lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAFFFQXE1OE5Hfd1PNHDCm6p+Q_O5nqi3OdxijQCusSo775uxoQ@mail.gmail.com>
Date: Mon, 9 Jul 2012 13:07:25 +0200
From: Fabien DUCHENE <f.duchene@...-online.fr>
To: bugtraq@...urityfocus.com
Subject: GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France)

----------------------------------------------
*CFP deadline EXTENDED till AUGUST 15TH 2012*
----------------------------------------------
*GreHack 2012* 3rd Call For Papers
http://grehack.org GreHack 2012 conference will take place in Grenoble
(Alps), France on October 19th-20th 2012 and brings together students,
academia, industry and government to exchange knowledge around
emerging issues in the security + hacking world. During the night, a
Capture The Flag will take place. Each paper is peer reviewed at least
3 times.

---------------------
*Suggested Topics (not limited to)*
---------------------
http://grehack.org/en/index.php/GreHack_2012-Call_For_Papers-english/
- Track: ethical, legal and philosophical
 -- greyhat hacking: a consumer advance, or a risk for worldwide security?
 -- current state of laws relative to cyber-security and hacking +
justified suggestions of modifications

- Track: technical
 -- Hadopi: why is it a technical and legal failure? how to exploit in
memory vulnerabilities of Hadopi approved software?
 -- In Memory Vulnerabilities
   --- Windows 8: heap analysis, kernel structures and new memory protections
   --- Exploit Corner: come present us your last sploit!
 -- Hardcore Penetration Testing
   --- Code obfuscation to complicate Reverse Engineering
   --- Discrete Attacks (eg: without writing on the filesystem)
   --- Hypervisor evasion
   --- Vulnerabilities and exploits on defensive security tools (eg:
AntiMalwares, Firewalls, IDS)
 -- Attacking Infrastructures
   --- Internet: how to root your ***box? Which security
functionalities (and properties) are provided? How to bypass them?
   --- ipsec, ipv6
   --- routing protocols
   --- wireless: 802.11, réseaux 3G, 4G, WiMAX, RFID
   --- sensor networks
 -- Malwares and Botnets
   --- state of the art of botnets redundancy mechanism
   --- self-code modification (polymorphism) of malwares
   --- ability of antimalwares to detect slighly mutated samples
   --- vulnerabilities in antimalwares drivers

- Track: research
 -- Learning and Offensive Security
   --- static and dynamic analysis
   --- dumb/simple/basic fuzzing and smart-fuzzing for automating
vulnerability detection
   --- metrics for exploitability of vulns (in memory, web)
   --- model checking
   --- advances in reverse-engineering automation and model inference
   --- concolic execution
 -- Hardware Attacks
   --- nanotechnology
   --- fault injection in memory via laser
   --- smart cards
   --- transportations
   --- medical tools
   --- embedded malwares
 -- Cryptology
   --- influence of the environment on PRNG entropy
   --- mathematic aspects in current cryptology
 -- Defensive Security
   --- Trust Based Computing
   --- New Access Control Models for processes isolation
   --- New H/W + S/W for increasing the cost of exploitation

*Remark*
 - We highly encourage original topics that break with traditional
research directions
 - We will favor presentations with tools demonstrations or results

---------------------
*Important Dates*
---------------------
 - CFP Opens: 1st May 2012
 - CFP Closing Date: EXTENDED to 15th August 2012 (due to several
requests. was initially 15th July 2012)
 - Final speakers List online: 09 September 2012
 - Conference Dates: 19 October 2012 9am-7pm
 - Capture The Flag: night (19 October 2012 9pm till 20 October 2012
6am Paris time :)

---------------------
*Program Committee*
---------------------
 - Florent Autreau (Mataru)
 - Claude Castelluccia (INRIA)
 - Fabien Duchene (LIG)
 - Philippe Elbaz-Vincent (UJF)
 - Karim Hossen (LIG)
 - Pascal Lafoucarde (VERIMAG)
 - Arnaud Maillet (Evidian R&D, Ensimag student)
 - Pascal Malterre (CEA)
 - Guillaume Touron (Ensimag student)
 - Marie-Laure Potet (VERIMAG)
 - anonymous researcher (private company in vulnerability research)

---------------------
*Invited Talks*
---------------------
- Eric Freyssinet (Botnet): From Observation to Investigation
- Christophe Devine (ANSSI) mobile telephony security: a compared
study. till what degree can we trust mobile operating systems and
radio protocols?
- Philippe Elbaz-Vincent (UJF) attacks on randomness of hardware Prime
Random Number Generator
- Regis Leveugle (TIMA) attacks on secure hardware
- Kostya Kortchinsky (Microsoft ; former of Immunity Inc.) - TBA

---------------------
*Speaker Benefits*
---------------------
 - Free pass to the conference
 - Accommodation during the Conference (1 night)
 - GreHack will participate to travel expenses (limited budget)

---------------------
*Submission Guidelines*
---------------------
Call for Papers is open till 15th August 2012.
Consider submitting even if your topic is not listed above.
http://grehack.org/index.php/GreHack_2012-Call_For_Papers-english
send your submission to: grehack-program_committee _A_T_ car-online.fr

---------------------
*Capture The Flag*
---------------------
http://grehack.org/index.php/GreHack-2012-Capture_The_Flag_rules-english

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ