art of botnets redundancy mechanism
  --- self-code modification (polymorphism) of malwares
  --- ability of antimalwares to detect slighly mutated samples
  --- vulnerabilities in antimalwares drivers

- Track: research
-- Learning and Offensive Security
  --- static and dynamic analysis
  --- dumb/simple/basic fuzzing and smart-fuzzing for automating
vulnerability detection
  --- metrics for exploitability of vulns (in memory, web)
  --- model checking
  --- advances in reverse-engineering automation and model inference
  --- concolic execution
-- Hardware Attacks
  --- nanotechnology
  --- fault injection in memory via laser
  --- smart cards
  --- transportations
  --- medical tools
  --- embedded malwares
-- Cryptology
  --- influence of the environment on PRNG entropy
  --- mathematic aspects in current cryptology
-- Defensive Security
  --- Trust Based Computing
  --- New Access Control Models for processes isolation
  --- New H/W + S/W for increasing the cost of exploitation

*Remark*
- We highly encourage original topics that break with traditional
research directions
- We will favor presentations with tools demonstrations or results

---------------------
*Important Dates*
---------------------
- CFP Opens: 1st May 2012
- CFP Closing Date: EXTENDED to 15th August 2012 (due to several
requests. was initially 15th July 2012)
- Final speakers List online: 09 September 2012
- Conference Dates: 19 October 2012 9am-7pm
- Capture The Flag: night (19 October 2012 9pm till 20 October 2012
6am Paris time :)

---------------------
*Program Committee*
---------------------

- Dan Alloun (Intel)
- Florent Autreau (Mataru)
- Claude Castelluccia (INRIA)
- Fabien Duchene (LIG)
- Philippe Elbaz-Vincent (UJF)
- Karim Hossen (LIG)
- Pascal Lafoucarde (VERIMAG)
- Arnaud Maillet (Evidian R&D, Ensimag student)
- Pascal Malterre (CEA)
- Sanjay Rawat (LIG)
- Guillaume Touron (Ensimag student)
- Marie-Laure Potet (VERIMAG)
- anonymous researcher (private company in vulnerability research)

---------------------
*Invited Talks*
---------------------
- Eric Freyssinet (LIP6, Gendarmerie) Botnet: From Observation to
Investigation
- Christophe Devine (ANSSI) mobile telephony security: a compared
study. till what degree can we trust mobile operating systems and
radio protocols?
- Philippe Elbaz-Vincent (UJF) attacks on randomness of hardware Prime
Random Number Generator
- Regis Leveugle (TIMA) attacks on secure hardware
- Kostya Kortchinsky (Microsoft and formerly Immunity Inc.) - TBA

---------------------
*Speaker Benefits*
---------------------
- Free pass to the conference
- Accommodation during the Conference (1 night)
- GreHack will participate to travel expenses (limited budget)

---------------------
*Submission Guidelines*
---------------------
Call for Papers is open till 15th August 2012.
Consider submitting even if your topic is not listed above.
http://grehack.org/index.php/GreHack_2012-Call_For_Papers-english
send your submission to: grehack-program_committee _A_T_ car-online.fr

---------------------
*Capture The Flag*
---------------------
http://grehack.org/index.php/GreHack-2012-Capture_The_Flag_rules-english

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists